Error: GCC_ANALYZER_WARNING (CWE-401): [#def1] openscap-1.4.4/src/CPE/cpelang_priv.c: scope_hint: In function ‘cpe_testexpr_parse’ openscap-1.4.4/src/CPE/cpelang_priv.c:326:14: warning[-Wanalyzer-malloc-leak]: leak of ‘cpe_testexpr_new()’ # 324| # 325| // it's fact-ref only, fill the structure and return it # 326|-> if (!xmlStrcmp(xmlTextReaderConstLocalName(reader), TAG_FACT_REF_STR) && # 327| xmlTextReaderNodeType(reader) == XML_READER_TYPE_ELEMENT) { # 328| ret->oper = CPE_LANG_OPER_MATCH; Error: GCC_ANALYZER_WARNING (CWE-401): [#def2] openscap-1.4.4/src/CPE/cpelang_priv.c:327:13: warning[-Wanalyzer-malloc-leak]: leak of ‘cpe_testexpr_new()’ # 325| // it's fact-ref only, fill the structure and return it # 326| if (!xmlStrcmp(xmlTextReaderConstLocalName(reader), TAG_FACT_REF_STR) && # 327|-> xmlTextReaderNodeType(reader) == XML_READER_TYPE_ELEMENT) { # 328| ret->oper = CPE_LANG_OPER_MATCH; # 329| temp = xmlTextReaderGetAttribute(reader, ATTR_NAME_STR); Error: GCC_ANALYZER_WARNING (CWE-401): [#def3] openscap-1.4.4/src/CPE/cpelang_priv.c:329:24: warning[-Wanalyzer-malloc-leak]: leak of ‘cpe_testexpr_new()’ # 327| xmlTextReaderNodeType(reader) == XML_READER_TYPE_ELEMENT) { # 328| ret->oper = CPE_LANG_OPER_MATCH; # 329|-> temp = xmlTextReaderGetAttribute(reader, ATTR_NAME_STR); # 330| ret->meta.cpe = cpe_name_new((char *)temp); # 331| xmlFree(temp); Error: GCC_ANALYZER_WARNING (CWE-401): [#def4] openscap-1.4.4/src/DS/rds_index.c:263:29: warning[-Wanalyzer-malloc-leak]: leak of ‘rds_index_new()’ # 261| # 262| if (strcmp(name, "report-requests") == 0) { # 263|-> if (xmlTextReaderRead(reader) != 1) { # 264| oscap_setxmlerr(xmlGetLastError()); # 265| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def5] openscap-1.4.4/src/DS/rds_index.c:267:32: warning[-Wanalyzer-malloc-leak]: leak of ‘rds_index_new()’ # 265| } # 266| # 267|-> while (oscap_to_start_element(reader, 2)) # 268| { # 269| if (strcmp((const char*)xmlTextReaderConstLocalName(reader), "report-request") != 0) { Error: GCC_ANALYZER_WARNING (CWE-401): [#def6] openscap-1.4.4/src/DS/rds_index.c:269:57: warning[-Wanalyzer-malloc-leak]: leak of ‘rds_index_new()’ # 267| while (oscap_to_start_element(reader, 2)) # 268| { # 269|-> if (strcmp((const char*)xmlTextReaderConstLocalName(reader), "report-request") != 0) { # 270| // TODO: warning? # 271| continue; Error: GCC_ANALYZER_WARNING (CWE-401): [#def7] openscap-1.4.4/src/DS/rds_index.c:274:77: warning[-Wanalyzer-malloc-leak]: leak of ‘rds_index_new()’ # 272| } # 273| # 274|-> struct rds_report_request_index* rr_index = rds_report_request_index_parse(reader); # 275| rds_index_add_report_request(ret, rr_index); # 276| Error: GCC_ANALYZER_WARNING (CWE-401): [#def8] openscap-1.4.4/src/DS/rds_index.c:284:29: warning[-Wanalyzer-malloc-leak]: leak of ‘rds_index_new()’ # 282| else if (strcmp(name, "assets") == 0) # 283| { # 284|-> if (xmlTextReaderRead(reader) != 1) { # 285| oscap_setxmlerr(xmlGetLastError()); # 286| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def9] openscap-1.4.4/src/DS/rds_index.c:288:32: warning[-Wanalyzer-malloc-leak]: leak of ‘rds_index_new()’ # 286| } # 287| # 288|-> while (oscap_to_start_element(reader, 2)) # 289| { # 290| if (strcmp((const char*)xmlTextReaderConstLocalName(reader), "asset") != 0) { Error: GCC_ANALYZER_WARNING (CWE-401): [#def10] openscap-1.4.4/src/DS/rds_index.c:290:57: warning[-Wanalyzer-malloc-leak]: leak of ‘rds_index_new()’ # 288| while (oscap_to_start_element(reader, 2)) # 289| { # 290|-> if (strcmp((const char*)xmlTextReaderConstLocalName(reader), "asset") != 0) { # 291| // TODO: warning? # 292| continue; Error: GCC_ANALYZER_WARNING (CWE-401): [#def11] openscap-1.4.4/src/DS/rds_index.c:295:67: warning[-Wanalyzer-malloc-leak]: leak of ‘rds_index_new()’ # 293| } # 294| # 295|-> struct rds_asset_index* a_index = rds_asset_index_parse(reader); # 296| rds_index_add_asset(ret, a_index); # 297| Error: GCC_ANALYZER_WARNING (CWE-401): [#def12] openscap-1.4.4/src/DS/rds_index.c:305:29: warning[-Wanalyzer-malloc-leak]: leak of ‘rds_index_new()’ # 303| else if (strcmp(name, "reports") == 0) # 304| { # 305|-> if (xmlTextReaderRead(reader) != 1) { # 306| oscap_setxmlerr(xmlGetLastError()); # 307| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def13] openscap-1.4.4/src/DS/rds_index.c:309:32: warning[-Wanalyzer-malloc-leak]: leak of ‘rds_index_new()’ # 307| } # 308| # 309|-> while (oscap_to_start_element(reader, 2)) # 310| { # 311| if (strcmp((const char*)xmlTextReaderConstLocalName(reader), "report") != 0) { Error: GCC_ANALYZER_WARNING (CWE-401): [#def14] openscap-1.4.4/src/DS/rds_index.c:311:57: warning[-Wanalyzer-malloc-leak]: leak of ‘rds_index_new()’ # 309| while (oscap_to_start_element(reader, 2)) # 310| { # 311|-> if (strcmp((const char*)xmlTextReaderConstLocalName(reader), "report") != 0) { # 312| // TODO: warning? # 313| continue; Error: GCC_ANALYZER_WARNING (CWE-401): [#def15] openscap-1.4.4/src/DS/rds_index.c:316:68: warning[-Wanalyzer-malloc-leak]: leak of ‘rds_index_new()’ # 314| } # 315| # 316|-> struct rds_report_index* r_index = rds_report_index_parse(reader); # 317| rds_index_add_report(ret, r_index); # 318| Error: GCC_ANALYZER_WARNING (CWE-401): [#def16] openscap-1.4.4/src/DS/rds_index.c:329:61: warning[-Wanalyzer-malloc-leak]: leak of ‘rds_index_new()’ # 327| // # 328| // extended = 1 means that we want to copy all including children # 329|-> xmlNodePtr new_relationships_node = xmlCopyNode(xmlTextReaderExpand(reader), 1); # 330| # 331| if (relationships_node) Error: GCC_ANALYZER_WARNING (CWE-401): [#def17] openscap-1.4.4/src/DS/rds_index.c:335:33: warning[-Wanalyzer-malloc-leak]: leak of ‘rds_index_new()’ # 333| oscap_seterr(OSCAP_EFAMILY_XML, "There is more than 1 <core:relationships> element in the Result DataStream.\n" # 334| "Please make sure the input file is valid! Only the first element will be used to build the index!"); # 335|-> xmlFreeNode(new_relationships_node); # 336| } # 337| else Error: GCC_ANALYZER_WARNING (CWE-401): [#def18] openscap-1.4.4/src/DS/rds_index.c:345:17: warning[-Wanalyzer-malloc-leak]: leak of ‘rds_index_new()’ # 343| } # 344| # 345|-> xmlTextReaderRead(reader); # 346| } # 347| Error: GCC_ANALYZER_WARNING (CWE-401): [#def19] openscap-1.4.4/src/DS/rds_index.c:349:9: warning[-Wanalyzer-malloc-leak]: leak of ‘rds_index_new()’ openscap-1.4.4/src/DS/rds_index.c:185:17: note: in expansion of macro ‘oscap_seterr’ # 347| # 348| _parse_relationships_node(ret, relationships_node); # 349|-> xmlFreeNode(relationships_node); # 350| # 351| return ret; Error: GCC_ANALYZER_WARNING (CWE-401): [#def20] openscap-1.4.4/src/OVAL/oval_component.c:1017:16: warning[-Wanalyzer-malloc-leak]: leak of ‘oval_component_new(model, 10)’ openscap-1.4.4/src/OVAL/oval_component.c: scope_hint: In function ‘_oval_component_parse_TIMEDIF_tag’ # 1015| { # 1016| oval_component_FUNCTION_t *function = (oval_component_FUNCTION_t *) component; # 1017|-> return oval_parser_parse_tag(reader, context, &oval_subcomp_tag_consume, function); # 1018| } # 1019| Error: GCC_ANALYZER_WARNING (CWE-401): [#def21] openscap-1.4.4/src/OVAL/oval_component.c:1017:16: warning[-Wanalyzer-malloc-leak]: leak of ‘oval_component_new(model, 11)’ openscap-1.4.4/src/OVAL/oval_component.c: scope_hint: In function ‘oval_component_parse_tag’ # 1015| { # 1016| oval_component_FUNCTION_t *function = (oval_component_FUNCTION_t *) component; # 1017|-> return oval_parser_parse_tag(reader, context, &oval_subcomp_tag_consume, function); # 1018| } # 1019| Error: GCC_ANALYZER_WARNING (CWE-401): [#def22] openscap-1.4.4/src/OVAL/oval_component.c:1017:16: warning[-Wanalyzer-malloc-leak]: leak of ‘oval_component_new(model, 12)’ openscap-1.4.4/src/OVAL/oval_component.c: scope_hint: In function ‘_oval_component_parse_REGEX_CAPTURE_tag’ # 1015| { # 1016| oval_component_FUNCTION_t *function = (oval_component_FUNCTION_t *) component; # 1017|-> return oval_parser_parse_tag(reader, context, &oval_subcomp_tag_consume, function); # 1018| } # 1019| Error: GCC_ANALYZER_WARNING (CWE-401): [#def23] openscap-1.4.4/src/OVAL/oval_component.c:1017:16: warning[-Wanalyzer-malloc-leak]: leak of ‘oval_component_new(model, 15)’ openscap-1.4.4/src/OVAL/oval_component.c: scope_hint: In function ‘oval_component_parse_tag’ # 1015| { # 1016| oval_component_FUNCTION_t *function = (oval_component_FUNCTION_t *) component; # 1017|-> return oval_parser_parse_tag(reader, context, &oval_subcomp_tag_consume, function); # 1018| } # 1019| Error: GCC_ANALYZER_WARNING (CWE-401): [#def24] openscap-1.4.4/src/OVAL/oval_component.c:1017:16: warning[-Wanalyzer-malloc-leak]: leak of ‘oval_component_new(model, 5)’ openscap-1.4.4/src/OVAL/oval_component.c: scope_hint: In function ‘_oval_component_parse_BEGEND_tag’ # 1015| { # 1016| oval_component_FUNCTION_t *function = (oval_component_FUNCTION_t *) component; # 1017|-> return oval_parser_parse_tag(reader, context, &oval_subcomp_tag_consume, function); # 1018| } # 1019| Error: GCC_ANALYZER_WARNING (CWE-401): [#def25] openscap-1.4.4/src/OVAL/oval_component.c:1017:16: warning[-Wanalyzer-malloc-leak]: leak of ‘oval_component_new(model, 7)’ openscap-1.4.4/src/OVAL/oval_component.c: scope_hint: In function ‘_oval_component_parse_BEGEND_tag’ # 1015| { # 1016| oval_component_FUNCTION_t *function = (oval_component_FUNCTION_t *) component; # 1017|-> return oval_parser_parse_tag(reader, context, &oval_subcomp_tag_consume, function); # 1018| } # 1019| Error: GCC_ANALYZER_WARNING (CWE-401): [#def26] openscap-1.4.4/src/OVAL/oval_component.c:1017:16: warning[-Wanalyzer-malloc-leak]: leak of ‘oval_component_new(model, 8)’ openscap-1.4.4/src/OVAL/oval_component.c: scope_hint: In function ‘_oval_component_parse_SPLIT_tag’ # 1015| { # 1016| oval_component_FUNCTION_t *function = (oval_component_FUNCTION_t *) component; # 1017|-> return oval_parser_parse_tag(reader, context, &oval_subcomp_tag_consume, function); # 1018| } # 1019| Error: GCC_ANALYZER_WARNING (CWE-401): [#def27] openscap-1.4.4/src/OVAL/oval_component.c:1017:16: warning[-Wanalyzer-malloc-leak]: leak of ‘oval_component_new(model, 9)’ openscap-1.4.4/src/OVAL/oval_component.c: scope_hint: In function ‘_oval_component_parse_SUBSTRING_tag’ # 1015| { # 1016| oval_component_FUNCTION_t *function = (oval_component_FUNCTION_t *) component; # 1017|-> return oval_parser_parse_tag(reader, context, &oval_subcomp_tag_consume, function); # 1018| } # 1019| Error: GCC_ANALYZER_WARNING (CWE-401): [#def28] openscap-1.4.4/src/OVAL/oval_component.c: scope_hint: In function ‘_oval_component_parse_ARITHMETIC_tag’ openscap-1.4.4/src/OVAL/oval_component.c:1026:49: warning[-Wanalyzer-malloc-leak]: leak of ‘oval_component_new(model, 13)’ # 1024| # 1025| oval_component_ARITHMETIC_t *arithmetic = (oval_component_ARITHMETIC_t *) component; # 1026|-> oval_arithmetic_operation_t operation = oval_arithmetic_operation_parse(reader, "arithmetic_operation", # 1027| OVAL_ARITHMETIC_UNKNOWN); # 1028| arithmetic->operation = operation; Error: GCC_ANALYZER_WARNING (CWE-476): [#def29] openscap-1.4.4/src/OVAL/oval_component.c:1028:31: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘component’ # 1026| oval_arithmetic_operation_t operation = oval_arithmetic_operation_parse(reader, "arithmetic_operation", # 1027| OVAL_ARITHMETIC_UNKNOWN); # 1028|-> arithmetic->operation = operation; # 1029| return _oval_component_parse_FUNCTION_tag(reader, context, component); # 1030| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def30] openscap-1.4.4/src/OVAL/oval_component.c: scope_hint: In function ‘_oval_component_parse_BEGEND_tag’ openscap-1.4.4/src/OVAL/oval_component.c:1039:27: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘component’ # 1037| # 1038| oval_component_BEGEND_t *begend = (oval_component_BEGEND_t *) component; # 1039|-> begend->character = (char *)xmlTextReaderGetAttribute(reader, BAD_CAST "character"); # 1040| # 1041| return _oval_component_parse_FUNCTION_tag(reader, context, component); Error: GCC_ANALYZER_WARNING (CWE-401): [#def31] openscap-1.4.4/src/OVAL/oval_component.c:1039:37: warning[-Wanalyzer-malloc-leak]: leak of ‘oval_component_new(model, 5)’ # 1037| # 1038| oval_component_BEGEND_t *begend = (oval_component_BEGEND_t *) component; # 1039|-> begend->character = (char *)xmlTextReaderGetAttribute(reader, BAD_CAST "character"); # 1040| # 1041| return _oval_component_parse_FUNCTION_tag(reader, context, component); Error: GCC_ANALYZER_WARNING (CWE-401): [#def32] openscap-1.4.4/src/OVAL/oval_component.c:1039:37: warning[-Wanalyzer-malloc-leak]: leak of ‘oval_component_new(model, 7)’ # 1037| # 1038| oval_component_BEGEND_t *begend = (oval_component_BEGEND_t *) component; # 1039|-> begend->character = (char *)xmlTextReaderGetAttribute(reader, BAD_CAST "character"); # 1040| # 1041| return _oval_component_parse_FUNCTION_tag(reader, context, component); Error: GCC_ANALYZER_WARNING (CWE-476): [#def33] openscap-1.4.4/src/OVAL/oval_component.c: scope_hint: In function ‘_oval_component_parse_SPLIT_tag’ openscap-1.4.4/src/OVAL/oval_component.c:1051:26: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘component’ # 1049| # 1050| oval_component_SPLIT_t *split = (oval_component_SPLIT_t *) component; # 1051|-> split->delimiter = (char *)xmlTextReaderGetAttribute(reader, BAD_CAST "delimiter"); # 1052| # 1053| return _oval_component_parse_FUNCTION_tag(reader, context, component); Error: GCC_ANALYZER_WARNING (CWE-401): [#def34] openscap-1.4.4/src/OVAL/oval_component.c:1051:36: warning[-Wanalyzer-malloc-leak]: leak of ‘oval_component_new(model, 8)’ # 1049| # 1050| oval_component_SPLIT_t *split = (oval_component_SPLIT_t *) component; # 1051|-> split->delimiter = (char *)xmlTextReaderGetAttribute(reader, BAD_CAST "delimiter"); # 1052| # 1053| return _oval_component_parse_FUNCTION_tag(reader, context, component); Error: GCC_ANALYZER_WARNING (CWE-401): [#def35] openscap-1.4.4/src/OVAL/oval_component.c: scope_hint: In function ‘_oval_component_parse_GLOB_TO_REGEX_tag’ openscap-1.4.4/src/OVAL/oval_component.c:1063:9: warning[-Wanalyzer-malloc-leak]: leak of ‘oval_component_new(model, 16)’ openscap-1.4.4/src/OVAL/oval_component.c: scope_hint: In function ‘_oval_component_parse_GLOB_TO_REGEX_tag’ # 1061| # 1062| oval_component_GLOB_t *glob_to_regex = (oval_component_GLOB_t *) component; # 1063|-> glob_to_regex->glob_noescape = oval_parser_boolean_attribute(reader, "glob_noescape", 0); # 1064| # 1065| return _oval_component_parse_FUNCTION_tag(reader, context, component); Error: GCC_ANALYZER_WARNING (CWE-476): [#def36] openscap-1.4.4/src/OVAL/oval_component.c:1063:38: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘component’ # 1061| # 1062| oval_component_GLOB_t *glob_to_regex = (oval_component_GLOB_t *) component; # 1063|-> glob_to_regex->glob_noescape = oval_parser_boolean_attribute(reader, "glob_noescape", 0); # 1064| # 1065| return _oval_component_parse_FUNCTION_tag(reader, context, component); Error: GCC_ANALYZER_WARNING (CWE-401): [#def37] openscap-1.4.4/src/OVAL/oval_component.c:1063:40: warning[-Wanalyzer-malloc-leak]: leak of ‘oval_component_new(model, 16)’ # 1061| # 1062| oval_component_GLOB_t *glob_to_regex = (oval_component_GLOB_t *) component; # 1063|-> glob_to_regex->glob_noescape = oval_parser_boolean_attribute(reader, "glob_noescape", 0); # 1064| # 1065| return _oval_component_parse_FUNCTION_tag(reader, context, component); Error: GCC_ANALYZER_WARNING (CWE-401): [#def38] openscap-1.4.4/src/OVAL/oval_component.c: scope_hint: In function ‘_oval_component_parse_SUBSTRING_tag’ openscap-1.4.4/src/OVAL/oval_component.c:1076:36: warning[-Wanalyzer-malloc-leak]: leak of ‘oval_component_new(model, 9)’ # 1074| # 1075| oval_component_SUBSTRING_t *substring = (oval_component_SUBSTRING_t *) component; # 1076|-> char *start_text = (char *)xmlTextReaderGetAttribute(reader, BAD_CAST "substring_start"); # 1077| char *length_text = (char *)xmlTextReaderGetAttribute(reader, BAD_CAST "substring_length"); # 1078| int start = (start_text == NULL) ? 0 : atoi(start_text); Error: GCC_ANALYZER_WARNING (CWE-401): [#def39] openscap-1.4.4/src/OVAL/oval_component.c:1077:37: warning[-Wanalyzer-malloc-leak]: leak of ‘oval_component_new(model, 9)’ # 1075| oval_component_SUBSTRING_t *substring = (oval_component_SUBSTRING_t *) component; # 1076| char *start_text = (char *)xmlTextReaderGetAttribute(reader, BAD_CAST "substring_start"); # 1077|-> char *length_text = (char *)xmlTextReaderGetAttribute(reader, BAD_CAST "substring_length"); # 1078| int start = (start_text == NULL) ? 0 : atoi(start_text); # 1079| int length = (length_text == NULL) ? 0 : atoi(length_text); Error: GCC_ANALYZER_WARNING (CWE-476): [#def40] openscap-1.4.4/src/OVAL/oval_component.c:1084:26: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘component’ # 1082| if (length_text != NULL) # 1083| free(length_text); # 1084|-> substring->start = start; # 1085| substring->length = length; # 1086| Error: GCC_ANALYZER_WARNING (CWE-401): [#def41] openscap-1.4.4/src/OVAL/oval_component.c: scope_hint: In function ‘_oval_component_parse_TIMEDIF_tag’ openscap-1.4.4/src/OVAL/oval_component.c:1097:43: warning[-Wanalyzer-malloc-leak]: leak of ‘oval_component_new(model, 10)’ # 1095| # 1096| oval_component_TIMEDIF_t *timedif = (oval_component_TIMEDIF_t *) component; # 1097|-> oval_datetime_format_t format_1 = oval_datetime_format_parse(reader, "format_1", # 1098| OVAL_DATETIME_YEAR_MONTH_DAY); # 1099| oval_datetime_format_t format_2 = oval_datetime_format_parse(reader, "format_2", Error: GCC_ANALYZER_WARNING (CWE-401): [#def42] openscap-1.4.4/src/OVAL/oval_component.c:1099:43: warning[-Wanalyzer-malloc-leak]: leak of ‘oval_component_new(model, 10)’ # 1097| oval_datetime_format_t format_1 = oval_datetime_format_parse(reader, "format_1", # 1098| OVAL_DATETIME_YEAR_MONTH_DAY); # 1099|-> oval_datetime_format_t format_2 = oval_datetime_format_parse(reader, "format_2", # 1100| OVAL_DATETIME_YEAR_MONTH_DAY); # 1101| timedif->format_1 = format_1; Error: GCC_ANALYZER_WARNING (CWE-476): [#def43] openscap-1.4.4/src/OVAL/oval_component.c:1101:27: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘component’ # 1099| oval_datetime_format_t format_2 = oval_datetime_format_parse(reader, "format_2", # 1100| OVAL_DATETIME_YEAR_MONTH_DAY); # 1101|-> timedif->format_1 = format_1; # 1102| timedif->format_2 = format_2; # 1103| Error: GCC_ANALYZER_WARNING (CWE-401): [#def44] openscap-1.4.4/src/OVAL/probes/SEAP/sexp-manip.c: scope_hint: In function ‘SEXP_list_join’ openscap-1.4.4/src/OVAL/probes/SEAP/sexp-manip.c:1255:55: warning[-Wanalyzer-malloc-leak]: leak of ‘SEXP_new()’ # 1253| # 1254| list_j = SEXP_new (); # 1255|-> list_j->s_valp = SEXP_rawval_list_copy (list_a->s_valp); # 1256| # 1257| SEXP_list_foreach (memb, list_b) Error: GCC_ANALYZER_WARNING (CWE-401): [#def45] openscap-1.4.4/src/OVAL/probes/SEAP/sexp-manip.c: scope_hint: In function ‘SEXP_list_it_new’ openscap-1.4.4/src/OVAL/probes/SEAP/sexp-manip.c:1333:34: warning[-Wanalyzer-malloc-leak]: leak of ‘SEXP_list_it_new(a)’ # 1331| } # 1332| # 1333|-> SEXP_val_dsc(&v_dsc, list->s_valp); # 1334| # 1335| if (v_dsc.type != SEXP_VALTYPE_LIST) { Error: GCC_ANALYZER_WARNING (CWE-401): [#def46] openscap-1.4.4/src/OVAL/probes/SEAP/sexp-manip.c:1333:34: warning[-Wanalyzer-malloc-leak]: leak of ‘SEXP_list_it_new(b)’ # 1331| } # 1332| # 1333|-> SEXP_val_dsc(&v_dsc, list->s_valp); # 1334| # 1335| if (v_dsc.type != SEXP_VALTYPE_LIST) { Error: GCC_ANALYZER_WARNING (CWE-476): [#def47] openscap-1.4.4/src/OVAL/probes/SEAP/sexp-manip.c: scope_hint: In function ‘SEXP_list_it_new’ openscap-1.4.4/src/OVAL/probes/SEAP/sexp-manip.c:1341:19: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘it’ # 1339| # 1340| SEXP_list_it *it = malloc(sizeof(SEXP_list_it)); # 1341|-> it->block = SEXP_LCASTP(v_dsc.mem)->b_addr; # 1342| it->index = SEXP_LCASTP(v_dsc.mem)->offset; # 1343| it->count = it->block != NULL ? it->block->real : 0; Error: GCC_ANALYZER_WARNING (CWE-476): [#def48] openscap-1.4.4/src/OVAL/probes/SEAP/sexp-manip.c: scope_hint: In function ‘SEXP_list_it_next’ openscap-1.4.4/src/OVAL/probes/SEAP/sexp-manip.c:1352:15: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘it’ # 1350| SEXP_t *item; # 1351| # 1352|-> if (it->block == NULL) # 1353| return (NULL); # 1354| Error: GCC_ANALYZER_WARNING (CWE-401): [#def49] openscap-1.4.4/src/OVAL/probes/unix/runlevel_probe.c:184:41: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(&pathbuf)’ # 182| start = kill = false; # 183| # 184|-> while ((rc_dp = readdir(rc_dir)) != NULL) { # 185| if (stat(rc_dp->d_name, &rc_st) != 0) { # 186| dD("Can't stat file %s/%s: errno=%d, %s.", Error: GCC_ANALYZER_WARNING (CWE-476): [#def50] openscap-1.4.4/src/OVAL/probes/unix/runlevel_probe.c:225:47: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘rep_lst’ # 223| } # 224| # 225|-> rep_lst->service_name = strdup(service_name); # 226| rep_lst->runlevel = strdup(runlevel); # 227| rep_lst->start = start; Error: GCC_ANALYZER_WARNING (CWE-401): [#def51] openscap-1.4.4/src/OVAL/probes/unix/runlevel_probe.c:232:9: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(".")’ # 230| } # 231| } # 232|-> closedir(init_dir); # 233| # 234| if (fchdir(dirfd(orig_dir)) == -1) { Error: GCC_ANALYZER_WARNING (CWE-476): [#def52] openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_status_new_fill’ openscap-1.4.4/src/XCCDF/item.c:1006:26: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘ret’ # 1004| return NULL; # 1005| ret = calloc(1, sizeof(struct xccdf_status)); # 1006|-> if ((ret->status = oscap_string_to_enum(XCCDF_STATUS_MAP, status)) == XCCDF_STATUS_NOT_SPECIFIED) { # 1007| free(ret); # 1008| return NULL; Error: GCC_ANALYZER_WARNING (CWE-401): [#def53] openscap-1.4.4/src/XCCDF/item.c:1006:28: warning[-Wanalyzer-malloc-leak]: leak of ‘ret’ # 1004| return NULL; # 1005| ret = calloc(1, sizeof(struct xccdf_status)); # 1006|-> if ((ret->status = oscap_string_to_enum(XCCDF_STATUS_MAP, status)) == XCCDF_STATUS_NOT_SPECIFIED) { # 1007| free(ret); # 1008| return NULL; Error: GCC_ANALYZER_WARNING (CWE-401): [#def54] openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_item_process_element’ openscap-1.4.4/src/XCCDF/item.c:1006:28: warning[-Wanalyzer-malloc-leak]: leak of ‘xccdf_status_new_fill(oscap_element_string_copy(reader), xccdf_attribute_get(reader, 8))’ # 1004| return NULL; # 1005| ret = calloc(1, sizeof(struct xccdf_status)); # 1006|-> if ((ret->status = oscap_string_to_enum(XCCDF_STATUS_MAP, status)) == XCCDF_STATUS_NOT_SPECIFIED) { # 1007| free(ret); # 1008| return NULL; Error: GCC_ANALYZER_WARNING (CWE-401): [#def55] openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_status_new_fill’ openscap-1.4.4/src/XCCDF/item.c:1010:21: warning[-Wanalyzer-malloc-leak]: leak of ‘ret’ # 1008| return NULL; # 1009| } # 1010|-> ret->date = oscap_get_date(date); # 1011| return ret; # 1012| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def56] openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_model_clone’ openscap-1.4.4/src/XCCDF/item.c:1060:27: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘new_model’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_model_clone’ # 1058| { # 1059| struct xccdf_model *new_model = calloc(1, sizeof(struct xccdf_model)); # 1060|-> new_model->system = oscap_strdup(old_model->system); # 1061| # 1062| //params maps char * to char * so we will need to oscap_strdup the items. Error: GCC_ANALYZER_WARNING (CWE-401): [#def57] openscap-1.4.4/src/XCCDF/item.c:1063:29: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_model_clone’ # 1061| # 1062| //params maps char * to char * so we will need to oscap_strdup the items. # 1063|-> new_model->params = oscap_htable_clone(old_model->params, (oscap_clone_func) oscap_strdup); # 1064| //new_model->params = NULL; # 1065| return new_model; Error: GCC_ANALYZER_WARNING (CWE-401): [#def58] openscap-1.4.4/src/XCCDF/item.c:1063:29: warning[-Wanalyzer-malloc-leak]: leak of ‘new_model’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_model_clone’ # 1061| # 1062| //params maps char * to char * so we will need to oscap_strdup the items. # 1063|-> new_model->params = oscap_htable_clone(old_model->params, (oscap_clone_func) oscap_strdup); # 1064| //new_model->params = NULL; # 1065| return new_model; Error: GCC_ANALYZER_WARNING (CWE-476): [#def59] openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_model_new’ openscap-1.4.4/src/XCCDF/item.c:1071:19: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘model’ # 1069| { # 1070| struct xccdf_model *model = calloc(1, sizeof(struct xccdf_model)); # 1071|-> model->params = oscap_htable_new(); # 1072| return model; # 1073| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def60] openscap-1.4.4/src/XCCDF/item.c:1071:21: warning[-Wanalyzer-malloc-leak]: leak of ‘model’ # 1069| { # 1070| struct xccdf_model *model = calloc(1, sizeof(struct xccdf_model)); # 1071|-> model->params = oscap_htable_new(); # 1072| return model; # 1073| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def61] openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_model_new_xml’ openscap-1.4.4/src/XCCDF/item.c:1085:25: warning[-Wanalyzer-malloc-leak]: leak of ‘xccdf_model_new()’ # 1083| # 1084| model = xccdf_model_new(); # 1085|-> model->system = xccdf_attribute_copy(reader, XCCDFA_SYSTEM); # 1086| # 1087| while (oscap_to_start_element(reader, depth)) { Error: GCC_ANALYZER_WARNING (CWE-401): [#def62] openscap-1.4.4/src/XCCDF/item.c:1087:16: warning[-Wanalyzer-malloc-leak]: leak of ‘xccdf_model_new()’ # 1085| model->system = xccdf_attribute_copy(reader, XCCDFA_SYSTEM); # 1086| # 1087|-> while (oscap_to_start_element(reader, depth)) { # 1088| if (xccdf_element_get(reader) == XCCDFE_PARAM) { # 1089| const char *name = xccdf_attribute_get(reader, XCCDFA_NAME); Error: GCC_ANALYZER_WARNING (CWE-401): [#def63] openscap-1.4.4/src/XCCDF/item.c:1088:21: warning[-Wanalyzer-malloc-leak]: leak of ‘xccdf_model_new()’ # 1086| # 1087| while (oscap_to_start_element(reader, depth)) { # 1088|-> if (xccdf_element_get(reader) == XCCDFE_PARAM) { # 1089| const char *name = xccdf_attribute_get(reader, XCCDFA_NAME); # 1090| char *value = oscap_element_string_copy(reader); Error: GCC_ANALYZER_WARNING (CWE-401): [#def64] openscap-1.4.4/src/XCCDF/item.c:1089:44: warning[-Wanalyzer-malloc-leak]: leak of ‘xccdf_model_new()’ # 1087| while (oscap_to_start_element(reader, depth)) { # 1088| if (xccdf_element_get(reader) == XCCDFE_PARAM) { # 1089|-> const char *name = xccdf_attribute_get(reader, XCCDFA_NAME); # 1090| char *value = oscap_element_string_copy(reader); # 1091| if (!name || !value || !oscap_htable_add(model->params, name, value)) Error: GCC_ANALYZER_WARNING (CWE-401): [#def65] openscap-1.4.4/src/XCCDF/item.c:1090:39: warning[-Wanalyzer-malloc-leak]: leak of ‘xccdf_model_new()’ # 1088| if (xccdf_element_get(reader) == XCCDFE_PARAM) { # 1089| const char *name = xccdf_attribute_get(reader, XCCDFA_NAME); # 1090|-> char *value = oscap_element_string_copy(reader); # 1091| if (!name || !value || !oscap_htable_add(model->params, name, value)) # 1092| free(value); Error: GCC_ANALYZER_WARNING (CWE-401): [#def66] openscap-1.4.4/src/XCCDF/item.c:1091:29: warning[-Wanalyzer-malloc-leak]: leak of ‘xccdf_model_new()’ # 1089| const char *name = xccdf_attribute_get(reader, XCCDFA_NAME); # 1090| char *value = oscap_element_string_copy(reader); # 1091|-> if (!name || !value || !oscap_htable_add(model->params, name, value)) # 1092| free(value); # 1093| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def67] openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_warning_new’ openscap-1.4.4/src/XCCDF/item.c:1119:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘w’ # 1117| { # 1118| struct xccdf_warning *w = calloc(1, sizeof(struct xccdf_warning)); # 1119|-> w->category = XCCDF_WARNING_GENERAL; # 1120| return w; # 1121| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def68] openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_warning_new_parse’ openscap-1.4.4/src/XCCDF/item.c:1126:19: warning[-Wanalyzer-malloc-leak]: leak of ‘xccdf_warning_new()’ # 1124| { # 1125| struct xccdf_warning *w = xccdf_warning_new(); # 1126|-> w->category = oscap_string_to_enum(XCCDF_WARNING_MAP, xccdf_attribute_get(reader, XCCDFA_CATEGORY)); # 1127| w->text = oscap_text_new_parse(XCCDF_TEXT_HTMLSUB, reader); # 1128| return w; Error: GCC_ANALYZER_WARNING (CWE-401): [#def69] openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_item_process_element’ openscap-1.4.4/src/XCCDF/item.c:1126:19: warning[-Wanalyzer-malloc-leak]: leak of ‘xccdf_warning_new_parse(reader)’ # 1124| { # 1125| struct xccdf_warning *w = xccdf_warning_new(); # 1126|-> w->category = oscap_string_to_enum(XCCDF_WARNING_MAP, xccdf_attribute_get(reader, XCCDFA_CATEGORY)); # 1127| w->text = oscap_text_new_parse(XCCDF_TEXT_HTMLSUB, reader); # 1128| return w; Error: GCC_ANALYZER_WARNING (CWE-476): [#def70] openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_value_instance_clone’ openscap-1.4.4/src/XCCDF/item.c:1217:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘clone’ # 1215| { # 1216| struct xccdf_value_instance * clone = calloc(1, sizeof(struct xccdf_value_instance)); # 1217|-> clone->type = val->type; # 1218| # 1219| clone->value = oscap_strdup(val->value); Error: GCC_ANALYZER_WARNING (CWE-401): [#def71] openscap-1.4.4/src/XCCDF/item.c:1221:22: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_value_instance_clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_value_instance_clone’ # 1219| clone->value = oscap_strdup(val->value); # 1220| clone->defval = oscap_strdup(val->defval); # 1221|-> clone->choices = oscap_list_clone(val->choices, (oscap_clone_func) oscap_strdup); # 1222| clone->match = oscap_strdup(val->match); # 1223| clone->lower_bound = val->lower_bound; Error: GCC_ANALYZER_WARNING (CWE-401): [#def72] openscap-1.4.4/src/XCCDF/item.c:1221:22: warning[-Wanalyzer-malloc-leak]: leak of ‘clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_value_instance_clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_value_instance_clone’ # 1219| clone->value = oscap_strdup(val->value); # 1220| clone->defval = oscap_strdup(val->defval); # 1221|-> clone->choices = oscap_list_clone(val->choices, (oscap_clone_func) oscap_strdup); # 1222| clone->match = oscap_strdup(val->match); # 1223| clone->lower_bound = val->lower_bound; Error: GCC_ANALYZER_WARNING (CWE-401): [#def73] openscap-1.4.4/src/XCCDF/item.c:1227:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_value_instance_clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_value_instance_clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_value_instance_clone’ # 1225| # 1226| clone->flags = val->flags; # 1227|-> xccdf_value_instance_set_selector(clone, xccdf_value_instance_get_selector(val)); # 1228| return clone; # 1229| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def74] openscap-1.4.4/src/XCCDF/item.c:1227:9: warning[-Wanalyzer-malloc-leak]: leak of ‘clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_value_instance_clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_value_instance_clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_value_instance_clone’ # 1225| # 1226| clone->flags = val->flags; # 1227|-> xccdf_value_instance_set_selector(clone, xccdf_value_instance_get_selector(val)); # 1228| return clone; # 1229| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def75] openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_identity_clone’ openscap-1.4.4/src/XCCDF/item.c:1248:21: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_identity_clone’ # 1246| clone->sub.authenticated = identity->sub.authenticated; # 1247| clone->sub.privileged = identity->sub.privileged; # 1248|-> clone->name = oscap_strdup(identity->name); # 1249| return clone; # 1250| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def76] openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_target_fact_clone’ openscap-1.4.4/src/XCCDF/item.c:1255:21: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘clone’ # 1253| { # 1254| struct xccdf_target_fact * clone = calloc(1, sizeof(struct xccdf_target_fact)); # 1255|-> clone->type = tf->type; # 1256| clone->name = oscap_strdup(tf->name); # 1257| clone->value = oscap_strdup(tf->value); Error: GCC_ANALYZER_WARNING (CWE-476): [#def77] openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_override_clone’ openscap-1.4.4/src/XCCDF/item.c:1264:21: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘clone’ # 1262| { # 1263| struct xccdf_override * clone = calloc(1, sizeof(struct xccdf_override)); # 1264|-> clone->time = override->time; # 1265| clone->authority = oscap_strdup(clone->authority); # 1266| clone->old_result = override->old_result; Error: GCC_ANALYZER_WARNING (CWE-401): [#def78] openscap-1.4.4/src/XCCDF/item.c:1268:25: warning[-Wanalyzer-malloc-leak]: leak of ‘clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_override_clone’ # 1266| clone->old_result = override->old_result; # 1267| clone->new_result = override->new_result; # 1268|-> clone->remark = oscap_text_clone(override->remark); # 1269| return clone; # 1270| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def79] openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_message_clone’ openscap-1.4.4/src/XCCDF/item.c:1275:24: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_message_clone’ # 1273| { # 1274| struct xccdf_message * clone = calloc(1, sizeof(struct xccdf_message)); # 1275|-> clone->content = oscap_strdup(message->content); # 1276| clone->severity = message->severity; # 1277| return clone; Error: GCC_ANALYZER_WARNING (CWE-476): [#def80] openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_instance_clone’ openscap-1.4.4/src/XCCDF/item.c:1283:20: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_instance_clone’ # 1281| { # 1282| struct xccdf_instance * clone = calloc(1, sizeof(struct xccdf_instance)); # 1283|-> clone->context = oscap_strdup(instance->context); # 1284| clone->parent_context = oscap_strdup(instance->parent_context); # 1285| clone->content = oscap_strdup(instance->content); Error: GCC_ANALYZER_WARNING (CWE-476): [#def81] openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ openscap-1.4.4/src/XCCDF/item.c:1292:22: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ # 1290| { # 1291| struct xccdf_rule_result * clone = calloc(1, sizeof(struct xccdf_rule_result)); # 1292|-> clone->idref = oscap_strdup(result->idref); # 1293| clone->role = result->role; # 1294| clone->time = oscap_strdup(result->time); Error: GCC_ANALYZER_WARNING (CWE-401): [#def82] openscap-1.4.4/src/XCCDF/item.c:1299:28: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ # 1297| clone->result = result->result; # 1298| clone->version = oscap_strdup(result->version); # 1299|-> clone->overrides = oscap_list_clone(result->overrides, (oscap_clone_func) xccdf_override_clone); # 1300| clone->idents = oscap_list_clone(result->idents, (oscap_clone_func) xccdf_ident_clone); # 1301| clone->messages = oscap_list_clone(result->messages, (oscap_clone_func) xccdf_message_clone); Error: GCC_ANALYZER_WARNING (CWE-401): [#def83] openscap-1.4.4/src/XCCDF/item.c:1299:28: warning[-Wanalyzer-malloc-leak]: leak of ‘clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ # 1297| clone->result = result->result; # 1298| clone->version = oscap_strdup(result->version); # 1299|-> clone->overrides = oscap_list_clone(result->overrides, (oscap_clone_func) xccdf_override_clone); # 1300| clone->idents = oscap_list_clone(result->idents, (oscap_clone_func) xccdf_ident_clone); # 1301| clone->messages = oscap_list_clone(result->messages, (oscap_clone_func) xccdf_message_clone); Error: GCC_ANALYZER_WARNING (CWE-401): [#def84] openscap-1.4.4/src/XCCDF/item.c:1300:25: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ # 1298| clone->version = oscap_strdup(result->version); # 1299| clone->overrides = oscap_list_clone(result->overrides, (oscap_clone_func) xccdf_override_clone); # 1300|-> clone->idents = oscap_list_clone(result->idents, (oscap_clone_func) xccdf_ident_clone); # 1301| clone->messages = oscap_list_clone(result->messages, (oscap_clone_func) xccdf_message_clone); # 1302| clone->instances = oscap_list_clone(result->instances, (oscap_clone_func) xccdf_instance_clone); Error: GCC_ANALYZER_WARNING (CWE-401): [#def85] openscap-1.4.4/src/XCCDF/item.c:1300:25: warning[-Wanalyzer-malloc-leak]: leak of ‘clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ # 1298| clone->version = oscap_strdup(result->version); # 1299| clone->overrides = oscap_list_clone(result->overrides, (oscap_clone_func) xccdf_override_clone); # 1300|-> clone->idents = oscap_list_clone(result->idents, (oscap_clone_func) xccdf_ident_clone); # 1301| clone->messages = oscap_list_clone(result->messages, (oscap_clone_func) xccdf_message_clone); # 1302| clone->instances = oscap_list_clone(result->instances, (oscap_clone_func) xccdf_instance_clone); Error: GCC_ANALYZER_WARNING (CWE-401): [#def86] openscap-1.4.4/src/XCCDF/item.c:1301:27: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ # 1299| clone->overrides = oscap_list_clone(result->overrides, (oscap_clone_func) xccdf_override_clone); # 1300| clone->idents = oscap_list_clone(result->idents, (oscap_clone_func) xccdf_ident_clone); # 1301|-> clone->messages = oscap_list_clone(result->messages, (oscap_clone_func) xccdf_message_clone); # 1302| clone->instances = oscap_list_clone(result->instances, (oscap_clone_func) xccdf_instance_clone); # 1303| clone->fixes = oscap_list_clone(result->fixes, (oscap_clone_func) xccdf_fix_clone); Error: GCC_ANALYZER_WARNING (CWE-401): [#def87] openscap-1.4.4/src/XCCDF/item.c:1301:27: warning[-Wanalyzer-malloc-leak]: leak of ‘clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ # 1299| clone->overrides = oscap_list_clone(result->overrides, (oscap_clone_func) xccdf_override_clone); # 1300| clone->idents = oscap_list_clone(result->idents, (oscap_clone_func) xccdf_ident_clone); # 1301|-> clone->messages = oscap_list_clone(result->messages, (oscap_clone_func) xccdf_message_clone); # 1302| clone->instances = oscap_list_clone(result->instances, (oscap_clone_func) xccdf_instance_clone); # 1303| clone->fixes = oscap_list_clone(result->fixes, (oscap_clone_func) xccdf_fix_clone); Error: GCC_ANALYZER_WARNING (CWE-401): [#def88] openscap-1.4.4/src/XCCDF/item.c:1302:28: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ # 1300| clone->idents = oscap_list_clone(result->idents, (oscap_clone_func) xccdf_ident_clone); # 1301| clone->messages = oscap_list_clone(result->messages, (oscap_clone_func) xccdf_message_clone); # 1302|-> clone->instances = oscap_list_clone(result->instances, (oscap_clone_func) xccdf_instance_clone); # 1303| clone->fixes = oscap_list_clone(result->fixes, (oscap_clone_func) xccdf_fix_clone); # 1304| clone->checks = oscap_list_clone(result->checks, (oscap_clone_func) xccdf_check_clone); Error: GCC_ANALYZER_WARNING (CWE-401): [#def89] openscap-1.4.4/src/XCCDF/item.c:1302:28: warning[-Wanalyzer-malloc-leak]: leak of ‘clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ # 1300| clone->idents = oscap_list_clone(result->idents, (oscap_clone_func) xccdf_ident_clone); # 1301| clone->messages = oscap_list_clone(result->messages, (oscap_clone_func) xccdf_message_clone); # 1302|-> clone->instances = oscap_list_clone(result->instances, (oscap_clone_func) xccdf_instance_clone); # 1303| clone->fixes = oscap_list_clone(result->fixes, (oscap_clone_func) xccdf_fix_clone); # 1304| clone->checks = oscap_list_clone(result->checks, (oscap_clone_func) xccdf_check_clone); Error: GCC_ANALYZER_WARNING (CWE-401): [#def90] openscap-1.4.4/src/XCCDF/item.c:1303:24: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ # 1301| clone->messages = oscap_list_clone(result->messages, (oscap_clone_func) xccdf_message_clone); # 1302| clone->instances = oscap_list_clone(result->instances, (oscap_clone_func) xccdf_instance_clone); # 1303|-> clone->fixes = oscap_list_clone(result->fixes, (oscap_clone_func) xccdf_fix_clone); # 1304| clone->checks = oscap_list_clone(result->checks, (oscap_clone_func) xccdf_check_clone); # 1305| return clone; Error: GCC_ANALYZER_WARNING (CWE-401): [#def91] openscap-1.4.4/src/XCCDF/item.c:1303:24: warning[-Wanalyzer-malloc-leak]: leak of ‘clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ # 1301| clone->messages = oscap_list_clone(result->messages, (oscap_clone_func) xccdf_message_clone); # 1302| clone->instances = oscap_list_clone(result->instances, (oscap_clone_func) xccdf_instance_clone); # 1303|-> clone->fixes = oscap_list_clone(result->fixes, (oscap_clone_func) xccdf_fix_clone); # 1304| clone->checks = oscap_list_clone(result->checks, (oscap_clone_func) xccdf_check_clone); # 1305| return clone; Error: GCC_ANALYZER_WARNING (CWE-401): [#def92] openscap-1.4.4/src/XCCDF/item.c:1304:25: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ # 1302| clone->instances = oscap_list_clone(result->instances, (oscap_clone_func) xccdf_instance_clone); # 1303| clone->fixes = oscap_list_clone(result->fixes, (oscap_clone_func) xccdf_fix_clone); # 1304|-> clone->checks = oscap_list_clone(result->checks, (oscap_clone_func) xccdf_check_clone); # 1305| return clone; # 1306| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def93] openscap-1.4.4/src/XCCDF/item.c:1304:25: warning[-Wanalyzer-malloc-leak]: leak of ‘clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_rule_result_clone’ # 1302| clone->instances = oscap_list_clone(result->instances, (oscap_clone_func) xccdf_instance_clone); # 1303| clone->fixes = oscap_list_clone(result->fixes, (oscap_clone_func) xccdf_fix_clone); # 1304|-> clone->checks = oscap_list_clone(result->checks, (oscap_clone_func) xccdf_check_clone); # 1305| return clone; # 1306| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def94] openscap-1.4.4/src/XCCDF/item.c: scope_hint: In function ‘xccdf_score_clone’ openscap-1.4.4/src/XCCDF/item.c:1311:24: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘clone’ # 1309| { # 1310| struct xccdf_score * clone = calloc(1, sizeof(struct xccdf_score)); # 1311|-> clone->maximum = score->maximum; # 1312| clone->score = score->score; # 1313| clone->system = oscap_strdup(score->system); Error: GCC_ANALYZER_WARNING (CWE-401): [#def95] openscap-1.4.4/src/XCCDF/profile.c:261:37: warning[-Wanalyzer-malloc-leak]: leak of ‘xccdf_refine_rule_new()’ openscap-1.4.4/src/XCCDF/profile.c:233:9: note: in expansion of macro ‘XCCDF_ASSERT_ELEMENT’ # 259| rr->selector = xccdf_attribute_copy(reader, XCCDFA_SELECTOR); # 260| rr->weight = xccdf_attribute_get_float(reader, XCCDFA_WEIGHT); # 261|-> if (xccdf_attribute_has(reader, XCCDFA_ROLE)) # 262| rr->role = # 263| oscap_string_to_enum(XCCDF_ROLE_MAP, Error: GCC_ANALYZER_WARNING (CWE-401): [#def96] openscap-1.4.4/src/XCCDF/profile.c:263:45: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ openscap-1.4.4/src/XCCDF/profile.c:233:9: note: in expansion of macro ‘XCCDF_ASSERT_ELEMENT’ # 261| if (xccdf_attribute_has(reader, XCCDFA_ROLE)) # 262| rr->role = # 263|-> oscap_string_to_enum(XCCDF_ROLE_MAP, # 264| xccdf_attribute_get(reader, XCCDFA_ROLE)); # 265| if (xccdf_attribute_has(reader, XCCDFA_SEVERITY)) Error: GCC_ANALYZER_WARNING (CWE-401): [#def97] openscap-1.4.4/src/common/_error.h:36:32: warning[-Wanalyzer-malloc-leak]: leak of ‘rds_index_new()’ openscap-1.4.4/src/DS/rds_index.c:264:33: note: in expansion of macro ‘oscap_setxmlerr’ openscap-1.4.4/src/DS/rds_index.c:264:33: note: in expansion of macro ‘oscap_setxmlerr’ openscap-1.4.4/src/DS/rds_index.c:264:33: note: in expansion of macro ‘oscap_setxmlerr’ # 34| else oscap_seterr(OSCAP_EFAMILY_OSCAP, desc); } } # 35| # 36|-> #define oscap_setxmlerr(error) __oscap_setxmlerr (__FILE__, __LINE__, __PRETTY_FUNCTION__, error) # 37| # 38| void __oscap_setxmlerr(const char *file, uint32_t line, const char *func, const xmlError *error); Error: GCC_ANALYZER_WARNING (CWE-401): [#def98] openscap-1.4.4/src/common/debug_priv.h:47:37: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(&pathbuf)’ openscap-1.4.4/src/common/debug_priv.h:54:33: note: in expansion of macro ‘__dlprintf_wrapper’ openscap-1.4.4/src/common/debug_priv.h:64:17: note: in expansion of macro ‘oscap_dlprintf’ openscap-1.4.4/src/OVAL/probes/unix/runlevel_probe.c:168:33: note: in expansion of macro ‘dD’ openscap-1.4.4/src/common/debug_priv.h:47:102: note: in definition of macro ‘__dlprintf_wrapper’ openscap-1.4.4/src/common/debug_priv.h:64:17: note: in expansion of macro ‘oscap_dlprintf’ openscap-1.4.4/src/OVAL/probes/unix/runlevel_probe.c:168:33: note: in expansion of macro ‘dD’ openscap-1.4.4/src/common/debug_priv.h:54:33: note: in expansion of macro ‘__dlprintf_wrapper’ openscap-1.4.4/src/common/debug_priv.h:64:17: note: in expansion of macro ‘oscap_dlprintf’ openscap-1.4.4/src/OVAL/probes/unix/runlevel_probe.c:168:33: note: in expansion of macro ‘dD’ openscap-1.4.4/src/common/debug_priv.h:54:33: note: in expansion of macro ‘__dlprintf_wrapper’ openscap-1.4.4/src/common/debug_priv.h:64:17: note: in expansion of macro ‘oscap_dlprintf’ openscap-1.4.4/src/OVAL/probes/unix/runlevel_probe.c:168:33: note: in expansion of macro ‘dD’ # 45| # 46| # 47|-> # define __dlprintf_wrapper(l, ...) __oscap_dlprintf (l, __FILE__, __PRETTY_FUNCTION__, __LINE__, 0, __VA_ARGS__) # 48| # 49| /**
| analyzer-version-clippy | 1.92.0 |
| analyzer-version-cppcheck | 2.19.1 |
| analyzer-version-gcc | 16.0.0 |
| analyzer-version-gcc-analyzer | 16.0.0 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.92.0 |
| diffbase-analyzer-version-cppcheck | 2.19.1 |
| diffbase-analyzer-version-gcc | 16.0.0 |
| diffbase-analyzer-version-gcc-analyzer | 16.0.0 |
| diffbase-analyzer-version-shellcheck | 0.11.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-42.us-west-2.compute.internal |
| diffbase-known-false-positives | /usr/share/csmock/known-false-positives.js |
| diffbase-known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| diffbase-mock-config | fedora-rawhide-x86_64 |
| diffbase-project-name | openscap-1.4.4-0.20260112191147550721.pr2298.23.g7c78edb0a |
| diffbase-store-results-to | /tmp/tmpmhghk68z/openscap-1.4.4-0.20260112191147550721.pr2298.23.g7c78edb0a.tar.xz |
| diffbase-time-created | 2026-01-12 19:32:04 |
| diffbase-time-finished | 2026-01-12 19:44:40 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmpmhghk68z/openscap-1.4.4-0.20260112191147550721.pr2298.23.g7c78edb0a.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '/tmp/tmpmhghk68z/openscap-1.4.4-0.20260112191147550721.pr2298.23.g7c78edb0a.src.rpm' |
| diffbase-tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-42.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | openscap-1.4.4-0.20260112115410058871.main.21.g7a61a088a |
| store-results-to | /tmp/tmp756cox7i/openscap-1.4.4-0.20260112115410058871.main.21.g7a61a088a.tar.xz |
| time-created | 2026-01-12 19:17:41 |
| time-finished | 2026-01-12 19:31:22 |
| title | Fixed findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmp756cox7i/openscap-1.4.4-0.20260112115410058871.main.21.g7a61a088a.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '/tmp/tmp756cox7i/openscap-1.4.4-0.20260112115410058871.main.21.g7a61a088a.src.rpm' |
| tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |