Task #52026 - gpgme-1.24.2-1.fc43/scan-results.err
back to task #52026download
Error: SHELLCHECK_WARNING (CWE-156):
/usr/bin/gpgme-config:2:28: warning[SC2046]: Quote this to prevent word splitting.
# 1| #!/usr/bin/sh
# 2|-> exec /usr/bin/gpgme-config.$(arch) $@
Error: SHELLCHECK_WARNING (CWE-88):
/usr/bin/gpgme-config:2:36: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
# 1| #!/usr/bin/sh
# 2|-> exec /usr/bin/gpgme-config.$(arch) $@
Error: SHELLCHECK_WARNING (CWE-563):
/usr/bin/gpgme-config.x86_64:41:1: warning[SC2034]: libs_pthread appears unused. Verify use (or export if used externally).
# 39| # thread modules variable.
# 40| thread_modules="$thread_modules pthread"
# 41|-> libs_pthread="-lpthread"
# 42| cflags_pthread=""
# 43|
Error: SHELLCHECK_WARNING (CWE-457):
/usr/bin/gpgme-config.x86_64:128:37: warning[SC2154]: assuan_cflags is referenced but not assigned.
# 126| esac
# 127| test "x$with_glib" = "xyes" && tmp_g="$cflags_glib"
# 128|-> for i in $cflags $tmp_c $assuan_cflags $gpg_error_cflags $tmp_g ; do
# 129| skip=no
# 130| case $i in
Error: SHELLCHECK_WARNING (CWE-457):
/usr/bin/gpgme-config.x86_64:164:35: warning[SC2154]: assuan_libs is referenced but not assigned.
# 162| ;;
# 163| esac
# 164|-> for i in $libs $tmp_l $assuan_libs $gpg_error_libs $tmp_x; do
# 165| skip=no
# 166| case $i in
Error: SHELLCHECK_WARNING (CWE-457):
/usr/bin/gpgme-config.x86_64:164:48: warning[SC2154]: gpg_error_libs is referenced but not assigned.
# 162| ;;
# 163| esac
# 164|-> for i in $libs $tmp_l $assuan_libs $gpg_error_libs $tmp_x; do
# 165| skip=no
# 166| case $i in
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:199:23: warning[-Wanalyzer-malloc-leak]: leak of ‘opt_date’
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:142:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:155:10: branch_true: following ‘true’ branch...
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:158:10: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:163:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:163:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:174:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:198:26: call_function: calling ‘xstrdup’ from ‘main’
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:198:26: return_function: returning to ‘main’ from ‘xstrdup’
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:155:10: branch_true: following ‘true’ branch...
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:158:10: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:163:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:163:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:174:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:198:26: call_function: calling ‘xstrdup’ from ‘main’
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:198:26: return_function: returning to ‘main’ from ‘xstrdup’
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:199:23: danger: ‘opt_date’ leaks here; was allocated at [(12)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/11)
# 197| {
# 198| opt_date = xstrdup (*argv);
# 199|-> argc--; argv++;
# 200| }
# 201| }
Error: CPPCHECK_WARNING (CWE-457):
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:785: warning[uninitvar]: Uninitialized variable: buff
# 783| *r = 0;
# 784| }
# 785|-> return buff;
# 786| }
# 787|
Error: CPPCHECK_WARNING (CWE-476):
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:1681: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: data
# 1679| SwigPyClientData *data = (SwigPyClientData *)malloc(sizeof(SwigPyClientData));
# 1680| /* the klass element */
# 1681|-> data->klass = obj;
# 1682| SWIG_Py_INCREF(data->klass);
# 1683| /* the newraw method and newargs arguments used to create a new raw instance */
Error: CPPCHECK_WARNING (CWE-476):
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:1682: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: data
# 1680| /* the klass element */
# 1681| data->klass = obj;
# 1682|-> SWIG_Py_INCREF(data->klass);
# 1683| /* the newraw method and newargs arguments used to create a new raw instance */
# 1684| if (PyClass_Check(obj)) {
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:3960:10: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
# 3960 | *obj = value;
# | ~~~~~^~~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_error_t_p_assign’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:49010:17: note: ‘arg2’ was declared here
#49010 | gpgme_error_t arg2 ;
# | ^~~~
# 3958|
# 3959| static void gpgme_error_t_p_assign(gpgme_error_t *obj, gpgme_error_t value) {
# 3960|-> *obj = value;
# 3961| }
# 3962|
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_data_seek’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:4158:14: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
# 4158 | result = gpgme_data_seek(arg1,arg2,arg3);
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:4119:9: note: ‘arg2’ was declared here
# 4119 | off_t arg2 ;
# | ^~~~
# 4156| {
# 4157| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
# 4158|-> result = gpgme_data_seek(arg1,arg2,arg3);
# 4159| SWIG_PYTHON_THREAD_END_ALLOW;
# 4160| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_strerror’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:4718:22: warning[-Wmaybe-uninitialized]: ‘arg1’ may be used uninitialized
# 4718 | result = (char *)gpgme_strerror(arg1);
# | ^~~~~~~~~~~~~~~~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:4699:17: note: ‘arg1’ was declared here
# 4699 | gpgme_error_t arg1 ;
# | ^~~~
# 4716| {
# 4717| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
# 4718|-> result = (char *)gpgme_strerror(arg1);
# 4719| SWIG_PYTHON_THREAD_END_ALLOW;
# 4720| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_strerror_r’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:4773:14: warning[-Wmaybe-uninitialized]: ‘arg1’ may be used uninitialized
# 4773 | result = (int)gpgme_strerror_r(arg1,arg2,arg3);
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:4730:15: note: ‘arg1’ was declared here
# 4730 | gpg_error_t arg1 ;
# | ^~~~
# 4771| {
# 4772| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
# 4773|-> result = (int)gpgme_strerror_r(arg1,arg2,arg3);
# 4774| SWIG_PYTHON_THREAD_END_ALLOW;
# 4775| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_strsource’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:4814:22: warning[-Wmaybe-uninitialized]: ‘arg1’ may be used uninitialized
# 4814 | result = (char *)gpgme_strsource(arg1);
# | ^~~~~~~~~~~~~~~~~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:4795:17: note: ‘arg1’ was declared here
# 4795 | gpgme_error_t arg1 ;
# | ^~~~
# 4812| {
# 4813| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
# 4814|-> result = (char *)gpgme_strsource(arg1);
# 4815| SWIG_PYTHON_THREAD_END_ALLOW;
# 4816| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_err_code_to_errno’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:4875:14: warning[-Wmaybe-uninitialized]: ‘arg1’ may be used uninitialized
# 4875 | result = (int)gpgme_err_code_to_errno(arg1);
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:4856:20: note: ‘arg1’ was declared here
# 4856 | gpgme_err_code_t arg1 ;
# | ^~~~
# 4873| {
# 4874| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
# 4875|-> result = (int)gpgme_err_code_to_errno(arg1);
# 4876| SWIG_PYTHON_THREAD_END_ALLOW;
# 4877| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_err_make_from_errno’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:4960:14: warning[-Wmaybe-uninitialized]: ‘arg1’ may be used uninitialized
# 4960 | result = gpgme_err_make_from_errno(arg1,arg2);
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:4934:22: note: ‘arg1’ was declared here
# 4934 | gpgme_err_source_t arg1 ;
# | ^~~~
# 4958| {
# 4959| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
# 4960|-> result = gpgme_err_make_from_errno(arg1,arg2);
# 4961| SWIG_PYTHON_THREAD_END_ALLOW;
# 4962| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap__gpgme_key_sig_status_set’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:8764:30: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
# 8764 | if (arg1) (arg1)->status = arg2;
# | ~~~~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:8740:17: note: ‘arg2’ was declared here
# 8740 | gpgme_error_t arg2 ;
# | ^~~~
# 8762| {
# 8763| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
# 8764|-> if (arg1) (arg1)->status = arg2;
# 8765| SWIG_PYTHON_THREAD_END_ALLOW;
# 8766| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap__gpgme_invalid_key_reason_set’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:13036:30: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#13036 | if (arg1) (arg1)->reason = arg2;
# | ~~~~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:13012:17: note: ‘arg2’ was declared here
#13012 | gpgme_error_t arg2 ;
# | ^~~~
#13034| {
#13035| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#13036|-> if (arg1) (arg1)->reason = arg2;
#13037| SWIG_PYTHON_THREAD_END_ALLOW;
#13038| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_io_event_done_data_err_set’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:14712:27: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#14712 | if (arg1) (arg1)->err = arg2;
# | ~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:14688:17: note: ‘arg2’ was declared here
#14688 | gpgme_error_t arg2 ;
# | ^~~~
#14710| {
#14711| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#14712|-> if (arg1) (arg1)->err = arg2;
#14713| SWIG_PYTHON_THREAD_END_ALLOW;
#14714| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_io_event_done_data_op_err_set’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:14779:30: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#14779 | if (arg1) (arg1)->op_err = arg2;
# | ~~~~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:14755:17: note: ‘arg2’ was declared here
#14755 | gpgme_error_t arg2 ;
# | ^~~~
#14777| {
#14778| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#14779|-> if (arg1) (arg1)->op_err = arg2;
#14780| SWIG_PYTHON_THREAD_END_ALLOW;
#14781| }
Error: CPPCHECK_WARNING (CWE-457):
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:16356: error[legacyUninitvar]: Uninitialized variable: arg2
#16354| {
#16355| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#16356|-> result = gpgme_data_new_from_estream(arg1,arg2);
#16357| SWIG_PYTHON_THREAD_END_ALLOW;
#16358| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_data_new_from_filepart’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:16768:14: warning[-Wmaybe-uninitialized]: ‘arg4’ may be used uninitialized
#16768 | result = gpgme_data_new_from_filepart(arg1,(char const *)arg2,arg3,arg4,arg5);
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:16704:9: note: ‘arg4’ was declared here
#16704 | off_t arg4 ;
# | ^~~~
#16766| {
#16767| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#16768|-> result = gpgme_data_new_from_filepart(arg1,(char const *)arg2,arg3,arg4,arg5);
#16769| SWIG_PYTHON_THREAD_END_ALLOW;
#16770| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap__gpgme_recipient_status_set’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:21694:30: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#21694 | if (arg1) (arg1)->status = arg2;
# | ~~~~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:21670:17: note: ‘arg2’ was declared here
#21670 | gpgme_error_t arg2 ;
# | ^~~~
#21692| {
#21693| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#21694|-> if (arg1) (arg1)->status = arg2;
#21695| SWIG_PYTHON_THREAD_END_ALLOW;
#21696| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap__gpgme_signature_status_set’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:27385:30: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#27385 | if (arg1) (arg1)->status = arg2;
# | ~~~~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:27361:17: note: ‘arg2’ was declared here
#27361 | gpgme_error_t arg2 ;
# | ^~~~
#27383| {
#27384| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#27385|-> if (arg1) (arg1)->status = arg2;
#27386| SWIG_PYTHON_THREAD_END_ALLOW;
#27387| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap__gpgme_signature_validity_reason_set’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:28084:39: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#28084 | if (arg1) (arg1)->validity_reason = arg2;
# | ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:28060:17: note: ‘arg2’ was declared here
#28060 | gpgme_error_t arg2 ;
# | ^~~~
#28082| {
#28083| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#28084|-> if (arg1) (arg1)->validity_reason = arg2;
#28085| SWIG_PYTHON_THREAD_END_ALLOW;
#28086| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap__gpgme_import_status_result_set’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:31690:30: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#31690 | if (arg1) (arg1)->result = arg2;
# | ~~~~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:31666:17: note: ‘arg2’ was declared here
#31666 | gpgme_error_t arg2 ;
# | ^~~~
#31688| {
#31689| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#31690|-> if (arg1) (arg1)->result = arg2;
#31691| SWIG_PYTHON_THREAD_END_ALLOW;
#31692| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_op_receive_keys_start’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:33661:19: warning[-Wmaybe-uninitialized]: ‘size2’ may be used uninitialized
#33661 | for (i = 0; i < size2; i++)
# | ~~^~~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:33589:10: note: ‘size2’ was declared here
#33589 | size_t size2 ;
# | ^~~~~
#33659| size_t i;
#33660| free(vector2);
#33661|-> for (i = 0; i < size2; i++)
#33662| Py_XDECREF(pyVector2[i]);
#33663| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_op_receive_keys’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:33747:19: warning[-Wmaybe-uninitialized]: ‘size2’ may be used uninitialized
#33747 | for (i = 0; i < size2; i++)
# | ~~^~~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:33675:10: note: ‘size2’ was declared here
#33675 | size_t size2 ;
# | ^~~~~
#33745| size_t i;
#33746| free(vector2);
#33747|-> for (i = 0; i < size2; i++)
#33748| Py_XDECREF(pyVector2[i]);
#33749| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_op_export_ext_start’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:34540:19: warning[-Wmaybe-uninitialized]: ‘size2’ may be used uninitialized
#34540 | for (i = 0; i < size2; i++)
# | ~~^~~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:34335:10: note: ‘size2’ was declared here
#34335 | size_t size2 ;
# | ^~~~~
#34538| size_t i;
#34539| free(vector2);
#34540|-> for (i = 0; i < size2; i++)
#34541| Py_XDECREF(pyVector2[i]);
#34542| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_op_export_ext’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:34856:19: warning[-Wmaybe-uninitialized]: ‘size2’ may be used uninitialized
#34856 | for (i = 0; i < size2; i++)
# | ~~^~~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:34651:10: note: ‘size2’ was declared here
#34651 | size_t size2 ;
# | ^~~~~
#34854| size_t i;
#34855| free(vector2);
#34856|-> for (i = 0; i < size2; i++)
#34857| Py_XDECREF(pyVector2[i]);
#34858| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_op_keylist_ext_start’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:40192:19: warning[-Wmaybe-uninitialized]: ‘size2’ may be used uninitialized
#40192 | for (i = 0; i < size2; i++)
# | ~~^~~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:40106:10: note: ‘size2’ was declared here
#40106 | size_t size2 ;
# | ^~~~~
#40190| size_t i;
#40191| free(vector2);
#40192|-> for (i = 0; i < size2; i++)
#40193| Py_XDECREF(pyVector2[i]);
#40194| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_op_spawn_start’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:41761:19: warning[-Wmaybe-uninitialized]: ‘size3’ may be used uninitialized
#41761 | for (i = 0; i < size3; i++)
# | ~~^~~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:41636:10: note: ‘size3’ was declared here
#41636 | size_t size3 ;
# | ^~~~~
#41759| size_t i;
#41760| free(vector3);
#41761|-> for (i = 0; i < size3; i++)
#41762| Py_XDECREF(pyVector3[i]);
#41763| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_op_spawn’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:41906:19: warning[-Wmaybe-uninitialized]: ‘size3’ may be used uninitialized
#41906 | for (i = 0; i < size3; i++)
# | ~~^~~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:41781:10: note: ‘size3’ was declared here
#41781 | size_t size3 ;
# | ^~~~~
#41904| size_t i;
#41905| free(vector3);
#41906|-> for (i = 0; i < size3; i++)
#41907| Py_XDECREF(pyVector3[i]);
#41908| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap__gpgme_op_assuan_result_err_set’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:48297:27: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#48297 | if (arg1) (arg1)->err = arg2;
# | ~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:48273:17: note: ‘arg2’ was declared here
#48273 | gpgme_error_t arg2 ;
# | ^~~~
#48295| {
#48296| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#48297|-> if (arg1) (arg1)->err = arg2;
#48298| SWIG_PYTHON_THREAD_END_ALLOW;
#48299| }
Error: COMPILER_WARNING (CWE-477):
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/helpers.c: scope_hint: In function ‘_gpg_stash_callback_exception’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/helpers.c:119:3: warning[-Wdeprecated-declarations]: ‘PyWeakref_GetObject’ is deprecated
# 119 | self = PyWeakref_GetObject(weak_self);
# | ^~~~
/usr/include/python3.13/Python.h:113: included_from: Included from here.
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/helpers.c:30: included_from: Included from here.
/usr/include/python3.13/weakrefobject.h:30:44: note: declared here
# 30 | Py_DEPRECATED(3.13) PyAPI_FUNC(PyObject *) PyWeakref_GetObject(PyObject *ref);
# | ^~~~~~~~~~~~~~~~~~~
# 117| }
# 118|
# 119|-> self = PyWeakref_GetObject(weak_self);
# 120| /* self only has a borrowed reference. */
# 121| if (self == Py_None) {
Error: COMPILER_WARNING (CWE-477):
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/helpers.c:119:3: warning[-Wdeprecated-declarations]: ‘PyWeakref_GetObject’ is deprecated
# 117| }
# 118|
# 119|-> self = PyWeakref_GetObject(weak_self);
# 120| /* self only has a borrowed reference. */
# 121| if (self == Py_None) {
Error: GCC_ANALYZER_WARNING (CWE-465):
gpgme-1.24.2/build-qt6/src/../../src/data-identify.c:453:18: warning[-Wanalyzer-deref-before-check]: check of 'data' for NULL after already dereferencing it
gpgme-1.24.2/build-qt6/src/../../src/data-identify.c:316:6: branch_false: following 'false' branch (when 'datalen > 23')...
gpgme-1.24.2/build-qt6/src/../../src/data-identify.c:346:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/data-identify.c:441:6: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/data-identify.c:453:8: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/data-identify.c:453:18: danger: pointer 'data' is checked for NULL here but it was already dereferenced at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
# 451|
# 452| /* Now check whether there are armor lines. */
# 453|-> for (s = data; s && *s; s = (*s=='\n')?(s+1):((s=strchr (s,'\n'))?(s+1):s))
# 454| {
# 455| if (!strncmp (s, "-----BEGIN ", 11))
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/src/../../src/data.c:624:14: warning[-Wanalyzer-malloc-leak]: leak of 'malloc((long unsigned int)*dh.io_buffer_size)'
gpgme-1.24.2/build-qt6/src/../../src/data.c:619:6: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/data.c:621:12: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/data.c:621:10: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/data.c:623:32: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/data.c:623:32: acquire_memory: allocated here
gpgme-1.24.2/build-qt6/src/../../src/data.c:624:14: danger: 'malloc((long unsigned int)*dh.io_buffer_size)' leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
# 622| {
# 623| dh->inbound_buffer = malloc (dh->io_buffer_size);
# 624|-> if (!dh->inbound_buffer)
# 625| return TRACE_ERR (gpg_error_from_syserror ());
# 626| }
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/src/../../src/data.c:684:14: warning[-Wanalyzer-malloc-leak]: leak of 'malloc((long unsigned int)*dh.io_buffer_size)'
gpgme-1.24.2/build-qt6/src/../../src/data.c:679:6: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/data.c:681:12: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/data.c:681:10: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/data.c:683:33: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/data.c:683:33: acquire_memory: allocated here
gpgme-1.24.2/build-qt6/src/../../src/data.c:684:14: danger: 'malloc((long unsigned int)*dh.io_buffer_size)' leaks here; was allocated at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
# 682| {
# 683| dh->outbound_buffer = malloc (dh->io_buffer_size);
# 684|-> if (!dh->outbound_buffer)
# 685| return TRACE_ERR (gpg_error_from_syserror ());
# 686| dh->outbound_pending = 0;
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1628:12: warning[-Wanalyzer-malloc-leak]: leak of 'cmd'
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1590:1: enter_function: entry to 'gpgsm_export'
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1609:9: acquire_memory: allocated here
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1610:6: branch_false: following 'false' branch (when 'cmd' is non-NULL)...
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1613:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1625:9: call_function: calling 'gpgsm_set_fd' from 'gpgsm_export'
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1625:9: return_function: returning to 'gpgsm_export' from 'gpgsm_set_fd'
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1627:6: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1628:12: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1628:12: danger: 'cmd' leaks here; was allocated at [(2)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/1)
# 1626| : map_data_enc (gpgsm->output_cb.data));
# 1627| if (err)
# 1628|-> return err;
# 1629| gpgsm_clear_fd (gpgsm, INPUT_FD);
# 1630| gpgsm_clear_fd (gpgsm, MESSAGE_FD);
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1735:12: warning[-Wanalyzer-malloc-leak]: leak of 'line'
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1640:1: enter_function: entry to 'gpgsm_export_ext'
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1678:10: acquire_memory: allocated here
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1679:6: branch_false: following 'false' branch (when 'line' is non-NULL)...
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1682:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1732:9: call_function: calling 'gpgsm_set_fd' from 'gpgsm_export_ext'
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1732:9: return_function: returning to 'gpgsm_export_ext' from 'gpgsm_set_fd'
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1734:6: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1735:12: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1735:12: danger: 'line' leaks here; was allocated at [(2)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/1)
# 1733| : map_data_enc (gpgsm->output_cb.data));
# 1734| if (err)
# 1735|-> return err;
# 1736| gpgsm_clear_fd (gpgsm, INPUT_FD);
# 1737| gpgsm_clear_fd (gpgsm, MESSAGE_FD);
Error: GCC_ANALYZER_WARNING (CWE-457):
gpgme-1.24.2/build-qt6/src/../../src/key.c:470:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'key'
gpgme-1.24.2/build-qt6/src/../../src/key.c:459:1: enter_function: entry to 'gpgme_key_from_uid'
gpgme-1.24.2/build-qt6/src/../../src/key.c:465:9: call_function: calling '_gpgme_key_new' from 'gpgme_key_from_uid'
gpgme-1.24.2/build-qt6/src/../../src/key.c:465:9: return_function: returning to 'gpgme_key_from_uid' from '_gpgme_key_new'
gpgme-1.24.2/build-qt6/src/../../src/key.c:466:6: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/key.c:470:9: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/key.c:470:9: danger: use of uninitialized value 'key' here
# 468|
# 469| /* Note: protocol doesn't matter if only email is provided. */
# 470|-> err = _gpgme_key_append_name (key, name, 0);
# 471| if (err)
# 472| gpgme_key_unref (key);
Error: GCC_ANALYZER_WARNING (CWE-775):
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:648:35: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open("/dev/null", 2)'
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:549:6: branch_false: following 'false' branch (when 'pid != -1')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:552:6: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:552:6: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:555:18: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:555:10: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:564:14: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:640:20: acquire_resource: opened here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:641:18: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:648:35: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:653:18: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:655:23: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:648:35: danger: 'open("/dev/null", 2)' leaks here; was opened at [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6)
# 646| }
# 647| /* Make sure that the process has connected stdin. */
# 648|-> if (! seen_stdin && fd != 0)
# 649| {
# 650| if (dup2 (fd, 0) == -1)
Error: GCC_ANALYZER_WARNING (CWE-775):
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:650:22: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'dup2(open("/dev/null", 2), 0)'
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:549:6: branch_false: following 'false' branch (when 'pid != -1')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:552:6: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:552:6: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:555:18: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:555:10: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:564:14: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:641:18: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:648:35: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:648:18: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:650:23: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:650:23: acquire_resource: opened here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:650:22: danger: 'dup2(open("/dev/null", 2), 0)' leaks here; was opened at [(11)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/10)
# 648| if (! seen_stdin && fd != 0)
# 649| {
# 650|-> if (dup2 (fd, 0) == -1)
# 651| _exit (8);
# 652| }
Error: GCC_ANALYZER_WARNING:
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:650:23: warning[-Wanalyzer-fd-use-without-check]: 'dup2' on possibly invalid file descriptor '0'
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:549:6: branch_false: following 'false' branch (when 'pid != -1')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:552:6: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:552:6: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:555:18: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:555:10: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:564:14: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:593:24: branch_true: following 'true' branch (when 'max_fds > fd')...
<unknown>: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:598:18: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:599:17: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:599:17: release_resource: closed here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:641:18: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:648:35: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:648:18: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:650:23: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:650:23: danger: '0' could be invalid
# 648| if (! seen_stdin && fd != 0)
# 649| {
# 650|-> if (dup2 (fd, 0) == -1)
# 651| _exit (8);
# 652| }
Error: GCC_ANALYZER_WARNING (CWE-775):
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:655:22: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'dup2(open("/dev/null", 2), 1)'
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:549:6: branch_false: following 'false' branch (when 'pid != -1')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:552:6: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:552:6: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:555:18: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:555:10: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:564:14: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:641:18: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:648:35: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:653:18: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:655:23: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:655:23: acquire_resource: opened here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:655:22: danger: 'dup2(open("/dev/null", 2), 1)' leaks here; was opened at [(11)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/10)
# 653| if (! seen_stdout && fd != 1)
# 654| {
# 655|-> if (dup2 (fd, 1) == -1)
# 656| _exit (8);
# 657| }
Error: GCC_ANALYZER_WARNING:
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:655:23: warning[-Wanalyzer-fd-use-without-check]: 'dup2' on possibly invalid file descriptor '1'
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:549:6: branch_false: following 'false' branch (when 'pid != -1')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:552:6: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:552:6: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:555:18: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:555:10: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:564:14: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:593:24: branch_true: following 'true' branch (when 'max_fds > fd')...
<unknown>: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:598:18: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:599:17: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:593:24: branch_true: following 'true' branch (when 'max_fds > fd')...
<unknown>: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:598:18: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:599:17: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:599:17: release_resource: closed here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:603:23: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:638:15: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:638:14: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:640:20: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:641:18: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:648:35: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:653:18: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:655:23: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:655:23: danger: '1' could be invalid
# 653| if (! seen_stdout && fd != 1)
# 654| {
# 655|-> if (dup2 (fd, 1) == -1)
# 656| _exit (8);
# 657| }
Error: GCC_ANALYZER_WARNING (CWE-775):
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:660:22: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'dup2(open("/dev/null", 2), 2)'
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:549:6: branch_false: following 'false' branch (when 'pid != -1')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:552:6: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:552:6: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:555:18: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:555:10: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:564:14: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:641:18: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:648:35: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:655:22: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:658:19: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:658:18: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:660:23: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:660:23: acquire_resource: opened here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:660:22: danger: 'dup2(open("/dev/null", 2), 2)' leaks here; was opened at [(13)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/12)
# 658| if (! seen_stderr && fd != 2)
# 659| {
# 660|-> if (dup2 (fd, 2) == -1)
# 661| _exit (8);
# 662| }
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/src/../../src/sign.c:207:12: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
gpgme-1.24.2/build-qt6/src/../../src/sign.c:310:1: enter_function: entry to '_gpgme_sign_status_handler'
gpgme-1.24.2/build-qt6/src/../../src/sign.c:323:6: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/sign.c:326:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/sign.c:330:13: call_function: calling 'parse_sig_created' from '_gpgme_sign_status_handler'
# 205| sig = malloc (sizeof (*sig));
# 206| if (!sig)
# 207|-> return gpg_error_from_syserror ();
# 208|
# 209| sig->next = NULL;
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/src/../../src/sign.c:207:12: warning[-Wanalyzer-malloc-leak]: leak of 'sig'
gpgme-1.24.2/build-qt6/src/../../src/sign.c:310:1: enter_function: entry to '_gpgme_sign_status_handler'
gpgme-1.24.2/build-qt6/src/../../src/sign.c:323:6: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/sign.c:326:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/sign.c:330:13: call_function: calling 'parse_sig_created' from '_gpgme_sign_status_handler'
# 205| sig = malloc (sizeof (*sig));
# 206| if (!sig)
# 207|-> return gpg_error_from_syserror ();
# 208|
# 209| sig->next = NULL;
Error: GCC_ANALYZER_WARNING (CWE-787):
gpgme-1.24.2/build-qt6/src/../../src/signers.c:85:9: warning[-Wanalyzer-out-of-bounds]: buffer overflow
gpgme-1.24.2/build-qt6/src/../../src/signers.c:72:6: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/signers.c:75:7: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/signers.c:75:6: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/signers.c:78:15: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/signers.c:82:10: branch_false: following 'false' branch (when 'newarr' is non-NULL)...
gpgme-1.24.2/build-qt6/src/../../src/signers.c:84:16: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/signers.c:84:35: branch_true: following 'true' branch (when 'j < n')...
gpgme-1.24.2/build-qt6/src/../../src/signers.c:85:15: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/signers.c:84:35: branch_true: following 'true' branch (when 'j < n')...
gpgme-1.24.2/build-qt6/src/../../src/signers.c:85:15: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/signers.c:84:35: branch_true: following 'true' branch (when 'j < n')...
gpgme-1.24.2/build-qt6/src/../../src/signers.c:85:15: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/signers.c:84:35: branch_true: following 'true' branch (when 'j < n')...
gpgme-1.24.2/build-qt6/src/../../src/signers.c:85:15: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/signers.c:84:35: branch_true: following 'true' branch (when 'j < n')...
gpgme-1.24.2/build-qt6/src/../../src/signers.c:85:15: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/signers.c:84:35: branch_true: following 'true' branch (when 'j < n')...
gpgme-1.24.2/build-qt6/src/../../src/signers.c:85:15: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/signers.c:85:9: danger: write of 8 bytes at offset '(long unsigned int)j * 8' exceeds '*newarr'
# 83| return TRACE_ERR (gpg_error_from_syserror ());
# 84| for (j = ctx->signers_size; j < n; j++)
# 85|-> newarr[j] = NULL;
# 86| ctx->signers = newarr;
# 87| ctx->signers_size = n;
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/src/../../src/verify.c:429:6: warning[-Wanalyzer-malloc-leak]: leak of '*sig.fpr'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:930:1: enter_function: entry to '_gpgme_verify_status_handler'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:941:6: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/verify.c:944:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/verify.c:969:14: branch_true: following 'true' branch (when 'sig' is non-NULL)...
gpgme-1.24.2/build-qt6/src/../../src/verify.c:969:20: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/verify.c:969:20: call_function: calling 'parse_valid_sig' from '_gpgme_verify_status_handler'
# 427| free (sig->fpr);
# 428| sig->fpr = strdup (args);
# 429|-> if (!sig->fpr)
# 430| return gpg_error_from_syserror ();
# 431|
Error: GCC_ANALYZER_WARNING (CWE-688):
gpgme-1.24.2/build-qt6/src/../../src/verify.c:433:9: warning[-Wanalyzer-null-argument]: use of NULL 'end' where non-null expected
gpgme-1.24.2/build-qt6/src/../../src/verify.c:930:1: enter_function: entry to '_gpgme_verify_status_handler'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:941:6: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/verify.c:944:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/verify.c:969:14: branch_true: following 'true' branch (when 'sig' is non-NULL)...
gpgme-1.24.2/build-qt6/src/../../src/verify.c:969:20: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/verify.c:969:20: call_function: calling 'parse_valid_sig' from '_gpgme_verify_status_handler'
#argument 1 of '__builtin_strchr' must be non-null
# 431|
# 432| /* Skip the creation date. */
# 433|-> end = strchr (end, ' ');
# 434| if (end)
# 435| {
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/src/../../src/verify.c:757:10: warning[-Wanalyzer-malloc-leak]: leak of 'fpr'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:930:1: enter_function: entry to '_gpgme_verify_status_handler'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:941:6: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/verify.c:944:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1019:10: branch_false: following 'false' branch (when 'sig' is non-NULL)...
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1021:13: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1021:13: call_function: calling 'parse_tofu_user' from '_gpgme_verify_status_handler'
# 755| free (fpr);
# 756| free (address);
# 757|-> return err;
# 758| }
# 759|
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1014:7: warning[-Wanalyzer-malloc-leak]: leak of '*sig.pka_address'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:941:6: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/verify.c:944:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1008:10: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1012:10: branch_false: following 'false' branch (when 'end' is NULL)...
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1014:26: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1014:26: acquire_memory: allocated here
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1014:7: danger: '*sig.pka_address' leaks here; was allocated at [(10)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/9)
# 1012| if (end)
# 1013| *end = 0;
# 1014|-> sig->pka_address = strdup (args);
# 1015| break;
# 1016|
Error: GCC_ANALYZER_WARNING (CWE-476):
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1239:3: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1230:1: enter_function: entry to 'gpgme_get_sig_key'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1235:6: branch_false: following 'false' branch (when 'ctx' is non-NULL)...
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1238:12: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1238:12: call_function: calling 'gpgme_op_verify_result' from 'gpgme_get_sig_key'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1238:12: return_function: returning to 'gpgme_get_sig_key' from 'gpgme_op_verify_result'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1239:3: danger: dereference of NULL 'gpgme_op_verify_result(ctx)'
# 1237|
# 1238| result = gpgme_op_verify_result (ctx);
# 1239|-> sig = result->signatures;
# 1240|
# 1241| while (sig && idx)
Error: GCC_ANALYZER_WARNING (CWE-476):
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1265:3: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1258:1: enter_function: entry to 'gpgme_get_sig_status'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1264:12: call_function: calling 'gpgme_op_verify_result' from 'gpgme_get_sig_status'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1264:12: return_function: returning to 'gpgme_get_sig_status' from 'gpgme_op_verify_result'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1265:3: danger: dereference of NULL 'gpgme_op_verify_result(ctx)'
# 1263|
# 1264| result = gpgme_op_verify_result (ctx);
# 1265|-> sig = result->signatures;
# 1266|
# 1267| while (sig && idx)
Error: GCC_ANALYZER_WARNING (CWE-476):
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1328:3: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1319:1: enter_function: entry to 'gpgme_get_sig_ulong_attr'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1327:12: call_function: calling 'gpgme_op_verify_result' from 'gpgme_get_sig_ulong_attr'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1327:12: return_function: returning to 'gpgme_get_sig_ulong_attr' from 'gpgme_op_verify_result'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1328:3: danger: dereference of NULL 'gpgme_op_verify_result(ctx)'
# 1326|
# 1327| result = gpgme_op_verify_result (ctx);
# 1328|-> sig = result->signatures;
# 1329|
# 1330| while (sig && idx)
Error: GCC_ANALYZER_WARNING (CWE-476):
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1392:3: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1385:1: enter_function: entry to 'gpgme_get_sig_string_attr'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1391:12: call_function: calling 'gpgme_op_verify_result' from 'gpgme_get_sig_string_attr'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1391:12: return_function: returning to 'gpgme_get_sig_string_attr' from 'gpgme_op_verify_result'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1392:3: danger: dereference of NULL 'gpgme_op_verify_result(ctx)'
# 1390|
# 1391| result = gpgme_op_verify_result (ctx);
# 1392|-> sig = result->signatures;
# 1393|
# 1394| while (sig && idx)
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/src/../../src/wait.c:142:3: warning[-Wanalyzer-malloc-leak]: leak of 'item'
gpgme-1.24.2/build-qt6/src/../../src/wait.c:99:1: enter_function: entry to '_gpgme_add_io_cb'
gpgme-1.24.2/build-qt6/src/../../src/wait.c:108:3: branch_true: following 'true' branch (when 'fnc' is non-NULL)...
gpgme-1.24.2/build-qt6/src/../../src/wait.c:109:3: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/wait.c:109:3: branch_true: following 'true' branch (when 'data' is non-NULL)...
gpgme-1.24.2/build-qt6/src/../../src/wait.c:111:3: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/wait.c:115:6: branch_false: following 'false' branch (when 'tag' is non-NULL)...
gpgme-1.24.2/build-qt6/src/../../src/wait.c:117:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/wait.c:120:10: acquire_memory: allocated here
gpgme-1.24.2/build-qt6/src/../../src/wait.c:121:6: branch_false: following 'false' branch (when 'item' is non-NULL)...
gpgme-1.24.2/build-qt6/src/../../src/wait.c:126:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/wait.c:131:9: call_function: calling 'fd_table_put' from '_gpgme_add_io_cb'
gpgme-1.24.2/build-qt6/src/../../src/wait.c:131:9: return_function: returning to '_gpgme_add_io_cb' from 'fd_table_put'
gpgme-1.24.2/build-qt6/src/../../src/wait.c:132:6: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/wait.c:139:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/wait.c:142:3: danger: 'item' leaks here; was allocated at [(8)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/7)
# 140| "fd=%d, dir=%d -> tag=%p", fd, dir, tag);
# 141|
# 142|-> *r_tag = tag;
# 143| return 0;
# 144| }
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:254:19: warning[-Wanalyzer-malloc-leak]: leak of ‘trust_model’
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:131:6: branch_true: following ‘true’ branch (when ‘argc != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:132:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:134:10: branch_true: following ‘true’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:137:12: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:137:10: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:142:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:142:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:144:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:251:14: branch_false: following ‘false’ branch (when ‘argc != 1’)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:253:25: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:253:25: acquire_memory: allocated here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:134:10: branch_true: following ‘true’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:137:12: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:137:10: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:142:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:142:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:144:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:144:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:149:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:149:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:154:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:154:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:159:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:159:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:164:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:164:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:169:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:169:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:174:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:174:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:179:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:179:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:184:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:184:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:189:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:189:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:194:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:194:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:199:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:199:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:204:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:204:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:209:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:209:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:214:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:214:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:219:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:219:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:224:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:224:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:229:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:229:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:234:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:234:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:242:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:242:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:248:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:248:15: branch_true: following ‘true’ branch (when the strings are equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:251:14: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:251:14: branch_false: following ‘false’ branch (when ‘argc != 1’)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:253:25: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:254:19: danger: ‘trust_model’ leaks here; was allocated at [(11)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/10)
# 252| show_usage (1);
# 253| trust_model = strdup (*argv);
# 254|-> argc--; argv++;
# 255| }
# 256| else if (!strncmp (*argv, "--", 2))
Error: GCC_ANALYZER_WARNING (CWE-476):
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:288:3: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘ret’
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:558:1: enter_function: entry to ‘do_data_op’
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:565:6: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:571:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:571:3: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:573:10: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:587:11: call_function: calling ‘verify’ from ‘do_data_op’
# 286| int data_rand;
# 287|
# 288|-> ret->fd = -1;
# 289|
# 290| if (data_type)
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:290:7: warning[-Wanalyzer-malloc-leak]: leak of ‘random_data_new(fname)’
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:558:1: enter_function: entry to ‘do_data_op’
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:565:6: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:571:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:571:3: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:573:10: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:607:11: call_function: calling ‘import’ from ‘do_data_op’
# 288| ret->fd = -1;
# 289|
# 290|-> if (data_type)
# 291| {
# 292| data_rand = data_type;
Error: GCC_ANALYZER_WARNING (CWE-476):
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:762:7: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘msg_it’
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:665:6: branch_true: following ‘true’ branch (when ‘argc != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:666:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:750:10: branch_true: following ‘true’ branch (when ‘argc != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:752:10: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:752:10: branch_true: following ‘true’ branch (when ‘msgs’ is NULL)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:754:18: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:754:18: acquire_memory: this call could return NULL
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:762:7: danger: ‘msg_it’ could be NULL: unchecked value from [(7)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/6)
# 760| msg_it = msg_it->next;
# 761| }
# 762|-> msg_it->file_name = *argv;
# 763| argc--; argv++;
# 764| }
Error: GCC_ANALYZER_WARNING (CWE-775):
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:418:24: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(*argv, "rb")’
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:252:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:272:6: branch_true: following ‘true’ branch (when ‘argc != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:273:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:385:6: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:388:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:388:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:390:15: branch_true: following ‘true’ branch (when ‘i < repeats’)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:395:20: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:401:10: branch_false: following ‘false’ branch (when ‘repeats == 1’)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:406:10: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:406:10: branch_true: following ‘true’ branch (when ‘direct_file_io == 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:408:20: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:408:20: acquire_resource: opened here
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:409:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:416:14: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:416:14: branch_true: following ‘true’ branch (when ‘argc == 2’)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:418:24: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:418:24: danger: ‘fopen(*argv, "rb")’ leaks here; was opened at [(17)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/16)
# 416| if (argc > 1)
# 417| {
# 418|-> fp_msg = fopen (argv[1], "rb");
# 419| if (!fp_msg)
# 420| {
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:418:24: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(*argv, "rb")’
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:252:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:272:6: branch_true: following ‘true’ branch (when ‘argc != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:273:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:385:6: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:388:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:388:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:390:15: branch_true: following ‘true’ branch (when ‘i < repeats’)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:395:20: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:401:10: branch_false: following ‘false’ branch (when ‘repeats == 1’)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:406:10: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:406:10: branch_true: following ‘true’ branch (when ‘direct_file_io == 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:408:20: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:408:20: acquire_memory: allocated here
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:409:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:416:14: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:416:14: branch_true: following ‘true’ branch (when ‘argc == 2’)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:418:24: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:418:24: danger: ‘fopen(*argv, "rb")’ leaks here; was allocated at [(17)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/16)
# 416| if (argc > 1)
# 417| {
# 418|-> fp_msg = fopen (argv[1], "rb");
# 419| if (!fp_msg)
# 420| {
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:195:14: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-1.txt")’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:195:14: danger: ‘make_filename("t-data-1.txt")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/3)
# 193| case TEST_INVALID_ARGUMENT:
# 194| err = gpgme_data_new (NULL);
# 195|-> if (!err)
# 196| {
# 197| fprintf (stderr, "%s:%d: gpgme_data_new on NULL pointer succeeded "
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:195:14: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-2.txt")’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:195:14: danger: ‘make_filename("t-data-2.txt")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/8)
# 193| case TEST_INVALID_ARGUMENT:
# 194| err = gpgme_data_new (NULL);
# 195|-> if (!err)
# 196| {
# 197| fprintf (stderr, "%s:%d: gpgme_data_new on NULL pointer succeeded "
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:216:14: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-1.txt")’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:216:14: danger: ‘make_filename("t-data-1.txt")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/3)
# 214| case TEST_INOUT_MEM_FROM_INEXISTANT_FILE:
# 215| err = gpgme_data_new_from_file (&data, missing_filename, 1);
# 216|-> if (!err)
# 217| {
# 218| fprintf (stderr, "%s:%d: gpgme_data_new_from_file on inexistant "
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:216:14: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-2.txt")’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:216:14: danger: ‘make_filename("t-data-2.txt")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/8)
# 214| case TEST_INOUT_MEM_FROM_INEXISTANT_FILE:
# 215| err = gpgme_data_new_from_file (&data, missing_filename, 1);
# 216|-> if (!err)
# 217| {
# 218| fprintf (stderr, "%s:%d: gpgme_data_new_from_file on inexistant "
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:237:14: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-1.txt")’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:237:14: danger: ‘make_filename("t-data-1.txt")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/3)
# 235| err = gpgme_data_new_from_filepart (&data, missing_filename, 0,
# 236| strlen (text), strlen (text));
# 237|-> if (!err)
# 238| {
# 239| fprintf (stderr, "%s:%d: gpgme_data_new_from_file on inexistant "
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:237:14: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-2.txt")’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:237:14: danger: ‘make_filename("t-data-2.txt")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/8)
# 235| err = gpgme_data_new_from_filepart (&data, missing_filename, 0,
# 236| strlen (text), strlen (text));
# 237|-> if (!err)
# 238| {
# 239| fprintf (stderr, "%s:%d: gpgme_data_new_from_file on inexistant "
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:247:16: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-1.txt")’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:247:16: danger: ‘make_filename("t-data-1.txt")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/3)
# 245| {
# 246| FILE *fp = fopen (longer_text_filename, "rb");
# 247|-> if (! fp)
# 248| {
# 249| fprintf (stderr, "%s:%d: fopen: %s\n", __FILE__, __LINE__,
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:247:16: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-2.txt")’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:247:16: danger: ‘make_filename("t-data-2.txt")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/8)
# 245| {
# 246| FILE *fp = fopen (longer_text_filename, "rb");
# 247|-> if (! fp)
# 248| {
# 249| fprintf (stderr, "%s:%d: fopen: %s\n", __FILE__, __LINE__,
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:264:7: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-1.txt")’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:264:7: danger: ‘make_filename("t-data-1.txt")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/3)
# 262| exit (1);
# 263| }
# 264|-> fail_if_err (err);
# 265|
# 266| read_test (round, data);
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:264:7: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-2.txt")’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:264:7: danger: ‘make_filename("t-data-2.txt")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/8)
# 262| exit (1);
# 263| }
# 264|-> fail_if_err (err);
# 265|
# 266| read_test (round, data);
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-decrypt-verify.c:125:3: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cipher-2.asc")’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-decrypt-verify.c:109:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-decrypt-verify.c:116:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-decrypt-verify.c:116:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-decrypt-verify.c:122:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-decrypt-verify.c:122:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-decrypt-verify.c:125:3: danger: ‘make_filename("cipher-2.asc")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/3)
# 123|
# 124| err = gpgme_new (&ctx);
# 125|-> fail_if_err (err);
# 126|
# 127| agent_info = getenv("GPG_AGENT_INFO");
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-decrypt.c:55:3: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cipher-1.asc")’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-decrypt.c:40:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-decrypt.c:46:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-decrypt.c:46:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-decrypt.c:52:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-decrypt.c:52:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-decrypt.c:55:3: danger: ‘make_filename("cipher-1.asc")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/3)
# 53|
# 54| err = gpgme_new (&ctx);
# 55|-> fail_if_err (err);
# 56|
# 57| agent_info = getenv("GPG_AGENT_INFO");
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:228:3: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("pubkey-1.asc")’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:212:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:219:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:219:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:220:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:220:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:225:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:225:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:228:3: danger: ‘make_filename("pubkey-1.asc")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/3)
# 226|
# 227| err = gpgme_new (&ctx);
# 228|-> fail_if_err (err);
# 229|
# 230| err = gpgme_set_ctx_flag (ctx, "key-origin", "wkd,https://openpgpkey.gnupg.org");
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:228:3: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("seckey-1.asc")’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:212:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:219:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:219:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:220:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:220:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:225:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:225:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:228:3: danger: ‘make_filename("seckey-1.asc")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/8)
# 226|
# 227| err = gpgme_new (&ctx);
# 228|-> fail_if_err (err);
# 229|
# 230| err = gpgme_set_ctx_flag (ctx, "key-origin", "wkd,https://openpgpkey.gnupg.org");
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:230:9: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("pubkey-1.asc")’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:212:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:219:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:219:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:220:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:220:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:225:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:225:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:228:3: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:230:9: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:230:9: danger: ‘make_filename("pubkey-1.asc")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/3)
# 228| fail_if_err (err);
# 229|
# 230|-> err = gpgme_set_ctx_flag (ctx, "key-origin", "wkd,https://openpgpkey.gnupg.org");
# 231| fail_if_err (err);
# 232|
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:230:9: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("seckey-1.asc")’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:212:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:219:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:219:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:220:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:220:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:225:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:225:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:228:3: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:230:9: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:230:9: danger: ‘make_filename("seckey-1.asc")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/8)
# 228| fail_if_err (err);
# 229|
# 230|-> err = gpgme_set_ctx_flag (ctx, "key-origin", "wkd,https://openpgpkey.gnupg.org");
# 231| fail_if_err (err);
# 232|
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:112:7: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cipher-1.asc")’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:94:1: enter_function: entry to ‘thread_two’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:97:24: call_function: calling ‘make_filename’ from ‘thread_two’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:97:24: return_function: returning to ‘thread_two’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:102:15: branch_true: following ‘true’ branch (when ‘i != 20’)...
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:109:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:109:7: call_function: calling ‘init_gpgme’ from ‘thread_two’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:109:7: return_function: returning to ‘thread_two’ from ‘init_gpgme’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:112:7: danger: ‘make_filename("cipher-1.asc")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/3)
# 110|
# 111| err = gpgme_new (&ctx);
# 112|-> fail_if_err (err);
# 113|
# 114| if (!(agent_info && strchr (agent_info, ':')))
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:115:9: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cipher-1.asc")’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:94:1: enter_function: entry to ‘thread_two’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:97:24: call_function: calling ‘make_filename’ from ‘thread_two’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:97:24: return_function: returning to ‘thread_two’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:102:15: branch_true: following ‘true’ branch (when ‘i != 20’)...
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:109:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:109:7: call_function: calling ‘init_gpgme’ from ‘thread_two’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:109:7: return_function: returning to ‘thread_two’ from ‘init_gpgme’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:112:7: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:114:10: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:115:9: danger: ‘make_filename("cipher-1.asc")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/3)
# 113|
# 114| if (!(agent_info && strchr (agent_info, ':')))
# 115|-> gpgme_set_passphrase_cb (ctx, passphrase_cb, NULL);
# 116|
# 117| err = gpgme_data_new_from_file (&in, cipher_1_asc, 1);
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:153:3: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cert_dfn_pca01.der")’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:141:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:147:18: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:147:18: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:148:18: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:148:18: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:150:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:150:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:153:3: danger: ‘make_filename("cert_dfn_pca01.der")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/3)
# 151|
# 152| err = gpgme_new (&ctx);
# 153|-> fail_if_err (err);
# 154|
# 155| gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS);
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:153:3: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cert_dfn_pca15.der")’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:141:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:147:18: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:147:18: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:148:18: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:148:18: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:150:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:150:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:153:3: danger: ‘make_filename("cert_dfn_pca15.der")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/8)
# 151|
# 152| err = gpgme_new (&ctx);
# 153|-> fail_if_err (err);
# 154|
# 155| gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS);
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:155:3: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cert_dfn_pca15.der")’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:141:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:147:18: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:147:18: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:148:18: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:148:18: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:150:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:150:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:153:3: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:155:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:155:3: danger: ‘make_filename("cert_dfn_pca15.der")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/8)
# 153| fail_if_err (err);
# 154|
# 155|-> gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS);
# 156|
# 157| err = gpgme_data_new_from_file (&in, cert_1, 1);
Error: GCC_ANALYZER_WARNING (CWE-465):
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:214:10: warning[-Wanalyzer-deref-before-check]: check of ‘*key.subkeys’ for NULL after already dereferencing it
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:84:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:92:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:92:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:95:3: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:96:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:99:3: branch_false: following ‘false’ branch...
<unknown>: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:101:10: branch_true: following ‘true’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:103:12: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:103:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:109:22: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:120:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:125:11: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:125:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:130:11: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:130:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:135:11: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:135:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:140:11: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:140:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:146:11: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:146:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:152:11: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:152:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:157:11: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:157:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:163:11: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:163:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:169:12: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:169:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:174:11: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:174:10: branch_false: following ‘false’ branch (when the strings are equal)...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:180:12: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:180:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:185:11: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:185:10: branch_false: following ‘false’ branch (when the strings are equal)...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:191:11: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:197:11: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:202:10: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:208:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:214:12: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:214:10: danger: pointer ‘*key.subkeys’ is checked for NULL here but it was already dereferenced at [(15)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/14)
# 212| exit (1);
# 213| }
# 214|-> if (!key->subkeys || key->subkeys->next)
# 215| {
# 216| fprintf (stderr, "Key has unexpected number of subkeys\n");
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:199:23: warning[-Wanalyzer-malloc-leak]: leak of ‘opt_date’
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:142:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:155:10: branch_true: following ‘true’ branch...
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:158:10: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:163:17: branch_false: ...to here
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:163:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:174:17: branch_false: ...to here
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:198:26: call_function: calling ‘xstrdup’ from ‘main’
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:198:26: return_function: returning to ‘main’ from ‘xstrdup’
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:155:10: branch_true: following ‘true’ branch...
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:158:10: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:163:17: branch_false: ...to here
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:163:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:174:17: branch_false: ...to here
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:198:26: call_function: calling ‘xstrdup’ from ‘main’
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:198:26: return_function: returning to ‘main’ from ‘xstrdup’
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:199:23: danger: ‘opt_date’ leaks here; was allocated at [(12)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/11)
# 197| {
# 198| opt_date = xstrdup (*argv);
# 199|-> argc--; argv++;
# 200| }
# 201| }
Error: CPPCHECK_WARNING (CWE-457):
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:785: warning[uninitvar]: Uninitialized variable: buff
# 783| *r = 0;
# 784| }
# 785|-> return buff;
# 786| }
# 787|
Error: CPPCHECK_WARNING (CWE-476):
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:1681: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: data
# 1679| SwigPyClientData *data = (SwigPyClientData *)malloc(sizeof(SwigPyClientData));
# 1680| /* the klass element */
# 1681|-> data->klass = obj;
# 1682| SWIG_Py_INCREF(data->klass);
# 1683| /* the newraw method and newargs arguments used to create a new raw instance */
Error: CPPCHECK_WARNING (CWE-476):
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:1682: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: data
# 1680| /* the klass element */
# 1681| data->klass = obj;
# 1682|-> SWIG_Py_INCREF(data->klass);
# 1683| /* the newraw method and newargs arguments used to create a new raw instance */
# 1684| if (PyClass_Check(obj)) {
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:3960:10: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
# 3960 | *obj = value;
# | ~~~~~^~~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_error_t_p_assign’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:49010:17: note: ‘arg2’ was declared here
#49010 | gpgme_error_t arg2 ;
# | ^~~~
# 3958|
# 3959| static void gpgme_error_t_p_assign(gpgme_error_t *obj, gpgme_error_t value) {
# 3960|-> *obj = value;
# 3961| }
# 3962|
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_data_seek’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:4158:14: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
# 4158 | result = gpgme_data_seek(arg1,arg2,arg3);
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:4119:9: note: ‘arg2’ was declared here
# 4119 | off_t arg2 ;
# | ^~~~
# 4156| {
# 4157| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
# 4158|-> result = gpgme_data_seek(arg1,arg2,arg3);
# 4159| SWIG_PYTHON_THREAD_END_ALLOW;
# 4160| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_strerror’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:4718:22: warning[-Wmaybe-uninitialized]: ‘arg1’ may be used uninitialized
# 4718 | result = (char *)gpgme_strerror(arg1);
# | ^~~~~~~~~~~~~~~~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:4699:17: note: ‘arg1’ was declared here
# 4699 | gpgme_error_t arg1 ;
# | ^~~~
# 4716| {
# 4717| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
# 4718|-> result = (char *)gpgme_strerror(arg1);
# 4719| SWIG_PYTHON_THREAD_END_ALLOW;
# 4720| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_strerror_r’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:4773:14: warning[-Wmaybe-uninitialized]: ‘arg1’ may be used uninitialized
# 4773 | result = (int)gpgme_strerror_r(arg1,arg2,arg3);
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:4730:15: note: ‘arg1’ was declared here
# 4730 | gpg_error_t arg1 ;
# | ^~~~
# 4771| {
# 4772| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
# 4773|-> result = (int)gpgme_strerror_r(arg1,arg2,arg3);
# 4774| SWIG_PYTHON_THREAD_END_ALLOW;
# 4775| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_strsource’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:4814:22: warning[-Wmaybe-uninitialized]: ‘arg1’ may be used uninitialized
# 4814 | result = (char *)gpgme_strsource(arg1);
# | ^~~~~~~~~~~~~~~~~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:4795:17: note: ‘arg1’ was declared here
# 4795 | gpgme_error_t arg1 ;
# | ^~~~
# 4812| {
# 4813| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
# 4814|-> result = (char *)gpgme_strsource(arg1);
# 4815| SWIG_PYTHON_THREAD_END_ALLOW;
# 4816| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_err_code_to_errno’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:4875:14: warning[-Wmaybe-uninitialized]: ‘arg1’ may be used uninitialized
# 4875 | result = (int)gpgme_err_code_to_errno(arg1);
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:4856:20: note: ‘arg1’ was declared here
# 4856 | gpgme_err_code_t arg1 ;
# | ^~~~
# 4873| {
# 4874| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
# 4875|-> result = (int)gpgme_err_code_to_errno(arg1);
# 4876| SWIG_PYTHON_THREAD_END_ALLOW;
# 4877| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_err_make_from_errno’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:4960:14: warning[-Wmaybe-uninitialized]: ‘arg1’ may be used uninitialized
# 4960 | result = gpgme_err_make_from_errno(arg1,arg2);
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:4934:22: note: ‘arg1’ was declared here
# 4934 | gpgme_err_source_t arg1 ;
# | ^~~~
# 4958| {
# 4959| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
# 4960|-> result = gpgme_err_make_from_errno(arg1,arg2);
# 4961| SWIG_PYTHON_THREAD_END_ALLOW;
# 4962| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap__gpgme_key_sig_status_set’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:8764:30: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
# 8764 | if (arg1) (arg1)->status = arg2;
# | ~~~~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:8740:17: note: ‘arg2’ was declared here
# 8740 | gpgme_error_t arg2 ;
# | ^~~~
# 8762| {
# 8763| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
# 8764|-> if (arg1) (arg1)->status = arg2;
# 8765| SWIG_PYTHON_THREAD_END_ALLOW;
# 8766| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap__gpgme_invalid_key_reason_set’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:13036:30: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#13036 | if (arg1) (arg1)->reason = arg2;
# | ~~~~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:13012:17: note: ‘arg2’ was declared here
#13012 | gpgme_error_t arg2 ;
# | ^~~~
#13034| {
#13035| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#13036|-> if (arg1) (arg1)->reason = arg2;
#13037| SWIG_PYTHON_THREAD_END_ALLOW;
#13038| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_io_event_done_data_err_set’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:14712:27: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#14712 | if (arg1) (arg1)->err = arg2;
# | ~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:14688:17: note: ‘arg2’ was declared here
#14688 | gpgme_error_t arg2 ;
# | ^~~~
#14710| {
#14711| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#14712|-> if (arg1) (arg1)->err = arg2;
#14713| SWIG_PYTHON_THREAD_END_ALLOW;
#14714| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_io_event_done_data_op_err_set’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:14779:30: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#14779 | if (arg1) (arg1)->op_err = arg2;
# | ~~~~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:14755:17: note: ‘arg2’ was declared here
#14755 | gpgme_error_t arg2 ;
# | ^~~~
#14777| {
#14778| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#14779|-> if (arg1) (arg1)->op_err = arg2;
#14780| SWIG_PYTHON_THREAD_END_ALLOW;
#14781| }
Error: CPPCHECK_WARNING (CWE-457):
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:16356: error[legacyUninitvar]: Uninitialized variable: arg2
#16354| {
#16355| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#16356|-> result = gpgme_data_new_from_estream(arg1,arg2);
#16357| SWIG_PYTHON_THREAD_END_ALLOW;
#16358| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_data_new_from_filepart’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:16768:14: warning[-Wmaybe-uninitialized]: ‘arg4’ may be used uninitialized
#16768 | result = gpgme_data_new_from_filepart(arg1,(char const *)arg2,arg3,arg4,arg5);
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:16704:9: note: ‘arg4’ was declared here
#16704 | off_t arg4 ;
# | ^~~~
#16766| {
#16767| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#16768|-> result = gpgme_data_new_from_filepart(arg1,(char const *)arg2,arg3,arg4,arg5);
#16769| SWIG_PYTHON_THREAD_END_ALLOW;
#16770| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap__gpgme_recipient_status_set’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:21694:30: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#21694 | if (arg1) (arg1)->status = arg2;
# | ~~~~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:21670:17: note: ‘arg2’ was declared here
#21670 | gpgme_error_t arg2 ;
# | ^~~~
#21692| {
#21693| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#21694|-> if (arg1) (arg1)->status = arg2;
#21695| SWIG_PYTHON_THREAD_END_ALLOW;
#21696| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap__gpgme_signature_status_set’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:27385:30: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#27385 | if (arg1) (arg1)->status = arg2;
# | ~~~~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:27361:17: note: ‘arg2’ was declared here
#27361 | gpgme_error_t arg2 ;
# | ^~~~
#27383| {
#27384| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#27385|-> if (arg1) (arg1)->status = arg2;
#27386| SWIG_PYTHON_THREAD_END_ALLOW;
#27387| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap__gpgme_signature_validity_reason_set’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:28084:39: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#28084 | if (arg1) (arg1)->validity_reason = arg2;
# | ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:28060:17: note: ‘arg2’ was declared here
#28060 | gpgme_error_t arg2 ;
# | ^~~~
#28082| {
#28083| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#28084|-> if (arg1) (arg1)->validity_reason = arg2;
#28085| SWIG_PYTHON_THREAD_END_ALLOW;
#28086| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap__gpgme_import_status_result_set’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:31690:30: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#31690 | if (arg1) (arg1)->result = arg2;
# | ~~~~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:31666:17: note: ‘arg2’ was declared here
#31666 | gpgme_error_t arg2 ;
# | ^~~~
#31688| {
#31689| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#31690|-> if (arg1) (arg1)->result = arg2;
#31691| SWIG_PYTHON_THREAD_END_ALLOW;
#31692| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_op_receive_keys_start’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:33661:19: warning[-Wmaybe-uninitialized]: ‘size2’ may be used uninitialized
#33661 | for (i = 0; i < size2; i++)
# | ~~^~~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:33589:10: note: ‘size2’ was declared here
#33589 | size_t size2 ;
# | ^~~~~
#33659| size_t i;
#33660| free(vector2);
#33661|-> for (i = 0; i < size2; i++)
#33662| Py_XDECREF(pyVector2[i]);
#33663| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_op_receive_keys’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:33747:19: warning[-Wmaybe-uninitialized]: ‘size2’ may be used uninitialized
#33747 | for (i = 0; i < size2; i++)
# | ~~^~~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:33675:10: note: ‘size2’ was declared here
#33675 | size_t size2 ;
# | ^~~~~
#33745| size_t i;
#33746| free(vector2);
#33747|-> for (i = 0; i < size2; i++)
#33748| Py_XDECREF(pyVector2[i]);
#33749| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_op_export_ext_start’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:34540:19: warning[-Wmaybe-uninitialized]: ‘size2’ may be used uninitialized
#34540 | for (i = 0; i < size2; i++)
# | ~~^~~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:34335:10: note: ‘size2’ was declared here
#34335 | size_t size2 ;
# | ^~~~~
#34538| size_t i;
#34539| free(vector2);
#34540|-> for (i = 0; i < size2; i++)
#34541| Py_XDECREF(pyVector2[i]);
#34542| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_op_export_ext’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:34856:19: warning[-Wmaybe-uninitialized]: ‘size2’ may be used uninitialized
#34856 | for (i = 0; i < size2; i++)
# | ~~^~~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:34651:10: note: ‘size2’ was declared here
#34651 | size_t size2 ;
# | ^~~~~
#34854| size_t i;
#34855| free(vector2);
#34856|-> for (i = 0; i < size2; i++)
#34857| Py_XDECREF(pyVector2[i]);
#34858| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_op_keylist_ext_start’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:40192:19: warning[-Wmaybe-uninitialized]: ‘size2’ may be used uninitialized
#40192 | for (i = 0; i < size2; i++)
# | ~~^~~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:40106:10: note: ‘size2’ was declared here
#40106 | size_t size2 ;
# | ^~~~~
#40190| size_t i;
#40191| free(vector2);
#40192|-> for (i = 0; i < size2; i++)
#40193| Py_XDECREF(pyVector2[i]);
#40194| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_op_spawn_start’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:41761:19: warning[-Wmaybe-uninitialized]: ‘size3’ may be used uninitialized
#41761 | for (i = 0; i < size3; i++)
# | ~~^~~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:41636:10: note: ‘size3’ was declared here
#41636 | size_t size3 ;
# | ^~~~~
#41759| size_t i;
#41760| free(vector3);
#41761|-> for (i = 0; i < size3; i++)
#41762| Py_XDECREF(pyVector3[i]);
#41763| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_op_spawn’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:41906:19: warning[-Wmaybe-uninitialized]: ‘size3’ may be used uninitialized
#41906 | for (i = 0; i < size3; i++)
# | ~~^~~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:41781:10: note: ‘size3’ was declared here
#41781 | size_t size3 ;
# | ^~~~~
#41904| size_t i;
#41905| free(vector3);
#41906|-> for (i = 0; i < size3; i++)
#41907| Py_XDECREF(pyVector3[i]);
#41908| }
Error: COMPILER_WARNING (CWE-457):
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap__gpgme_op_assuan_result_err_set’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:48297:27: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#48297 | if (arg1) (arg1)->err = arg2;
# | ~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:48273:17: note: ‘arg2’ was declared here
#48273 | gpgme_error_t arg2 ;
# | ^~~~
#48295| {
#48296| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#48297|-> if (arg1) (arg1)->err = arg2;
#48298| SWIG_PYTHON_THREAD_END_ALLOW;
#48299| }
Error: COMPILER_WARNING (CWE-477):
gpgme-1.24.2/build/lang/python/python3.13-gpg/helpers.c: scope_hint: In function ‘_gpg_stash_callback_exception’
gpgme-1.24.2/build/lang/python/python3.13-gpg/helpers.c:119:3: warning[-Wdeprecated-declarations]: ‘PyWeakref_GetObject’ is deprecated
# 119 | self = PyWeakref_GetObject(weak_self);
# | ^~~~
/usr/include/python3.13/Python.h:113: included_from: Included from here.
gpgme-1.24.2/build/lang/python/python3.13-gpg/helpers.c:30: included_from: Included from here.
/usr/include/python3.13/weakrefobject.h:30:44: note: declared here
# 30 | Py_DEPRECATED(3.13) PyAPI_FUNC(PyObject *) PyWeakref_GetObject(PyObject *ref);
# | ^~~~~~~~~~~~~~~~~~~
# 117| }
# 118|
# 119|-> self = PyWeakref_GetObject(weak_self);
# 120| /* self only has a borrowed reference. */
# 121| if (self == Py_None) {
Error: COMPILER_WARNING (CWE-477):
gpgme-1.24.2/build/lang/python/python3.13-gpg/helpers.c:119:3: warning[-Wdeprecated-declarations]: ‘PyWeakref_GetObject’ is deprecated
# 117| }
# 118|
# 119|-> self = PyWeakref_GetObject(weak_self);
# 120| /* self only has a borrowed reference. */
# 121| if (self == Py_None) {
Error: GCC_ANALYZER_WARNING (CWE-465):
gpgme-1.24.2/build/src/../../src/data-identify.c:453:18: warning[-Wanalyzer-deref-before-check]: check of 'data' for NULL after already dereferencing it
gpgme-1.24.2/build/src/../../src/data-identify.c:316:6: branch_false: following 'false' branch (when 'datalen > 23')...
gpgme-1.24.2/build/src/../../src/data-identify.c:346:3: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/data-identify.c:441:6: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/data-identify.c:453:8: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/data-identify.c:453:18: danger: pointer 'data' is checked for NULL here but it was already dereferenced at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
# 451|
# 452| /* Now check whether there are armor lines. */
# 453|-> for (s = data; s && *s; s = (*s=='\n')?(s+1):((s=strchr (s,'\n'))?(s+1):s))
# 454| {
# 455| if (!strncmp (s, "-----BEGIN ", 11))
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/src/../../src/data.c:624:14: warning[-Wanalyzer-malloc-leak]: leak of 'malloc((long unsigned int)*dh.io_buffer_size)'
gpgme-1.24.2/build/src/../../src/data.c:619:6: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/data.c:621:12: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/data.c:621:10: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/data.c:623:32: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/data.c:623:32: acquire_memory: allocated here
gpgme-1.24.2/build/src/../../src/data.c:624:14: danger: 'malloc((long unsigned int)*dh.io_buffer_size)' leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
# 622| {
# 623| dh->inbound_buffer = malloc (dh->io_buffer_size);
# 624|-> if (!dh->inbound_buffer)
# 625| return TRACE_ERR (gpg_error_from_syserror ());
# 626| }
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/src/../../src/data.c:684:14: warning[-Wanalyzer-malloc-leak]: leak of 'malloc((long unsigned int)*dh.io_buffer_size)'
gpgme-1.24.2/build/src/../../src/data.c:679:6: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/data.c:681:12: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/data.c:681:10: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/data.c:683:33: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/data.c:683:33: acquire_memory: allocated here
gpgme-1.24.2/build/src/../../src/data.c:684:14: danger: 'malloc((long unsigned int)*dh.io_buffer_size)' leaks here; was allocated at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
# 682| {
# 683| dh->outbound_buffer = malloc (dh->io_buffer_size);
# 684|-> if (!dh->outbound_buffer)
# 685| return TRACE_ERR (gpg_error_from_syserror ());
# 686| dh->outbound_pending = 0;
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1628:12: warning[-Wanalyzer-malloc-leak]: leak of 'cmd'
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1590:1: enter_function: entry to 'gpgsm_export'
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1609:9: acquire_memory: allocated here
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1610:6: branch_false: following 'false' branch (when 'cmd' is non-NULL)...
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1613:3: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1625:9: call_function: calling 'gpgsm_set_fd' from 'gpgsm_export'
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1625:9: return_function: returning to 'gpgsm_export' from 'gpgsm_set_fd'
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1627:6: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1628:12: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1628:12: danger: 'cmd' leaks here; was allocated at [(2)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/1)
# 1626| : map_data_enc (gpgsm->output_cb.data));
# 1627| if (err)
# 1628|-> return err;
# 1629| gpgsm_clear_fd (gpgsm, INPUT_FD);
# 1630| gpgsm_clear_fd (gpgsm, MESSAGE_FD);
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1735:12: warning[-Wanalyzer-malloc-leak]: leak of 'line'
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1640:1: enter_function: entry to 'gpgsm_export_ext'
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1678:10: acquire_memory: allocated here
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1679:6: branch_false: following 'false' branch (when 'line' is non-NULL)...
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1682:3: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1732:9: call_function: calling 'gpgsm_set_fd' from 'gpgsm_export_ext'
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1732:9: return_function: returning to 'gpgsm_export_ext' from 'gpgsm_set_fd'
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1734:6: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1735:12: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1735:12: danger: 'line' leaks here; was allocated at [(2)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/1)
# 1733| : map_data_enc (gpgsm->output_cb.data));
# 1734| if (err)
# 1735|-> return err;
# 1736| gpgsm_clear_fd (gpgsm, INPUT_FD);
# 1737| gpgsm_clear_fd (gpgsm, MESSAGE_FD);
Error: GCC_ANALYZER_WARNING (CWE-457):
gpgme-1.24.2/build/src/../../src/key.c:470:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'key'
gpgme-1.24.2/build/src/../../src/key.c:459:1: enter_function: entry to 'gpgme_key_from_uid'
gpgme-1.24.2/build/src/../../src/key.c:465:9: call_function: calling '_gpgme_key_new' from 'gpgme_key_from_uid'
gpgme-1.24.2/build/src/../../src/key.c:465:9: return_function: returning to 'gpgme_key_from_uid' from '_gpgme_key_new'
gpgme-1.24.2/build/src/../../src/key.c:466:6: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/key.c:470:9: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/key.c:470:9: danger: use of uninitialized value 'key' here
# 468|
# 469| /* Note: protocol doesn't matter if only email is provided. */
# 470|-> err = _gpgme_key_append_name (key, name, 0);
# 471| if (err)
# 472| gpgme_key_unref (key);
Error: GCC_ANALYZER_WARNING (CWE-775):
gpgme-1.24.2/build/src/../../src/posix-io.c:648:35: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open("/dev/null", 2)'
gpgme-1.24.2/build/src/../../src/posix-io.c:549:6: branch_false: following 'false' branch (when 'pid != -1')...
gpgme-1.24.2/build/src/../../src/posix-io.c:552:6: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:552:6: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build/src/../../src/posix-io.c:555:18: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:555:10: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build/src/../../src/posix-io.c:564:14: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:640:20: acquire_resource: opened here
gpgme-1.24.2/build/src/../../src/posix-io.c:641:18: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:648:35: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:653:18: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:655:23: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:648:35: danger: 'open("/dev/null", 2)' leaks here; was opened at [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6)
# 646| }
# 647| /* Make sure that the process has connected stdin. */
# 648|-> if (! seen_stdin && fd != 0)
# 649| {
# 650| if (dup2 (fd, 0) == -1)
Error: GCC_ANALYZER_WARNING (CWE-775):
gpgme-1.24.2/build/src/../../src/posix-io.c:650:22: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'dup2(open("/dev/null", 2), 0)'
gpgme-1.24.2/build/src/../../src/posix-io.c:549:6: branch_false: following 'false' branch (when 'pid != -1')...
gpgme-1.24.2/build/src/../../src/posix-io.c:552:6: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:552:6: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build/src/../../src/posix-io.c:555:18: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:555:10: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build/src/../../src/posix-io.c:564:14: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:641:18: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:648:35: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:648:18: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:650:23: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:650:23: acquire_resource: opened here
gpgme-1.24.2/build/src/../../src/posix-io.c:650:22: danger: 'dup2(open("/dev/null", 2), 0)' leaks here; was opened at [(11)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/10)
# 648| if (! seen_stdin && fd != 0)
# 649| {
# 650|-> if (dup2 (fd, 0) == -1)
# 651| _exit (8);
# 652| }
Error: GCC_ANALYZER_WARNING:
gpgme-1.24.2/build/src/../../src/posix-io.c:650:23: warning[-Wanalyzer-fd-use-without-check]: 'dup2' on possibly invalid file descriptor '0'
gpgme-1.24.2/build/src/../../src/posix-io.c:549:6: branch_false: following 'false' branch (when 'pid != -1')...
gpgme-1.24.2/build/src/../../src/posix-io.c:552:6: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:552:6: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build/src/../../src/posix-io.c:555:18: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:555:10: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build/src/../../src/posix-io.c:564:14: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:593:24: branch_true: following 'true' branch (when 'max_fds > fd')...
<unknown>: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:598:18: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:599:17: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:599:17: release_resource: closed here
gpgme-1.24.2/build/src/../../src/posix-io.c:641:18: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:648:35: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:648:18: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:650:23: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:650:23: danger: '0' could be invalid
# 648| if (! seen_stdin && fd != 0)
# 649| {
# 650|-> if (dup2 (fd, 0) == -1)
# 651| _exit (8);
# 652| }
Error: GCC_ANALYZER_WARNING (CWE-775):
gpgme-1.24.2/build/src/../../src/posix-io.c:655:22: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'dup2(open("/dev/null", 2), 1)'
gpgme-1.24.2/build/src/../../src/posix-io.c:549:6: branch_false: following 'false' branch (when 'pid != -1')...
gpgme-1.24.2/build/src/../../src/posix-io.c:552:6: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:552:6: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build/src/../../src/posix-io.c:555:18: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:555:10: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build/src/../../src/posix-io.c:564:14: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:641:18: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:648:35: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:653:18: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:655:23: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:655:23: acquire_resource: opened here
gpgme-1.24.2/build/src/../../src/posix-io.c:655:22: danger: 'dup2(open("/dev/null", 2), 1)' leaks here; was opened at [(11)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/10)
# 653| if (! seen_stdout && fd != 1)
# 654| {
# 655|-> if (dup2 (fd, 1) == -1)
# 656| _exit (8);
# 657| }
Error: GCC_ANALYZER_WARNING:
gpgme-1.24.2/build/src/../../src/posix-io.c:655:23: warning[-Wanalyzer-fd-use-without-check]: 'dup2' on possibly invalid file descriptor '1'
gpgme-1.24.2/build/src/../../src/posix-io.c:549:6: branch_false: following 'false' branch (when 'pid != -1')...
gpgme-1.24.2/build/src/../../src/posix-io.c:552:6: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:552:6: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build/src/../../src/posix-io.c:555:18: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:555:10: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build/src/../../src/posix-io.c:564:14: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:593:24: branch_true: following 'true' branch (when 'max_fds > fd')...
<unknown>: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:598:18: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:599:17: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:593:24: branch_true: following 'true' branch (when 'max_fds > fd')...
<unknown>: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:598:18: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:599:17: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:599:17: release_resource: closed here
gpgme-1.24.2/build/src/../../src/posix-io.c:603:23: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:638:15: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:638:14: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:640:20: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:641:18: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:648:35: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:653:18: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:655:23: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:655:23: danger: '1' could be invalid
# 653| if (! seen_stdout && fd != 1)
# 654| {
# 655|-> if (dup2 (fd, 1) == -1)
# 656| _exit (8);
# 657| }
Error: GCC_ANALYZER_WARNING (CWE-775):
gpgme-1.24.2/build/src/../../src/posix-io.c:660:22: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'dup2(open("/dev/null", 2), 2)'
gpgme-1.24.2/build/src/../../src/posix-io.c:549:6: branch_false: following 'false' branch (when 'pid != -1')...
gpgme-1.24.2/build/src/../../src/posix-io.c:552:6: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:552:6: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build/src/../../src/posix-io.c:555:18: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:555:10: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build/src/../../src/posix-io.c:564:14: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:641:18: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:648:35: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:655:22: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:658:19: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:658:18: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:660:23: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:660:23: acquire_resource: opened here
gpgme-1.24.2/build/src/../../src/posix-io.c:660:22: danger: 'dup2(open("/dev/null", 2), 2)' leaks here; was opened at [(13)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/12)
# 658| if (! seen_stderr && fd != 2)
# 659| {
# 660|-> if (dup2 (fd, 2) == -1)
# 661| _exit (8);
# 662| }
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/src/../../src/sign.c:207:12: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
gpgme-1.24.2/build/src/../../src/sign.c:310:1: enter_function: entry to '_gpgme_sign_status_handler'
gpgme-1.24.2/build/src/../../src/sign.c:323:6: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/sign.c:326:3: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/sign.c:330:13: call_function: calling 'parse_sig_created' from '_gpgme_sign_status_handler'
# 205| sig = malloc (sizeof (*sig));
# 206| if (!sig)
# 207|-> return gpg_error_from_syserror ();
# 208|
# 209| sig->next = NULL;
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/src/../../src/sign.c:207:12: warning[-Wanalyzer-malloc-leak]: leak of 'sig'
gpgme-1.24.2/build/src/../../src/sign.c:310:1: enter_function: entry to '_gpgme_sign_status_handler'
gpgme-1.24.2/build/src/../../src/sign.c:323:6: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/sign.c:326:3: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/sign.c:330:13: call_function: calling 'parse_sig_created' from '_gpgme_sign_status_handler'
# 205| sig = malloc (sizeof (*sig));
# 206| if (!sig)
# 207|-> return gpg_error_from_syserror ();
# 208|
# 209| sig->next = NULL;
Error: GCC_ANALYZER_WARNING (CWE-787):
gpgme-1.24.2/build/src/../../src/signers.c:85:9: warning[-Wanalyzer-out-of-bounds]: buffer overflow
gpgme-1.24.2/build/src/../../src/signers.c:72:6: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/signers.c:75:7: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/signers.c:75:6: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/signers.c:78:15: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/signers.c:82:10: branch_false: following 'false' branch (when 'newarr' is non-NULL)...
gpgme-1.24.2/build/src/../../src/signers.c:84:16: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/signers.c:84:35: branch_true: following 'true' branch (when 'j < n')...
gpgme-1.24.2/build/src/../../src/signers.c:85:15: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/signers.c:84:35: branch_true: following 'true' branch (when 'j < n')...
gpgme-1.24.2/build/src/../../src/signers.c:85:15: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/signers.c:84:35: branch_true: following 'true' branch (when 'j < n')...
gpgme-1.24.2/build/src/../../src/signers.c:85:15: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/signers.c:84:35: branch_true: following 'true' branch (when 'j < n')...
gpgme-1.24.2/build/src/../../src/signers.c:85:15: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/signers.c:84:35: branch_true: following 'true' branch (when 'j < n')...
gpgme-1.24.2/build/src/../../src/signers.c:85:15: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/signers.c:84:35: branch_true: following 'true' branch (when 'j < n')...
gpgme-1.24.2/build/src/../../src/signers.c:85:15: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/signers.c:85:9: danger: write of 8 bytes at offset '(long unsigned int)j * 8' exceeds '*newarr'
# 83| return TRACE_ERR (gpg_error_from_syserror ());
# 84| for (j = ctx->signers_size; j < n; j++)
# 85|-> newarr[j] = NULL;
# 86| ctx->signers = newarr;
# 87| ctx->signers_size = n;
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/src/../../src/verify.c:429:6: warning[-Wanalyzer-malloc-leak]: leak of '*sig.fpr'
gpgme-1.24.2/build/src/../../src/verify.c:930:1: enter_function: entry to '_gpgme_verify_status_handler'
gpgme-1.24.2/build/src/../../src/verify.c:941:6: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/verify.c:944:3: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/verify.c:969:14: branch_true: following 'true' branch (when 'sig' is non-NULL)...
gpgme-1.24.2/build/src/../../src/verify.c:969:20: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/verify.c:969:20: call_function: calling 'parse_valid_sig' from '_gpgme_verify_status_handler'
# 427| free (sig->fpr);
# 428| sig->fpr = strdup (args);
# 429|-> if (!sig->fpr)
# 430| return gpg_error_from_syserror ();
# 431|
Error: GCC_ANALYZER_WARNING (CWE-688):
gpgme-1.24.2/build/src/../../src/verify.c:433:9: warning[-Wanalyzer-null-argument]: use of NULL 'end' where non-null expected
gpgme-1.24.2/build/src/../../src/verify.c:930:1: enter_function: entry to '_gpgme_verify_status_handler'
gpgme-1.24.2/build/src/../../src/verify.c:941:6: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/verify.c:944:3: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/verify.c:969:14: branch_true: following 'true' branch (when 'sig' is non-NULL)...
gpgme-1.24.2/build/src/../../src/verify.c:969:20: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/verify.c:969:20: call_function: calling 'parse_valid_sig' from '_gpgme_verify_status_handler'
#argument 1 of '__builtin_strchr' must be non-null
# 431|
# 432| /* Skip the creation date. */
# 433|-> end = strchr (end, ' ');
# 434| if (end)
# 435| {
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/src/../../src/verify.c:757:10: warning[-Wanalyzer-malloc-leak]: leak of 'fpr'
gpgme-1.24.2/build/src/../../src/verify.c:930:1: enter_function: entry to '_gpgme_verify_status_handler'
gpgme-1.24.2/build/src/../../src/verify.c:941:6: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/verify.c:944:3: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/verify.c:1019:10: branch_false: following 'false' branch (when 'sig' is non-NULL)...
gpgme-1.24.2/build/src/../../src/verify.c:1021:13: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/verify.c:1021:13: call_function: calling 'parse_tofu_user' from '_gpgme_verify_status_handler'
# 755| free (fpr);
# 756| free (address);
# 757|-> return err;
# 758| }
# 759|
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/src/../../src/verify.c:1014:7: warning[-Wanalyzer-malloc-leak]: leak of '*sig.pka_address'
gpgme-1.24.2/build/src/../../src/verify.c:941:6: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/verify.c:944:3: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/verify.c:1008:10: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/verify.c:1012:10: branch_false: following 'false' branch (when 'end' is NULL)...
gpgme-1.24.2/build/src/../../src/verify.c:1014:26: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/verify.c:1014:26: acquire_memory: allocated here
gpgme-1.24.2/build/src/../../src/verify.c:1014:7: danger: '*sig.pka_address' leaks here; was allocated at [(10)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/9)
# 1012| if (end)
# 1013| *end = 0;
# 1014|-> sig->pka_address = strdup (args);
# 1015| break;
# 1016|
Error: GCC_ANALYZER_WARNING (CWE-476):
gpgme-1.24.2/build/src/../../src/verify.c:1239:3: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
gpgme-1.24.2/build/src/../../src/verify.c:1230:1: enter_function: entry to 'gpgme_get_sig_key'
gpgme-1.24.2/build/src/../../src/verify.c:1235:6: branch_false: following 'false' branch (when 'ctx' is non-NULL)...
gpgme-1.24.2/build/src/../../src/verify.c:1238:12: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/verify.c:1238:12: call_function: calling 'gpgme_op_verify_result' from 'gpgme_get_sig_key'
gpgme-1.24.2/build/src/../../src/verify.c:1238:12: return_function: returning to 'gpgme_get_sig_key' from 'gpgme_op_verify_result'
gpgme-1.24.2/build/src/../../src/verify.c:1239:3: danger: dereference of NULL 'gpgme_op_verify_result(ctx)'
# 1237|
# 1238| result = gpgme_op_verify_result (ctx);
# 1239|-> sig = result->signatures;
# 1240|
# 1241| while (sig && idx)
Error: GCC_ANALYZER_WARNING (CWE-476):
gpgme-1.24.2/build/src/../../src/verify.c:1265:3: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
gpgme-1.24.2/build/src/../../src/verify.c:1258:1: enter_function: entry to 'gpgme_get_sig_status'
gpgme-1.24.2/build/src/../../src/verify.c:1264:12: call_function: calling 'gpgme_op_verify_result' from 'gpgme_get_sig_status'
gpgme-1.24.2/build/src/../../src/verify.c:1264:12: return_function: returning to 'gpgme_get_sig_status' from 'gpgme_op_verify_result'
gpgme-1.24.2/build/src/../../src/verify.c:1265:3: danger: dereference of NULL 'gpgme_op_verify_result(ctx)'
# 1263|
# 1264| result = gpgme_op_verify_result (ctx);
# 1265|-> sig = result->signatures;
# 1266|
# 1267| while (sig && idx)
Error: GCC_ANALYZER_WARNING (CWE-476):
gpgme-1.24.2/build/src/../../src/verify.c:1328:3: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
gpgme-1.24.2/build/src/../../src/verify.c:1319:1: enter_function: entry to 'gpgme_get_sig_ulong_attr'
gpgme-1.24.2/build/src/../../src/verify.c:1327:12: call_function: calling 'gpgme_op_verify_result' from 'gpgme_get_sig_ulong_attr'
gpgme-1.24.2/build/src/../../src/verify.c:1327:12: return_function: returning to 'gpgme_get_sig_ulong_attr' from 'gpgme_op_verify_result'
gpgme-1.24.2/build/src/../../src/verify.c:1328:3: danger: dereference of NULL 'gpgme_op_verify_result(ctx)'
# 1326|
# 1327| result = gpgme_op_verify_result (ctx);
# 1328|-> sig = result->signatures;
# 1329|
# 1330| while (sig && idx)
Error: GCC_ANALYZER_WARNING (CWE-476):
gpgme-1.24.2/build/src/../../src/verify.c:1392:3: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
gpgme-1.24.2/build/src/../../src/verify.c:1385:1: enter_function: entry to 'gpgme_get_sig_string_attr'
gpgme-1.24.2/build/src/../../src/verify.c:1391:12: call_function: calling 'gpgme_op_verify_result' from 'gpgme_get_sig_string_attr'
gpgme-1.24.2/build/src/../../src/verify.c:1391:12: return_function: returning to 'gpgme_get_sig_string_attr' from 'gpgme_op_verify_result'
gpgme-1.24.2/build/src/../../src/verify.c:1392:3: danger: dereference of NULL 'gpgme_op_verify_result(ctx)'
# 1390|
# 1391| result = gpgme_op_verify_result (ctx);
# 1392|-> sig = result->signatures;
# 1393|
# 1394| while (sig && idx)
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/src/../../src/wait.c:142:3: warning[-Wanalyzer-malloc-leak]: leak of 'item'
gpgme-1.24.2/build/src/../../src/wait.c:99:1: enter_function: entry to '_gpgme_add_io_cb'
gpgme-1.24.2/build/src/../../src/wait.c:108:3: branch_true: following 'true' branch (when 'fnc' is non-NULL)...
gpgme-1.24.2/build/src/../../src/wait.c:109:3: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/wait.c:109:3: branch_true: following 'true' branch (when 'data' is non-NULL)...
gpgme-1.24.2/build/src/../../src/wait.c:111:3: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/wait.c:115:6: branch_false: following 'false' branch (when 'tag' is non-NULL)...
gpgme-1.24.2/build/src/../../src/wait.c:117:3: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/wait.c:120:10: acquire_memory: allocated here
gpgme-1.24.2/build/src/../../src/wait.c:121:6: branch_false: following 'false' branch (when 'item' is non-NULL)...
gpgme-1.24.2/build/src/../../src/wait.c:126:3: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/wait.c:131:9: call_function: calling 'fd_table_put' from '_gpgme_add_io_cb'
gpgme-1.24.2/build/src/../../src/wait.c:131:9: return_function: returning to '_gpgme_add_io_cb' from 'fd_table_put'
gpgme-1.24.2/build/src/../../src/wait.c:132:6: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/wait.c:139:3: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/wait.c:142:3: danger: 'item' leaks here; was allocated at [(8)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/7)
# 140| "fd=%d, dir=%d -> tag=%p", fd, dir, tag);
# 141|
# 142|-> *r_tag = tag;
# 143| return 0;
# 144| }
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:254:19: warning[-Wanalyzer-malloc-leak]: leak of ‘trust_model’
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:131:6: branch_true: following ‘true’ branch (when ‘argc != 0’)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:132:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:134:10: branch_true: following ‘true’ branch...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:137:12: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:137:10: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:142:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:142:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:144:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:251:14: branch_false: following ‘false’ branch (when ‘argc != 1’)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:253:25: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:253:25: acquire_memory: allocated here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:134:10: branch_true: following ‘true’ branch...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:137:12: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:137:10: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:142:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:142:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:144:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:144:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:149:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:149:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:154:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:154:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:159:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:159:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:164:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:164:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:169:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:169:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:174:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:174:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:179:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:179:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:184:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:184:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:189:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:189:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:194:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:194:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:199:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:199:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:204:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:204:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:209:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:209:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:214:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:214:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:219:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:219:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:224:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:224:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:229:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:229:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:234:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:234:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:242:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:242:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:248:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:248:15: branch_true: following ‘true’ branch (when the strings are equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:251:14: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:251:14: branch_false: following ‘false’ branch (when ‘argc != 1’)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:253:25: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:254:19: danger: ‘trust_model’ leaks here; was allocated at [(11)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/10)
# 252| show_usage (1);
# 253| trust_model = strdup (*argv);
# 254|-> argc--; argv++;
# 255| }
# 256| else if (!strncmp (*argv, "--", 2))
Error: GCC_ANALYZER_WARNING (CWE-476):
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:288:3: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘ret’
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:558:1: enter_function: entry to ‘do_data_op’
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:565:6: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:571:3: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:571:3: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:573:10: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:587:11: call_function: calling ‘verify’ from ‘do_data_op’
# 286| int data_rand;
# 287|
# 288|-> ret->fd = -1;
# 289|
# 290| if (data_type)
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:290:7: warning[-Wanalyzer-malloc-leak]: leak of ‘random_data_new(fname)’
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:558:1: enter_function: entry to ‘do_data_op’
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:565:6: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:571:3: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:571:3: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:573:10: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:607:11: call_function: calling ‘import’ from ‘do_data_op’
# 288| ret->fd = -1;
# 289|
# 290|-> if (data_type)
# 291| {
# 292| data_rand = data_type;
Error: GCC_ANALYZER_WARNING (CWE-476):
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:762:7: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘msg_it’
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:665:6: branch_true: following ‘true’ branch (when ‘argc != 0’)...
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:666:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:750:10: branch_true: following ‘true’ branch (when ‘argc != 0’)...
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:752:10: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:752:10: branch_true: following ‘true’ branch (when ‘msgs’ is NULL)...
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:754:18: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:754:18: acquire_memory: this call could return NULL
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:762:7: danger: ‘msg_it’ could be NULL: unchecked value from [(7)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/6)
# 760| msg_it = msg_it->next;
# 761| }
# 762|-> msg_it->file_name = *argv;
# 763| argc--; argv++;
# 764| }
Error: GCC_ANALYZER_WARNING (CWE-775):
gpgme-1.24.2/build/tests/../../tests/run-verify.c:418:24: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(*argv, "rb")’
gpgme-1.24.2/build/tests/../../tests/run-verify.c:252:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/../../tests/run-verify.c:272:6: branch_true: following ‘true’ branch (when ‘argc != 0’)...
gpgme-1.24.2/build/tests/../../tests/run-verify.c:273:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/run-verify.c:385:6: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/run-verify.c:388:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/run-verify.c:388:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build/tests/../../tests/run-verify.c:390:15: branch_true: following ‘true’ branch (when ‘i < repeats’)...
gpgme-1.24.2/build/tests/../../tests/run-verify.c:395:20: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/run-verify.c:401:10: branch_false: following ‘false’ branch (when ‘repeats == 1’)...
gpgme-1.24.2/build/tests/../../tests/run-verify.c:406:10: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-verify.c:406:10: branch_true: following ‘true’ branch (when ‘direct_file_io == 0’)...
gpgme-1.24.2/build/tests/../../tests/run-verify.c:408:20: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/run-verify.c:408:20: acquire_resource: opened here
gpgme-1.24.2/build/tests/../../tests/run-verify.c:409:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/run-verify.c:416:14: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-verify.c:416:14: branch_true: following ‘true’ branch (when ‘argc == 2’)...
gpgme-1.24.2/build/tests/../../tests/run-verify.c:418:24: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/run-verify.c:418:24: danger: ‘fopen(*argv, "rb")’ leaks here; was opened at [(17)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/16)
# 416| if (argc > 1)
# 417| {
# 418|-> fp_msg = fopen (argv[1], "rb");
# 419| if (!fp_msg)
# 420| {
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/tests/../../tests/run-verify.c:418:24: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(*argv, "rb")’
gpgme-1.24.2/build/tests/../../tests/run-verify.c:252:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/../../tests/run-verify.c:272:6: branch_true: following ‘true’ branch (when ‘argc != 0’)...
gpgme-1.24.2/build/tests/../../tests/run-verify.c:273:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/run-verify.c:385:6: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/run-verify.c:388:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/run-verify.c:388:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build/tests/../../tests/run-verify.c:390:15: branch_true: following ‘true’ branch (when ‘i < repeats’)...
gpgme-1.24.2/build/tests/../../tests/run-verify.c:395:20: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/run-verify.c:401:10: branch_false: following ‘false’ branch (when ‘repeats == 1’)...
gpgme-1.24.2/build/tests/../../tests/run-verify.c:406:10: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-verify.c:406:10: branch_true: following ‘true’ branch (when ‘direct_file_io == 0’)...
gpgme-1.24.2/build/tests/../../tests/run-verify.c:408:20: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/run-verify.c:408:20: acquire_memory: allocated here
gpgme-1.24.2/build/tests/../../tests/run-verify.c:409:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/run-verify.c:416:14: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-verify.c:416:14: branch_true: following ‘true’ branch (when ‘argc == 2’)...
gpgme-1.24.2/build/tests/../../tests/run-verify.c:418:24: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/run-verify.c:418:24: danger: ‘fopen(*argv, "rb")’ leaks here; was allocated at [(17)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/16)
# 416| if (argc > 1)
# 417| {
# 418|-> fp_msg = fopen (argv[1], "rb");
# 419| if (!fp_msg)
# 420| {
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/tests/../../tests/t-data.c:195:14: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-1.txt")’
gpgme-1.24.2/build/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:195:14: danger: ‘make_filename("t-data-1.txt")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/3)
# 193| case TEST_INVALID_ARGUMENT:
# 194| err = gpgme_data_new (NULL);
# 195|-> if (!err)
# 196| {
# 197| fprintf (stderr, "%s:%d: gpgme_data_new on NULL pointer succeeded "
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/tests/../../tests/t-data.c:195:14: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-2.txt")’
gpgme-1.24.2/build/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:195:14: danger: ‘make_filename("t-data-2.txt")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/8)
# 193| case TEST_INVALID_ARGUMENT:
# 194| err = gpgme_data_new (NULL);
# 195|-> if (!err)
# 196| {
# 197| fprintf (stderr, "%s:%d: gpgme_data_new on NULL pointer succeeded "
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/tests/../../tests/t-data.c:216:14: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-1.txt")’
gpgme-1.24.2/build/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:216:14: danger: ‘make_filename("t-data-1.txt")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/3)
# 214| case TEST_INOUT_MEM_FROM_INEXISTANT_FILE:
# 215| err = gpgme_data_new_from_file (&data, missing_filename, 1);
# 216|-> if (!err)
# 217| {
# 218| fprintf (stderr, "%s:%d: gpgme_data_new_from_file on inexistant "
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/tests/../../tests/t-data.c:216:14: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-2.txt")’
gpgme-1.24.2/build/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:216:14: danger: ‘make_filename("t-data-2.txt")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/8)
# 214| case TEST_INOUT_MEM_FROM_INEXISTANT_FILE:
# 215| err = gpgme_data_new_from_file (&data, missing_filename, 1);
# 216|-> if (!err)
# 217| {
# 218| fprintf (stderr, "%s:%d: gpgme_data_new_from_file on inexistant "
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/tests/../../tests/t-data.c:237:14: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-1.txt")’
gpgme-1.24.2/build/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:237:14: danger: ‘make_filename("t-data-1.txt")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/3)
# 235| err = gpgme_data_new_from_filepart (&data, missing_filename, 0,
# 236| strlen (text), strlen (text));
# 237|-> if (!err)
# 238| {
# 239| fprintf (stderr, "%s:%d: gpgme_data_new_from_file on inexistant "
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/tests/../../tests/t-data.c:237:14: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-2.txt")’
gpgme-1.24.2/build/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:237:14: danger: ‘make_filename("t-data-2.txt")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/8)
# 235| err = gpgme_data_new_from_filepart (&data, missing_filename, 0,
# 236| strlen (text), strlen (text));
# 237|-> if (!err)
# 238| {
# 239| fprintf (stderr, "%s:%d: gpgme_data_new_from_file on inexistant "
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/tests/../../tests/t-data.c:247:16: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-1.txt")’
gpgme-1.24.2/build/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:247:16: danger: ‘make_filename("t-data-1.txt")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/3)
# 245| {
# 246| FILE *fp = fopen (longer_text_filename, "rb");
# 247|-> if (! fp)
# 248| {
# 249| fprintf (stderr, "%s:%d: fopen: %s\n", __FILE__, __LINE__,
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/tests/../../tests/t-data.c:247:16: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-2.txt")’
gpgme-1.24.2/build/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:247:16: danger: ‘make_filename("t-data-2.txt")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/8)
# 245| {
# 246| FILE *fp = fopen (longer_text_filename, "rb");
# 247|-> if (! fp)
# 248| {
# 249| fprintf (stderr, "%s:%d: fopen: %s\n", __FILE__, __LINE__,
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/tests/../../tests/t-data.c:264:7: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-1.txt")’
gpgme-1.24.2/build/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:264:7: danger: ‘make_filename("t-data-1.txt")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/3)
# 262| exit (1);
# 263| }
# 264|-> fail_if_err (err);
# 265|
# 266| read_test (round, data);
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/tests/../../tests/t-data.c:264:7: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-2.txt")’
gpgme-1.24.2/build/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:264:7: danger: ‘make_filename("t-data-2.txt")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/8)
# 262| exit (1);
# 263| }
# 264|-> fail_if_err (err);
# 265|
# 266| read_test (round, data);
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-decrypt-verify.c:125:3: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cipher-2.asc")’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-decrypt-verify.c:109:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-decrypt-verify.c:116:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-decrypt-verify.c:116:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-decrypt-verify.c:122:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-decrypt-verify.c:122:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-decrypt-verify.c:125:3: danger: ‘make_filename("cipher-2.asc")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/3)
# 123|
# 124| err = gpgme_new (&ctx);
# 125|-> fail_if_err (err);
# 126|
# 127| agent_info = getenv("GPG_AGENT_INFO");
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-decrypt.c:55:3: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cipher-1.asc")’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-decrypt.c:40:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-decrypt.c:46:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-decrypt.c:46:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-decrypt.c:52:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-decrypt.c:52:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-decrypt.c:55:3: danger: ‘make_filename("cipher-1.asc")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/3)
# 53|
# 54| err = gpgme_new (&ctx);
# 55|-> fail_if_err (err);
# 56|
# 57| agent_info = getenv("GPG_AGENT_INFO");
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:228:3: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("pubkey-1.asc")’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:212:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:219:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:219:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:220:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:220:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:225:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:225:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:228:3: danger: ‘make_filename("pubkey-1.asc")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/3)
# 226|
# 227| err = gpgme_new (&ctx);
# 228|-> fail_if_err (err);
# 229|
# 230| err = gpgme_set_ctx_flag (ctx, "key-origin", "wkd,https://openpgpkey.gnupg.org");
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:228:3: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("seckey-1.asc")’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:212:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:219:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:219:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:220:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:220:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:225:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:225:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:228:3: danger: ‘make_filename("seckey-1.asc")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/8)
# 226|
# 227| err = gpgme_new (&ctx);
# 228|-> fail_if_err (err);
# 229|
# 230| err = gpgme_set_ctx_flag (ctx, "key-origin", "wkd,https://openpgpkey.gnupg.org");
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:230:9: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("pubkey-1.asc")’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:212:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:219:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:219:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:220:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:220:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:225:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:225:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:228:3: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:230:9: branch_false: ...to here
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:230:9: danger: ‘make_filename("pubkey-1.asc")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/3)
# 228| fail_if_err (err);
# 229|
# 230|-> err = gpgme_set_ctx_flag (ctx, "key-origin", "wkd,https://openpgpkey.gnupg.org");
# 231| fail_if_err (err);
# 232|
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:230:9: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("seckey-1.asc")’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:212:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:219:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:219:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:220:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:220:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:225:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:225:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:228:3: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:230:9: branch_false: ...to here
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:230:9: danger: ‘make_filename("seckey-1.asc")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/8)
# 228| fail_if_err (err);
# 229|
# 230|-> err = gpgme_set_ctx_flag (ctx, "key-origin", "wkd,https://openpgpkey.gnupg.org");
# 231| fail_if_err (err);
# 232|
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:112:7: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cipher-1.asc")’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:94:1: enter_function: entry to ‘thread_two’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:97:24: call_function: calling ‘make_filename’ from ‘thread_two’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:97:24: return_function: returning to ‘thread_two’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:102:15: branch_true: following ‘true’ branch (when ‘i != 20’)...
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:109:7: branch_true: ...to here
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:109:7: call_function: calling ‘init_gpgme’ from ‘thread_two’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:109:7: return_function: returning to ‘thread_two’ from ‘init_gpgme’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:112:7: danger: ‘make_filename("cipher-1.asc")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/3)
# 110|
# 111| err = gpgme_new (&ctx);
# 112|-> fail_if_err (err);
# 113|
# 114| if (!(agent_info && strchr (agent_info, ':')))
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:115:9: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cipher-1.asc")’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:94:1: enter_function: entry to ‘thread_two’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:97:24: call_function: calling ‘make_filename’ from ‘thread_two’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:97:24: return_function: returning to ‘thread_two’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:102:15: branch_true: following ‘true’ branch (when ‘i != 20’)...
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:109:7: branch_true: ...to here
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:109:7: call_function: calling ‘init_gpgme’ from ‘thread_two’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:109:7: return_function: returning to ‘thread_two’ from ‘init_gpgme’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:112:7: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:114:10: branch_false: ...to here
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:115:9: danger: ‘make_filename("cipher-1.asc")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/3)
# 113|
# 114| if (!(agent_info && strchr (agent_info, ':')))
# 115|-> gpgme_set_passphrase_cb (ctx, passphrase_cb, NULL);
# 116|
# 117| err = gpgme_data_new_from_file (&in, cipher_1_asc, 1);
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:153:3: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cert_dfn_pca01.der")’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:141:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:147:18: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:147:18: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:148:18: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:148:18: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:150:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:150:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:153:3: danger: ‘make_filename("cert_dfn_pca01.der")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/3)
# 151|
# 152| err = gpgme_new (&ctx);
# 153|-> fail_if_err (err);
# 154|
# 155| gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS);
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:153:3: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cert_dfn_pca15.der")’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:141:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:147:18: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:147:18: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:148:18: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:148:18: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:150:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:150:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:153:3: danger: ‘make_filename("cert_dfn_pca15.der")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/8)
# 151|
# 152| err = gpgme_new (&ctx);
# 153|-> fail_if_err (err);
# 154|
# 155| gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS);
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:155:3: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cert_dfn_pca15.der")’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:141:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:147:18: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:147:18: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:148:18: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:148:18: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:150:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:150:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:153:3: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:155:3: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:155:3: danger: ‘make_filename("cert_dfn_pca15.der")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/8)
# 153| fail_if_err (err);
# 154|
# 155|-> gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS);
# 156|
# 157| err = gpgme_data_new_from_file (&in, cert_1, 1);
Error: GCC_ANALYZER_WARNING (CWE-465):
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:214:10: warning[-Wanalyzer-deref-before-check]: check of ‘*key.subkeys’ for NULL after already dereferencing it
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:84:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:92:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:92:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:95:3: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:96:3: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:99:3: branch_false: following ‘false’ branch...
<unknown>: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:101:10: branch_true: following ‘true’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:103:12: branch_true: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:103:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:109:22: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:120:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:125:11: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:125:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:130:11: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:130:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:135:11: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:135:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:140:11: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:140:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:146:11: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:146:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:152:11: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:152:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:157:11: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:157:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:163:11: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:163:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:169:12: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:169:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:174:11: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:174:10: branch_false: following ‘false’ branch (when the strings are equal)...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:180:12: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:180:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:185:11: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:185:10: branch_false: following ‘false’ branch (when the strings are equal)...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:191:11: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:197:11: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:202:10: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:208:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:214:12: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:214:10: danger: pointer ‘*key.subkeys’ is checked for NULL here but it was already dereferenced at [(15)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/14)
# 212| exit (1);
# 213| }
# 214|-> if (!key->subkeys || key->subkeys->next)
# 215| {
# 216| fprintf (stderr, "Key has unexpected number of subkeys\n");
Error: CPPCHECK_WARNING (CWE-457):
gpgme-1.24.2/doc/mkdefsinc.c:289: warning[uninitvar]: Uninitialized variable: monthoff
# 287|
# 288| printf ("@set UPDATED %s\n", opt_date);
# 289|-> printf ("@set UPDATED-MONTH %s\n", opt_date + monthoff);
# 290| printf ("@set EDITION %s\n", PACKAGE_VERSION);
# 291| printf ("@set VERSION %s\n", PACKAGE_VERSION);
Error: COMPILER_WARNING (CWE-477):
gpgme-1.24.2/lang/qt/src/qgpgmeaddexistingsubkeyjob.cpp: scope_hint: In function 'QGpgME::_detail::ThreadedJobMixin<QGpgME::AddExistingSubkeyJob>::result_type add_subkey(GpgME::Context*, const GpgME::Key&, const GpgME::Subkey&)'
gpgme-1.24.2/lang/qt/src/qgpgmeaddexistingsubkeyjob.cpp:67:58: warning[-Wdeprecated-declarations]: 'static QDateTime QDateTime::fromSecsSinceEpoch(qint64, Qt::TimeSpec, int)' is deprecated: Pass QTimeZone instead of time-spec, offset
# 67 | const auto expiry = QDateTime::fromSecsSinceEpoch(uint_least32_t(subkey.expirationTime()),
# | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 68 | Qt::UTC).toString(u"yyyyMMdd'T'hhmmss").toStdString();
# | ~~~~~~~~
/usr/include/qt6/QtCore/QDateTime:1: included_from: Included from here.
gpgme-1.24.2/lang/qt/src/qgpgmeaddexistingsubkeyjob.cpp:42: included_from: Included from here.
/usr/include/qt6/QtCore/qdatetime.h:491:22: note: declared here
# 491 | static QDateTime fromSecsSinceEpoch(qint64 secs, Qt::TimeSpec spec, int offsetFromUtc = 0);
# | ^~~~~~~~~~~~~~~~~~
# 65|
# 66| if (!subkey.neverExpires()) {
# 67|-> const auto expiry = QDateTime::fromSecsSinceEpoch(uint_least32_t(subkey.expirationTime()),
# 68| Qt::UTC).toString(u"yyyyMMdd'T'hhmmss").toStdString();
# 69| interactor->setExpiry(expiry);
Error: COMPILER_WARNING (CWE-477):
gpgme-1.24.2/lang/qt/src/qgpgmenewcryptoconfig.cpp: scope_hint: In member function 'virtual void QGpgMENewCryptoConfig::sync(bool)'
gpgme-1.24.2/lang/qt/src/qgpgmenewcryptoconfig.cpp:130:77: warning[-Wdeprecated-declarations]: 'constexpr typename std::add_const<_Tp>::type& qAsConst(T&) [with T = QHash<QString, std::shared_ptr<QGpgMENewCryptoConfigComponent> >; typename std::add_const<_Tp>::type = const QHash<QString, std::shared_ptr<QGpgMENewCryptoConfigComponent> >]' is deprecated: Use std::as_const() instead.
# 130 | for (const std::shared_ptr<QGpgMENewCryptoConfigComponent> &c : qAsConst(m_componentsByName)) {
# | ~~~~~~~~^~~~~~~~~~~~~~~~~~~~
/usr/include/qt6/QtCore/qforeach.h:11: included_from: Included from here.
/usr/include/qt6/QtCore/qglobal.h:55: included_from: Included from here.
/usr/include/qt6/QtCore/qnamespace.h:12: included_from: Included from here.
/usr/include/qt6/QtCore/qbytearray.h:9: included_from: Included from here.
/usr/include/qt6/QtCore/qurl.h:8: included_from: Included from here.
/usr/include/qt6/QtCore/QUrl:1: included_from: Included from here.
gpgme-1.24.2/lang/qt/src/cryptoconfig.h:43: included_from: Included from here.
gpgme-1.24.2/lang/qt/src/qgpgmenewcryptoconfig.h:39: included_from: Included from here.
gpgme-1.24.2/lang/qt/src/qgpgmenewcryptoconfig.cpp:39: included_from: Included from here.
/usr/include/qt6/QtCore/qttypetraits.h:40:45: note: declared here
# 40 | constexpr typename std::add_const<T>::type &qAsConst(T &t) noexcept { return t; }
# | ^~~~~~~~
# 128| void QGpgMENewCryptoConfig::sync(bool runtime)
# 129| {
# 130|-> for (const std::shared_ptr<QGpgMENewCryptoConfigComponent> &c : qAsConst(m_componentsByName)) {
# 131| c->sync(runtime);
# 132| }
Error: CPPCHECK_WARNING (CWE-457):
gpgme-1.24.2/src/decrypt-verify.c:48: warning[uninitvar]: Uninitialized variable: err2
# 46| || (code == GPGME_STATUS_EOF && gpg_err_code (err) == GPG_ERR_NO_DATA))
# 47| err2 = _gpgme_verify_status_handler (priv, code, args);
# 48|-> return err ? err : err2;
# 49| }
# 50|
Error: CPPCHECK_WARNING (CWE-562):
gpgme-1.24.2/src/gpgme-tool.c:3314: error[autoVariables]: Address of local auto-variable assigned to a function parameter.
# 3312| server.gt = gt;
# 3313| gt->write_status = server_write_status;
# 3314|-> gt->write_status_hook = &server;
# 3315| gt->write_data = server_write_data;
# 3316| gt->write_data_hook = &server;
Error: CPPCHECK_WARNING (CWE-562):
gpgme-1.24.2/src/gpgme-tool.c:3316: error[autoVariables]: Address of local auto-variable assigned to a function parameter.
# 3314| gt->write_status_hook = &server;
# 3315| gt->write_data = server_write_data;
# 3316|-> gt->write_data_hook = &server;
# 3317|
# 3318| /* We use a pipe based server so that we can work from scripts.
Error: CPPCHECK_WARNING (CWE-476):
gpgme-1.24.2/tests/run-threaded.c:288: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: ret
# 286| int data_rand;
# 287|
# 288|-> ret->fd = -1;
# 289|
# 290| if (data_type)
Error: CPPCHECK_WARNING (CWE-476):
gpgme-1.24.2/tests/run-threaded.c:762: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: msg_it
# 760| msg_it = msg_it->next;
# 761| }
# 762|-> msg_it->file_name = *argv;
# 763| argc--; argv++;
# 764| }