Newly introduced findings

List of Findings

Error: GCC_ANALYZER_WARNING (CWE-775): [#def1]
systemd-258.1/src/basic/fd-util.h:89:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<Ucb48>[2]’
systemd-258.1/src/import/importd.c:426:12: enter_function: entry to ‘transfer_start’
systemd-258.1/src/import/importd.c:430:9: branch_false: following ‘false’ branch...
systemd-258.1/src/import/importd.c:431:9: call_function: inlined call to ‘pidref_is_set’ from ‘transfer_start’
systemd-258.1/src/import/importd.c:433:13: branch_false: ...to here
systemd-258.1/src/import/importd.c:433:12: branch_false: following ‘false’ branch...
systemd-258.1/src/import/importd.c:436:13: branch_false: ...to here
systemd-258.1/src/import/importd.c:438:48: branch_false: following ‘false’ branch...
systemd-258.1/src/import/importd.c:438:33: branch_false: ...to here
systemd-258.1/src/import/importd.c:427:34: call_function: inlined call to ‘close_pairp’ from ‘transfer_start’
#   87|   
#   88|   static inline void close_pairp(int (*p)[2]) {
#   89|->         safe_close_pair(*p);
#   90|   }
#   91|   

Error: COMPILER_WARNING: [#def2] [important]
systemd-258.1/src/basic/fs-util.c:304:32: error[-Wimplicit-function-declaration]: implicit declaration of function ‘fchmodat2’; did you mean ‘fchmodat’?
#  302|           if (fchmodat(fd, "", m, AT_EMPTY_PATH) >= 0)
#  303|                   return 0;
#  304|->         if (errno == EINVAL && fchmodat2(fd, "", m, AT_EMPTY_PATH) >= 0) /* glibc too old? */
#  305|                   return 0;
#  306|           if (!IN_SET(errno, ENOSYS, EPERM)) /* Some container managers block unknown syscalls with EPERM */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def3]
systemd-258.1/src/basic/replace-var.c:63:21: warning[-Wanalyzer-malloc-leak]: leak of ‘t’
systemd-258.1/src/basic/replace-var.c:34:7: enter_function: entry to ‘replace_var’
systemd-258.1/src/basic/replace-var.c:39:9: branch_false: following ‘false’ branch...
systemd-258.1/src/basic/replace-var.c:40:9: branch_false: ...to here
systemd-258.1/src/basic/replace-var.c:40:9: branch_false: following ‘false’ branch...
systemd-258.1/src/basic/replace-var.c:42:13: branch_false: ...to here
systemd-258.1/src/basic/replace-var.c:43:13: call_function: calling ‘malloc_multiply’ from ‘replace_var’
systemd-258.1/src/basic/replace-var.c:43:13: return_function: returning to ‘replace_var’ from ‘malloc_multiply’
systemd-258.1/src/basic/replace-var.c:44:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
systemd-258.1/src/basic/replace-var.c:49:16: branch_true: following ‘true’ branch...
systemd-258.1/src/basic/replace-var.c:50:38: branch_true: ...to here
systemd-258.1/src/basic/replace-var.c:55:21: call_function: calling ‘get_variable’ from ‘replace_var’
systemd-258.1/src/basic/replace-var.c:55:21: return_function: returning to ‘replace_var’ from ‘get_variable’
systemd-258.1/src/basic/replace-var.c:56:20: branch_false: following ‘false’ branch...
systemd-258.1/src/basic/replace-var.c:58:20: branch_false: ...to here
systemd-258.1/src/basic/replace-var.c:58:20: branch_false: following ‘false’ branch...
systemd-258.1/src/basic/replace-var.c:63:21: branch_false: ...to here
systemd-258.1/src/basic/replace-var.c:63:21: danger: ‘t’ leaks here; was allocated at [(8)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/7)
#   61|                   }
#   62|   
#   63|->                 n = lookup(v, userdata);
#   64|                   if (!n)
#   65|                           goto oom;

Error: GCC_ANALYZER_WARNING (CWE-465): [#def4]
systemd-258.1/src/basic/unit-name.c:60:21: warning[-Wanalyzer-deref-before-check]: check of ‘at’ for NULL after already dereferencing it
systemd-258.1/src/basic/unit-name.c:709:5: enter_function: entry to ‘unit_name_mangle_with_suffix’
systemd-258.1/src/basic/unit-name.c:720:9: branch_false: following ‘false’ branch...
systemd-258.1/src/basic/unit-name.c:721:9: branch_false: ...to here
systemd-258.1/src/basic/unit-name.c:721:9: branch_false: following ‘false’ branch...
systemd-258.1/src/basic/unit-name.c:722:9: branch_false: ...to here
systemd-258.1/src/basic/unit-name.c:722:9: branch_false: following ‘false’ branch...
systemd-258.1/src/basic/unit-name.c:724:13: call_function: inlined call to ‘isempty’ from ‘unit_name_mangle_with_suffix’
systemd-258.1/src/basic/unit-name.c:727:14: branch_false: ...to here
systemd-258.1/src/basic/unit-name.c:727:14: call_function: calling ‘unit_suffix_is_valid’ from ‘unit_name_mangle_with_suffix’
systemd-258.1/src/basic/unit-name.c:727:14: return_function: returning to ‘unit_name_mangle_with_suffix’ from ‘unit_suffix_is_valid’
systemd-258.1/src/basic/unit-name.c:727:12: branch_true: following ‘true’ branch...
systemd-258.1/src/basic/unit-name.c:731:13: branch_true: ...to here
systemd-258.1/src/basic/unit-name.c:731:13: call_function: calling ‘unit_name_is_valid’ from ‘unit_name_mangle_with_suffix’
systemd-258.1/src/basic/unit-name.c:731:13: return_function: returning to ‘unit_name_mangle_with_suffix’ from ‘unit_name_is_valid’
systemd-258.1/src/basic/unit-name.c:731:12: branch_false: following ‘false’ branch...
systemd-258.1/src/basic/unit-name.c:735:13: branch_false: ...to here
systemd-258.1/src/basic/unit-name.c:744:12: branch_false: following ‘false’ branch...
systemd-258.1/src/basic/unit-name.c:766:13: branch_false: ...to here
systemd-258.1/src/basic/unit-name.c:767:12: branch_false: following ‘false’ branch...
systemd-258.1/src/basic/unit-name.c:770:19: branch_false: ...to here
systemd-258.1/src/basic/unit-name.c:770:19: call_function: calling ‘do_escape_mangle’ from ‘unit_name_mangle_with_suffix’
systemd-258.1/src/basic/unit-name.c:770:19: return_function: returning to ‘unit_name_mangle_with_suffix’ from ‘do_escape_mangle’
systemd-258.1/src/basic/unit-name.c:771:12: branch_true: following ‘true’ branch...
systemd-258.1/src/basic/unit-name.c:772:17: branch_true: ...to here
systemd-258.1/src/basic/unit-name.c:772:17: branch_true: following ‘true’ branch...
systemd-258.1/src/basic/unit-name.c:772:17: branch_true: ...to here
systemd-258.1/src/basic/unit-name.c:779:73: call_function: calling ‘unit_name_to_type’ from ‘unit_name_mangle_with_suffix’
#   58|           for (i = n, at = NULL; i < e; i++) {
#   59|   
#   60|->                 if (*i == '@' && !at)
#   61|                           at = i;
#   62|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def5]
systemd-258.1/src/boot/efi-string.c:673:9: warning[-Wanalyzer-malloc-leak]: leak of ‘ctx.buf’
systemd-258.1/src/boot/efi-string.c:1011:11: enter_function: entry to ‘xvasprintf_status’
systemd-258.1/src/boot/efi-string.c:1012:16: call_function: calling ‘printf_internal’ from ‘xvasprintf_status’
#  671|                   push_padding(ctx, ' ', sp->padded_len);
#  672|   
#  673|->         assert(ctx->n < ctx->n_buf);
#  674|           return true;
#  675|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def6]
systemd-258.1/src/boot/efi-string.c:973:9: warning[-Wanalyzer-malloc-leak]: leak of ‘ctx.buf’
systemd-258.1/src/boot/efi-string.c:1011:11: enter_function: entry to ‘xvasprintf_status’
systemd-258.1/src/boot/efi-string.c:1012:16: call_function: calling ‘printf_internal’ from ‘xvasprintf_status’
#  971|           va_end(ctx.ap);
#  972|   
#  973|->         assert(ctx.n < ctx.n_buf);
#  974|           ctx.buf[ctx.n++] = '\0';
#  975|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def7]
systemd-258.1/src/journal-remote/journal-remote-main.c:134:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<Uded8>[1]’
systemd-258.1/src/journal-remote/journal-remote-main.c:651:12: enter_function: entry to ‘create_remoteserver’
systemd-258.1/src/journal-remote/journal-remote-main.c:665:12: branch_false: following ‘false’ branch...
systemd-258.1/src/journal-remote/journal-remote-main.c:668:13: branch_false: ...to here
systemd-258.1/src/journal-remote/journal-remote-main.c:669:12: branch_false: following ‘false’ branch...
systemd-258.1/src/journal-remote/journal-remote-main.c:672:13: branch_false: ...to here
systemd-258.1/src/journal-remote/journal-remote-main.c:673:12: branch_false: following ‘false’ branch...
systemd-258.1/src/journal-remote/journal-remote-main.c:676:17: branch_false: ...to here
systemd-258.1/src/journal-remote/journal-remote-main.c:678:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
systemd-258.1/src/journal-remote/journal-remote-main.c:710:12: branch_false: following ‘false’ branch...
systemd-258.1/src/journal-remote/journal-remote-main.c:721:13: branch_false: ...to here
systemd-258.1/src/journal-remote/journal-remote-main.c:721:12: branch_true: following ‘true’ branch...
systemd-258.1/src/journal-remote/journal-remote-main.c:724:22: branch_true: ...to here
systemd-258.1/src/journal-remote/journal-remote-main.c:724:20: branch_false: following ‘false’ branch...
systemd-258.1/src/journal-remote/journal-remote-main.c:730:31: branch_false: ...to here
systemd-258.1/src/journal-remote/journal-remote-main.c:730:31: branch_false: following ‘false’ branch...
systemd-258.1/src/journal-remote/journal-remote-main.c:730:31: branch_false: ...to here
systemd-258.1/src/journal-remote/journal-remote-main.c:730:31: call_function: calling ‘memcpy_safe’ from ‘create_remoteserver’
systemd-258.1/src/journal-remote/journal-remote-main.c:730:31: return_function: returning to ‘create_remoteserver’ from ‘memcpy_safe’
systemd-258.1/src/journal-remote/journal-remote-main.c:732:17: branch_false: following ‘false’ branch...
systemd-258.1/src/journal-remote/journal-remote-main.c:733:22: branch_false: ...to here
systemd-258.1/src/journal-remote/journal-remote-main.c:733:22: call_function: calling ‘spawn_curl’ from ‘create_remoteserver’
#  132|                   return log_error_errno(errno, "Failed to create pager pipe: %m");
#  133|   
#  134|->         r = safe_fork_full("(remote)",
#  135|                              (int[]) {STDIN_FILENO, fd[1], STDERR_FILENO },
#  136|                              NULL, 0,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def8]
systemd-258.1/src/shared/bootspec.c:1815:1: warning[-Wanalyzer-malloc-leak]: leak of ‘combined_cmdline’
systemd-258.1/src/shared/bootspec.c:1928:5: enter_function: entry to ‘boot_entry_to_json’
systemd-258.1/src/shared/bootspec.c:1934:9: branch_false: following ‘false’ branch...
systemd-258.1/src/shared/bootspec.c:1935:9: branch_false: ...to here
systemd-258.1/src/shared/bootspec.c:1935:9: branch_false: following ‘false’ branch...
systemd-258.1/src/shared/bootspec.c:1937:18: branch_false: ...to here
systemd-258.1/src/shared/bootspec.c:1937:12: branch_false: following ‘false’ branch...
systemd-258.1/src/shared/bootspec.c:1942:13: branch_false: ...to here
systemd-258.1/src/shared/bootspec.c:1946:20: branch_false: following ‘false’ branch...
systemd-258.1/src/shared/bootspec.c:1950:13: branch_false: ...to here
systemd-258.1/src/shared/bootspec.c:1950:13: call_function: calling ‘boot_entry_title’ from ‘boot_entry_to_json’
systemd-258.1/src/shared/bootspec.c:1950:13: return_function: returning to ‘boot_entry_to_json’ from ‘boot_entry_title’
systemd-258.1/src/shared/bootspec.c:1950:13: call_function: calling ‘boot_entry_title’ from ‘boot_entry_to_json’
systemd-258.1/src/shared/bootspec.c:1950:13: return_function: returning to ‘boot_entry_to_json’ from ‘boot_entry_title’
systemd-258.1/src/shared/bootspec.c:1968:12: branch_false: following ‘false’ branch...
systemd-258.1/src/shared/bootspec.c:1974:13: branch_false: ...to here
systemd-258.1/src/shared/bootspec.c:1983:12: branch_false: following ‘false’ branch...
systemd-258.1/src/shared/bootspec.c:1986:13: branch_false: ...to here
systemd-258.1/src/shared/bootspec.c:1986:13: call_function: calling ‘json_cmdline’ from ‘boot_entry_to_json’
# 1813|                   return log_oom();
# 1814|           return 0;
# 1815|-> }
# 1816|   
# 1817|   int show_boot_entry(

Scan Properties

analyzer-version-clippy	1.90.0
analyzer-version-cppcheck	2.18.3
analyzer-version-gcc	15.2.1
analyzer-version-gcc-analyzer	16.0.0
analyzer-version-shellcheck	0.11.0
analyzer-version-unicontrol	0.0.2
diffbase-analyzer-version-clippy	1.90.0
diffbase-analyzer-version-cppcheck	2.18.3
diffbase-analyzer-version-gcc	15.2.1
diffbase-analyzer-version-gcc-analyzer	16.0.0
diffbase-analyzer-version-shellcheck	0.11.0
diffbase-analyzer-version-unicontrol	0.0.2
diffbase-enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
diffbase-exit-code	0
diffbase-host	ip-172-16-1-46.us-west-2.compute.internal
diffbase-known-false-positives	/usr/share/csmock/known-false-positives.js
diffbase-known-false-positives-rpm	known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch
diffbase-mock-config	fedora-rawhide-gcc-latest-x86_64
diffbase-project-name	systemd-258-1.fc43
diffbase-store-results-to	/tmp/tmpr5dtugm5/systemd-258-1.fc43.tar.xz
diffbase-time-created	2025-10-28 20:31:43
diffbase-time-finished	2025-10-28 20:48:44
diffbase-tool	csmock
diffbase-tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'gcc,cppcheck,shellcheck,clippy,unicontrol' '-o' '/tmp/tmpr5dtugm5/systemd-258-1.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmpr5dtugm5/systemd-258-1.fc43.src.rpm'
diffbase-tool-version	csmock-3.8.3.20251027.143044.ge6b947b-1.el9
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-46.us-west-2.compute.internal
known-false-positives	/usr/share/csmock/known-false-positives.js
known-false-positives-rpm	known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch
mock-config	fedora-rawhide-gcc-latest-x86_64
project-name	systemd-258.1-2.fc44
store-results-to	/tmp/tmpr6ou8rj6/systemd-258.1-2.fc44.tar.xz
time-created	2025-10-28 20:50:38
time-finished	2025-10-28 21:07:09
title	Newly introduced findings
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'gcc,cppcheck,shellcheck,clippy,unicontrol' '-o' '/tmp/tmpr6ou8rj6/systemd-258.1-2.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmpr6ou8rj6/systemd-258.1-2.fc44.src.rpm'
tool-version	csmock-3.8.3.20251027.143044.ge6b947b-1.el9