Error: GCC_ANALYZER_WARNING (CWE-401): [#def1] openscap-1.4.4/src/CPE/cpedict_priv.c: scope_hint: In function ‘cpe_dict_model_new’ openscap-1.4.4/src/CPE/cpedict_priv.c:303:25: warning[-Wanalyzer-malloc-leak]: leak of ‘dict’ # 301| memset(dict, 0, sizeof(struct cpe_dict_model)); # 302| # 303|-> dict->vendors = oscap_list_new(); # 304| dict->items = oscap_list_new(); # 305| Error: GCC_ANALYZER_WARNING (CWE-401): [#def2] openscap-1.4.4/src/CPE/cpedict_priv.c:304:23: warning[-Wanalyzer-malloc-leak]: leak of ‘dict’ # 302| # 303| dict->vendors = oscap_list_new(); # 304|-> dict->items = oscap_list_new(); # 305| # 306| dict->base_version = 2; // default to CPE 2.x Error: GCC_ANALYZER_WARNING (CWE-401): [#def3] openscap-1.4.4/src/CPE/cpedict_priv.c: scope_hint: In function ‘cpe_item_new’ openscap-1.4.4/src/CPE/cpedict_priv.c:341:23: warning[-Wanalyzer-malloc-leak]: leak of ‘item’ # 339| memset(item, 0, sizeof(struct cpe_item)); # 340| # 341|-> item->notes = oscap_list_new(); # 342| item->references = oscap_list_new(); # 343| item->checks = oscap_list_new(); Error: GCC_ANALYZER_WARNING (CWE-401): [#def4] openscap-1.4.4/src/CPE/cpedict_priv.c:342:28: warning[-Wanalyzer-malloc-leak]: leak of ‘item’ # 340| # 341| item->notes = oscap_list_new(); # 342|-> item->references = oscap_list_new(); # 343| item->checks = oscap_list_new(); # 344| item->titles = oscap_list_new(); Error: GCC_ANALYZER_WARNING (CWE-401): [#def5] openscap-1.4.4/src/CPE/cpedict_priv.c:343:24: warning[-Wanalyzer-malloc-leak]: leak of ‘item’ # 341| item->notes = oscap_list_new(); # 342| item->references = oscap_list_new(); # 343|-> item->checks = oscap_list_new(); # 344| item->titles = oscap_list_new(); # 345| Error: GCC_ANALYZER_WARNING (CWE-401): [#def6] openscap-1.4.4/src/CPE/cpedict_priv.c:344:24: warning[-Wanalyzer-malloc-leak]: leak of ‘item’ # 342| item->references = oscap_list_new(); # 343| item->checks = oscap_list_new(); # 344|-> item->titles = oscap_list_new(); # 345| # 346| return item; Error: GCC_ANALYZER_WARNING (CWE-476): [#def7] openscap-1.4.4/src/CPE/cpedict_priv.c: scope_hint: In function ‘cpe_notes_new’ openscap-1.4.4/src/CPE/cpedict_priv.c:385:22: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘notes’ # 383| { # 384| struct cpe_notes *notes = calloc(1, sizeof(struct cpe_notes)); # 385|-> notes->notes = oscap_list_new(); # 386| return notes; # 387| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def8] openscap-1.4.4/src/CPE/cpedict_priv.c:385:24: warning[-Wanalyzer-malloc-leak]: leak of ‘cpe_item_new()’ openscap-1.4.4/src/CPE/cpedict_priv.c: scope_hint: In function ‘cpe_notes_new’ # 383| { # 384| struct cpe_notes *notes = calloc(1, sizeof(struct cpe_notes)); # 385|-> notes->notes = oscap_list_new(); # 386| return notes; # 387| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def9] openscap-1.4.4/src/CPE/cpedict_priv.c:385:24: warning[-Wanalyzer-malloc-leak]: leak of ‘notes’ # 383| { # 384| struct cpe_notes *notes = calloc(1, sizeof(struct cpe_notes)); # 385|-> notes->notes = oscap_list_new(); # 386| return notes; # 387| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def10] openscap-1.4.4/src/CPE/cpedict_priv.c: scope_hint: In function ‘cpe_vendor_new’ openscap-1.4.4/src/CPE/cpedict_priv.c:418:24: warning[-Wanalyzer-malloc-leak]: leak of ‘item’ # 416| # 417| item->value = NULL; # 418|-> item->titles = oscap_list_new(); # 419| item->products = oscap_list_new(); # 420| Error: GCC_ANALYZER_WARNING (CWE-401): [#def11] openscap-1.4.4/src/CPE/cpedict_priv.c:419:26: warning[-Wanalyzer-malloc-leak]: leak of ‘item’ # 417| item->value = NULL; # 418| item->titles = oscap_list_new(); # 419|-> item->products = oscap_list_new(); # 420| # 421| return item; Error: GCC_ANALYZER_WARNING (CWE-401): [#def12] openscap-1.4.4/src/CPE/cpedict_priv.c:434:26: warning[-Wanalyzer-malloc-leak]: leak of ‘cpe_vendor_new()’ # 432| memset(item, 0, sizeof(struct cpe_product)); # 433| # 434|-> item->versions = oscap_list_new(); # 435| item->value = NULL; # 436| Error: GCC_ANALYZER_WARNING (CWE-401): [#def13] openscap-1.4.4/src/CPE/cpedict_priv.c: scope_hint: In function ‘cpe_product_new’ openscap-1.4.4/src/CPE/cpedict_priv.c:434:26: warning[-Wanalyzer-malloc-leak]: leak of ‘item’ # 432| memset(item, 0, sizeof(struct cpe_product)); # 433| # 434|-> item->versions = oscap_list_new(); # 435| item->value = NULL; # 436| Error: GCC_ANALYZER_WARNING (CWE-401): [#def14] openscap-1.4.4/src/CPE/cpedict_priv.c: scope_hint: In function ‘cpe_version_new’ openscap-1.4.4/src/CPE/cpedict_priv.c:450:25: warning[-Wanalyzer-malloc-leak]: leak of ‘cpe_vendor_new()’ # 448| memset(item, 0, sizeof(struct cpe_version)); # 449| # 450|-> item->updates = oscap_list_new(); # 451| item->value = NULL; # 452| Error: GCC_ANALYZER_WARNING (CWE-401): [#def15] openscap-1.4.4/src/CPE/cpedict_priv.c:450:25: warning[-Wanalyzer-malloc-leak]: leak of ‘item’ # 448| memset(item, 0, sizeof(struct cpe_version)); # 449| # 450|-> item->updates = oscap_list_new(); # 451| item->value = NULL; # 452| Error: GCC_ANALYZER_WARNING (CWE-401): [#def16] openscap-1.4.4/src/CPE/cpedict_priv.c:466:26: warning[-Wanalyzer-malloc-leak]: leak of ‘cpe_vendor_new()’ # 464| memset(item, 0, sizeof(struct cpe_update)); # 465| # 466|-> item->editions = oscap_list_new(); # 467| item->value = NULL; # 468| Error: GCC_ANALYZER_WARNING (CWE-401): [#def17] openscap-1.4.4/src/CPE/cpedict_priv.c: scope_hint: In function ‘cpe_update_new’ openscap-1.4.4/src/CPE/cpedict_priv.c:466:26: warning[-Wanalyzer-malloc-leak]: leak of ‘item’ # 464| memset(item, 0, sizeof(struct cpe_update)); # 465| # 466|-> item->editions = oscap_list_new(); # 467| item->value = NULL; # 468| Error: GCC_ANALYZER_WARNING (CWE-401): [#def18] openscap-1.4.4/src/CPE/cpedict_priv.c:482:27: warning[-Wanalyzer-malloc-leak]: leak of ‘cpe_vendor_new()’ # 480| memset(item, 0, sizeof(struct cpe_edition)); # 481| # 482|-> item->languages = oscap_list_new(); # 483| item->value = NULL; # 484| Error: GCC_ANALYZER_WARNING (CWE-401): [#def19] openscap-1.4.4/src/CPE/cpedict_priv.c: scope_hint: In function ‘cpe_edition_new’ openscap-1.4.4/src/CPE/cpedict_priv.c:482:27: warning[-Wanalyzer-malloc-leak]: leak of ‘item’ # 480| memset(item, 0, sizeof(struct cpe_edition)); # 481| # 482|-> item->languages = oscap_list_new(); # 483| item->value = NULL; # 484| Error: GCC_ANALYZER_WARNING (CWE-401): [#def20] openscap-1.4.4/src/CPE/cpedict_priv.c: scope_hint: In function ‘cpe_generator_parse’ openscap-1.4.4/src/CPE/cpedict_priv.c:618:17: warning[-Wanalyzer-malloc-leak]: leak of ‘cpe_generator_new()’ # 616| # 617| // skip nodes until new element # 618|-> xmlTextReaderNextElement(reader); # 619| # 620| while (xmlStrcmp(xmlTextReaderConstLocalName(reader), TAG_GENERATOR_STR) != 0) { Error: GCC_ANALYZER_WARNING (CWE-401): [#def21] openscap-1.4.4/src/CPE/cpedict_priv.c:620:24: warning[-Wanalyzer-malloc-leak]: leak of ‘cpe_generator_new()’ # 618| xmlTextReaderNextElement(reader); # 619| # 620|-> while (xmlStrcmp(xmlTextReaderConstLocalName(reader), TAG_GENERATOR_STR) != 0) { # 621| # 622| if ((xmlStrcmp(xmlTextReaderConstLocalName(reader), Error: GCC_ANALYZER_WARNING (CWE-401): [#def22] openscap-1.4.4/src/DS/sds.c: scope_hint: In function ‘ds_sds_compose_add_component_dependencies’ openscap-1.4.4/src/DS/sds.c:835:60: warning[-Wanalyzer-malloc-leak]: leak of ‘ds_sds_mangle_filepath(real_path)’ openscap-1.4.4/src/DS/sds.c: scope_hint: In function ‘ds_sds_compose_add_component_dependencies’ openscap-1.4.4/src/DS/sds.c: scope_hint: In function ‘ds_sds_compose_add_component_dependencies’ # 833| // the string will grow 2x the size in the worst case (every char is /) # 834| // TODO: We can do better than this by counting the slashes # 835|-> char* ret = malloc(strlen(filepath) * sizeof(char) * 2); # 836| # 837| const char* src_it = filepath; Error: GCC_ANALYZER_WARNING (CWE-476): [#def23] openscap-1.4.4/src/DS/sds.c: scope_hint: In function ‘ds_sds_mangle_filepath’ openscap-1.4.4/src/DS/sds.c:844:35: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst_it’ # 842| if (*src_it == '/') # 843| { # 844|-> *dst_it++ = '-'; # 845| *dst_it++ = '-'; # 846| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def24] openscap-1.4.4/src/DS/sds.c:848:35: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst_it’ # 846| } # 847| else if (*src_it == '@') { # 848|-> *dst_it++ = '-'; # 849| *dst_it++ = '-'; # 850| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def25] openscap-1.4.4/src/DS/sds.c:853:35: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst_it’ # 851| else # 852| { # 853|-> *dst_it++ = *src_it; # 854| } # 855| Error: GCC_ANALYZER_WARNING (CWE-476): [#def26] openscap-1.4.4/src/DS/sds.c:859:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst_it’ # 857| } # 858| # 859|-> *dst_it = '\0'; # 860| # 861| return ret; Error: GCC_ANALYZER_WARNING (CWE-401): [#def27] openscap-1.4.4/src/DS/sds.c: scope_hint: In function ‘ds_sds_compose_add_component_dependencies’ openscap-1.4.4/src/DS/sds.c:910:29: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ openscap-1.4.4/src/DS/sds.c: scope_hint: In function ‘ds_sds_compose_add_component_dependencies’ openscap-1.4.4/src/DS/sds.c: scope_hint: In function ‘ds_sds_compose_add_component_dependencies’ # 908| struct oscap_htable *exported = oscap_htable_new(); # 909| char* filepath_cpy = oscap_strdup(oscap_source_readable_origin(component_source)); # 910|-> char *dir = oscap_dirname(filepath_cpy); # 911| # 912| for (int i = 0; i < nodeset->nodeNr; i++) Error: GCC_ANALYZER_WARNING (CWE-401): [#def28] openscap-1.4.4/src/OVAL/probes/SEAP/seap-packet.c: scope_hint: In function ‘SEAP_packet_sexp2cmd’ openscap-1.4.4/src/OVAL/probes/SEAP/seap-packet.c:756:37: warning[-Wanalyzer-malloc-leak]: leak of ‘SEAP_packet_new()’ # 754| _packet->type = SEAP_PACKET_CMD; # 755| # 756|-> if (SEAP_packet_sexp2cmd (sexp_packet, &(_packet->data.cmd)) != 0) { # 757| /* error */ # 758| dD("Invalid SEAP packet received: %s.", "can't translate to cmd struct"); Error: GCC_ANALYZER_WARNING (CWE-401): [#def29] openscap-1.4.4/src/OVAL/probes/SEAP/seap-packet.c: scope_hint: In function ‘SEAP_packet_sexp2err’ openscap-1.4.4/src/OVAL/probes/SEAP/seap-packet.c:776:37: warning[-Wanalyzer-malloc-leak]: leak of ‘SEAP_packet_new()’ # 774| _packet->type = SEAP_PACKET_ERR; # 775| # 776|-> if (SEAP_packet_sexp2err (sexp_packet, &(_packet->data.err)) != 0) { # 777| /* error */ # 778| dD("Invalid SEAP packet received: %s.", "can't translate to err struct"); Error: GCC_ANALYZER_WARNING (CWE-401): [#def30] openscap-1.4.4/src/OVAL/probes/independent/environmentvariable58_probe.c: scope_hint: In function ‘read_environment’ openscap-1.4.4/src/OVAL/probes/independent/environmentvariable58_probe.c:387:17: warning[-Wanalyzer-malloc-leak]: leak of ‘new_buffer’ # 385| } # 386| # 387|-> close(fd); # 388| } # 389| closedir(d); Error: GCC_ANALYZER_WARNING (CWE-401): [#def31] openscap-1.4.4/src/OVAL/probes/independent/xmlfilecontent_probe.c:230:17: warning[-Wanalyzer-malloc-leak]: leak of ‘whole_path’ # 228| SEXP_t *msg; # 229| msg = probe_msg_creatf(OVAL_MESSAGE_LEVEL_ERROR, "xmlXPathEvalExpression() error"); # 230|-> probe_cobj_add_msg(probe_ctx_getresult(pfd->ctx), msg); # 231| SEXP_free(msg); # 232| probe_cobj_set_flag(probe_ctx_getresult(pfd->ctx), SYSCHAR_FLAG_ERROR); Error: GCC_ANALYZER_WARNING (CWE-401): [#def32] openscap-1.4.4/src/OVAL/probes/independent/xmlfilecontent_probe.c:231:17: warning[-Wanalyzer-malloc-leak]: leak of ‘whole_path’ # 229| msg = probe_msg_creatf(OVAL_MESSAGE_LEVEL_ERROR, "xmlXPathEvalExpression() error"); # 230| probe_cobj_add_msg(probe_ctx_getresult(pfd->ctx), msg); # 231|-> SEXP_free(msg); # 232| probe_cobj_set_flag(probe_ctx_getresult(pfd->ctx), SYSCHAR_FLAG_ERROR); # 233| Error: GCC_ANALYZER_WARNING (CWE-401): [#def33] openscap-1.4.4/src/OVAL/probes/independent/xmlfilecontent_probe.c:232:17: warning[-Wanalyzer-malloc-leak]: leak of ‘whole_path’ # 230| probe_cobj_add_msg(probe_ctx_getresult(pfd->ctx), msg); # 231| SEXP_free(msg); # 232|-> probe_cobj_set_flag(probe_ctx_getresult(pfd->ctx), SYSCHAR_FLAG_ERROR); # 233| # 234| ret = -3; Error: GCC_ANALYZER_WARNING (CWE-401): [#def34] openscap-1.4.4/src/OVAL/probes/independent/xmlfilecontent_probe.c:245:16: warning[-Wanalyzer-malloc-leak]: leak of ‘whole_path’ # 243| } # 244| # 245|-> item = probe_item_create(OVAL_INDEPENDENT_XML_FILE_CONTENT, NULL, # 246| "filepath", OVAL_DATATYPE_STRING, filepath, # 247| "path", OVAL_DATATYPE_STRING, path, Error: GCC_ANALYZER_WARNING (CWE-401): [#def35] openscap-1.4.4/tests/API/SEAP/test_api_seap_spb.c: scope_hint: In function ‘main’ openscap-1.4.4/tests/API/SEAP/test_api_seap_spb.c:43:32: warning[-Wanalyzer-malloc-leak]: leak of ‘iov[0].iov_base’ # 41| case EINVAL: # 42| fprintf (stderr, "Invalid seed: Not a number\n"); # 43|-> return (-1); # 44| } # 45| break; Error: GCC_ANALYZER_WARNING (CWE-401): [#def36] openscap-1.4.4/tests/API/SEAP/test_api_seap_spb.c:43:32: warning[-Wanalyzer-malloc-leak]: leak of ‘iov[1].iov_base’ # 41| case EINVAL: # 42| fprintf (stderr, "Invalid seed: Not a number\n"); # 43|-> return (-1); # 44| } # 45| break; Error: GCC_ANALYZER_WARNING (CWE-401): [#def37] openscap-1.4.4/tests/API/SEAP/test_api_seap_spb.c:43:32: warning[-Wanalyzer-malloc-leak]: leak of ‘iov[2].iov_base’ # 41| case EINVAL: # 42| fprintf (stderr, "Invalid seed: Not a number\n"); # 43|-> return (-1); # 44| } # 45| break; Error: GCC_ANALYZER_WARNING (CWE-401): [#def38] openscap-1.4.4/tests/API/SEAP/test_api_seap_spb.c:68:41: warning[-Wanalyzer-malloc-leak]: leak of ‘iov[0].iov_base’ # 66| # 67| if (iov[i].iov_base == NULL) { # 68|-> perror ("iov alloc"); # 69| return (2); # 70| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def39] openscap-1.4.4/tests/API/SEAP/test_api_seap_spb.c:68:41: warning[-Wanalyzer-malloc-leak]: leak of ‘iov[1].iov_base’ # 66| # 67| if (iov[i].iov_base == NULL) { # 68|-> perror ("iov alloc"); # 69| return (2); # 70| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def40] openscap-1.4.4/tests/API/SEAP/test_api_seap_spb.c:68:41: warning[-Wanalyzer-malloc-leak]: leak of ‘iov[2].iov_base’ # 66| # 67| if (iov[i].iov_base == NULL) { # 68|-> perror ("iov alloc"); # 69| return (2); # 70| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def41] openscap-1.4.4/tests/API/SEAP/test_api_seap_spb.c:68:41: warning[-Wanalyzer-malloc-leak]: leak of ‘r_buf’ # 66| # 67| if (iov[i].iov_base == NULL) { # 68|-> perror ("iov alloc"); # 69| return (2); # 70| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def42] openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:39:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "rb")’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’ # 37| oscap_assert(file != NULL); # 38| # 39|-> fseek(file, 0, SEEK_END); # 40| unsigned long len = ftell(file); # 41| fseek(file, 0, SEEK_SET); Error: GCC_ANALYZER_WARNING (CWE-401): [#def43] openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:40:29: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "rb")’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’ # 38| # 39| fseek(file, 0, SEEK_END); # 40|-> unsigned long len = ftell(file); # 41| fseek(file, 0, SEEK_SET); # 42| Error: GCC_ANALYZER_WARNING (CWE-401): [#def44] openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:41:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "rb")’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’ # 39| fseek(file, 0, SEEK_END); # 40| unsigned long len = ftell(file); # 41|-> fseek(file, 0, SEEK_SET); # 42| # 43| oscap_assert(buffer != NULL); Error: GCC_ANALYZER_WARNING (CWE-401): [#def45] openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:44:30: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "rb")’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:43:9: note: in expansion of macro ‘oscap_assert’ # 42| # 43| oscap_assert(buffer != NULL); # 44|-> *buffer = malloc(len + 1); # 45| oscap_assert(*buffer != NULL); # 46| Error: GCC_ANALYZER_WARNING (CWE-401): [#def46] openscap-1.4.4/tests/bz2/test_bz2_memory_source.c: scope_hint: In function ‘main’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:61:36: warning[-Wanalyzer-malloc-leak]: leak of ‘buffer’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:56:9: note: in expansion of macro ‘oscap_assert’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:43:9: note: in expansion of macro ‘oscap_assert’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:45:9: note: in expansion of macro ‘oscap_assert’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:45:9: note: in expansion of macro ‘oscap_assert’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:59:9: note: in expansion of macro ‘oscap_assert’ # 59| oscap_assert(buff_size != 0); # 60| # 61|-> struct oscap_source *src = oscap_source_new_from_memory(buffer, buff_size, "file.xml.bz2"); # 62| printf("SCAP TYPE: %s\n", oscap_document_type_to_string(oscap_source_get_scap_type(src))); # 63| oscap_assert(oscap_source_validate(src, NULL, NULL) == 0); Error: GCC_ANALYZER_WARNING (CWE-401): [#def47] openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:62:9: warning[-Wanalyzer-malloc-leak]: leak of ‘buffer’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:56:9: note: in expansion of macro ‘oscap_assert’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:43:9: note: in expansion of macro ‘oscap_assert’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:45:9: note: in expansion of macro ‘oscap_assert’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:45:9: note: in expansion of macro ‘oscap_assert’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:59:9: note: in expansion of macro ‘oscap_assert’ # 60| # 61| struct oscap_source *src = oscap_source_new_from_memory(buffer, buff_size, "file.xml.bz2"); # 62|-> printf("SCAP TYPE: %s\n", oscap_document_type_to_string(oscap_source_get_scap_type(src))); # 63| oscap_assert(oscap_source_validate(src, NULL, NULL) == 0); # 64| oscap_source_free(src); Error: GCC_ANALYZER_WARNING (CWE-401): [#def48] openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:63:22: warning[-Wanalyzer-malloc-leak]: leak of ‘buffer’ openscap-1.4.4/tests/oscap_assert.h:30:15: note: in definition of macro ‘oscap_assert’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:56:9: note: in expansion of macro ‘oscap_assert’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:43:9: note: in expansion of macro ‘oscap_assert’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:45:9: note: in expansion of macro ‘oscap_assert’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:45:9: note: in expansion of macro ‘oscap_assert’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:59:9: note: in expansion of macro ‘oscap_assert’ openscap-1.4.4/tests/oscap_assert.h:30:15: note: in definition of macro ‘oscap_assert’ openscap-1.4.4/tests/oscap_assert.h:30:15: note: in definition of macro ‘oscap_assert’ # 61| struct oscap_source *src = oscap_source_new_from_memory(buffer, buff_size, "file.xml.bz2"); # 62| printf("SCAP TYPE: %s\n", oscap_document_type_to_string(oscap_source_get_scap_type(src))); # 63|-> oscap_assert(oscap_source_validate(src, NULL, NULL) == 0); # 64| oscap_source_free(src); # 65| free(buffer); Error: GCC_ANALYZER_WARNING (CWE-401): [#def49] openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:64:9: warning[-Wanalyzer-malloc-leak]: leak of ‘buffer’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:56:9: note: in expansion of macro ‘oscap_assert’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:43:9: note: in expansion of macro ‘oscap_assert’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:45:9: note: in expansion of macro ‘oscap_assert’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:45:9: note: in expansion of macro ‘oscap_assert’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:59:9: note: in expansion of macro ‘oscap_assert’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:63:9: note: in expansion of macro ‘oscap_assert’ # 62| printf("SCAP TYPE: %s\n", oscap_document_type_to_string(oscap_source_get_scap_type(src))); # 63| oscap_assert(oscap_source_validate(src, NULL, NULL) == 0); # 64|-> oscap_source_free(src); # 65| free(buffer); # 66| Error: GCC_ANALYZER_WARNING (CWE-401): [#def50] openscap-1.4.4/tests/oscap_assert.h:30:12: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "rb")’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:43:9: note: in expansion of macro ‘oscap_assert’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’ openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:43:9: note: in expansion of macro ‘oscap_assert’ # 28| /* Unlike standard assert() macro this works even if NDEBUG is defined. */ # 29| #define oscap_assert(expr) \ # 30|-> if (!(expr)) { \ # 31| fprintf(stderr, "Assertion failed: %s, file %s, line %d, function %s.", #expr, __FILE__, __LINE__, __PRETTY_FUNCTION__); \ # 32| abort(); \ Error: GCC_ANALYZER_WARNING (CWE-401): [#def51] openscap-1.4.4/utils/oscap-xccdf.c:1052:17: warning[-Wanalyzer-malloc-leak]: leak of ‘oval_result’ # 1050| if (strcmp(oscap_file_entry_get_system(file_entry), namespace)) # 1051| continue; # 1052|-> snprintf(oval_result, PATH_MAX, "./%s.result.xml", oscap_file_entry_get_file(file_entry)); # 1053| if (stat(oval_result, &sb) == 0) { # 1054| result = true;
| analyzer-version-clippy | 1.92.0 |
| analyzer-version-cppcheck | 2.19.1 |
| analyzer-version-gcc | 16.0.0 |
| analyzer-version-gcc-analyzer | 16.0.0 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.92.0 |
| diffbase-analyzer-version-cppcheck | 2.19.1 |
| diffbase-analyzer-version-gcc | 16.0.0 |
| diffbase-analyzer-version-gcc-analyzer | 16.0.0 |
| diffbase-analyzer-version-shellcheck | 0.11.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-42.us-west-2.compute.internal |
| diffbase-known-false-positives | /usr/share/csmock/known-false-positives.js |
| diffbase-known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| diffbase-mock-config | fedora-rawhide-x86_64 |
| diffbase-project-name | openscap-1.4.4-0.20260112115410058871.main.21.g7a61a088a |
| diffbase-store-results-to | /tmp/tmp756cox7i/openscap-1.4.4-0.20260112115410058871.main.21.g7a61a088a.tar.xz |
| diffbase-time-created | 2026-01-12 19:17:41 |
| diffbase-time-finished | 2026-01-12 19:31:22 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmp756cox7i/openscap-1.4.4-0.20260112115410058871.main.21.g7a61a088a.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '/tmp/tmp756cox7i/openscap-1.4.4-0.20260112115410058871.main.21.g7a61a088a.src.rpm' |
| diffbase-tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-42.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | openscap-1.4.4-0.20260112191147550721.pr2298.23.g7c78edb0a |
| store-results-to | /tmp/tmpmhghk68z/openscap-1.4.4-0.20260112191147550721.pr2298.23.g7c78edb0a.tar.xz |
| time-created | 2026-01-12 19:32:04 |
| time-finished | 2026-01-12 19:44:40 |
| title | Newly introduced findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmpmhghk68z/openscap-1.4.4-0.20260112191147550721.pr2298.23.g7c78edb0a.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '/tmp/tmpmhghk68z/openscap-1.4.4-0.20260112191147550721.pr2298.23.g7c78edb0a.src.rpm' |
| tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |