Newly introduced findings

List of Findings

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1]
openscap-1.4.4/src/CPE/cpelang_priv.c:292:21: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
#  290|   
#  291|   		if (!xmlStrcmp(xmlTextReaderConstLocalName(reader), ATTR_TITLE_STR) &&
#  292|-> 		    xmlTextReaderNodeType(reader) == XML_READER_TYPE_ELEMENT) {
#  293|   			oscap_list_add(ret->titles, oscap_text_new_parse(OSCAP_TEXT_TRAITS_PLAIN, reader));
#  294|   		} else

Error: GCC_ANALYZER_WARNING (CWE-401): [#def2]
openscap-1.4.4/src/CPE/cpelang_priv.c:292:21: warning[-Wanalyzer-malloc-leak]: leak of ‘cpe_platform_new()’
#  290|   
#  291|   		if (!xmlStrcmp(xmlTextReaderConstLocalName(reader), ATTR_TITLE_STR) &&
#  292|-> 		    xmlTextReaderNodeType(reader) == XML_READER_TYPE_ELEMENT) {
#  293|   			oscap_list_add(ret->titles, oscap_text_new_parse(OSCAP_TEXT_TRAITS_PLAIN, reader));
#  294|   		} else

Error: GCC_ANALYZER_WARNING (CWE-401): [#def3]
openscap-1.4.4/src/CPE/cpelang_priv.c:293:25: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
#  291|   		if (!xmlStrcmp(xmlTextReaderConstLocalName(reader), ATTR_TITLE_STR) &&
#  292|   		    xmlTextReaderNodeType(reader) == XML_READER_TYPE_ELEMENT) {
#  293|-> 			oscap_list_add(ret->titles, oscap_text_new_parse(OSCAP_TEXT_TRAITS_PLAIN, reader));
#  294|   		} else
#  295|   		    if (!xmlStrcmp(xmlTextReaderConstLocalName(reader), TAG_REMARK_STR) &&

Error: GCC_ANALYZER_WARNING (CWE-401): [#def4]
openscap-1.4.4/src/CPE/cpelang_priv.c:293:25: warning[-Wanalyzer-malloc-leak]: leak of ‘cpe_platform_new()’
#  291|   		if (!xmlStrcmp(xmlTextReaderConstLocalName(reader), ATTR_TITLE_STR) &&
#  292|   		    xmlTextReaderNodeType(reader) == XML_READER_TYPE_ELEMENT) {
#  293|-> 			oscap_list_add(ret->titles, oscap_text_new_parse(OSCAP_TEXT_TRAITS_PLAIN, reader));
#  294|   		} else
#  295|   		    if (!xmlStrcmp(xmlTextReaderConstLocalName(reader), TAG_REMARK_STR) &&

Error: GCC_ANALYZER_WARNING (CWE-401): [#def5]
openscap-1.4.4/src/CPE/cpelang_priv.c:293:53: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
#  291|   		if (!xmlStrcmp(xmlTextReaderConstLocalName(reader), ATTR_TITLE_STR) &&
#  292|   		    xmlTextReaderNodeType(reader) == XML_READER_TYPE_ELEMENT) {
#  293|-> 			oscap_list_add(ret->titles, oscap_text_new_parse(OSCAP_TEXT_TRAITS_PLAIN, reader));
#  294|   		} else
#  295|   		    if (!xmlStrcmp(xmlTextReaderConstLocalName(reader), TAG_REMARK_STR) &&

Error: GCC_ANALYZER_WARNING (CWE-401): [#def6]
openscap-1.4.4/src/CPE/cpelang_priv.c:293:53: warning[-Wanalyzer-malloc-leak]: leak of ‘cpe_platform_new()’
#  291|   		if (!xmlStrcmp(xmlTextReaderConstLocalName(reader), ATTR_TITLE_STR) &&
#  292|   		    xmlTextReaderNodeType(reader) == XML_READER_TYPE_ELEMENT) {
#  293|-> 			oscap_list_add(ret->titles, oscap_text_new_parse(OSCAP_TEXT_TRAITS_PLAIN, reader));
#  294|   		} else
#  295|   		    if (!xmlStrcmp(xmlTextReaderConstLocalName(reader), TAG_REMARK_STR) &&

Error: GCC_ANALYZER_WARNING (CWE-401): [#def7]
openscap-1.4.4/src/CPE/cpelang_priv.c:295:26: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
#  293|   			oscap_list_add(ret->titles, oscap_text_new_parse(OSCAP_TEXT_TRAITS_PLAIN, reader));
#  294|   		} else
#  295|-> 		    if (!xmlStrcmp(xmlTextReaderConstLocalName(reader), TAG_REMARK_STR) &&
#  296|   			xmlTextReaderNodeType(reader) == XML_READER_TYPE_ELEMENT) {
#  297|   			ret->remark = parse_text_element(reader, (char *)TAG_REMARK_STR);	// TODO: 0-n remarks !

Error: GCC_ANALYZER_WARNING (CWE-401): [#def8]
openscap-1.4.4/src/CPE/cpelang_priv.c:295:26: warning[-Wanalyzer-malloc-leak]: leak of ‘cpe_platform_new()’
#  293|   			oscap_list_add(ret->titles, oscap_text_new_parse(OSCAP_TEXT_TRAITS_PLAIN, reader));
#  294|   		} else
#  295|-> 		    if (!xmlStrcmp(xmlTextReaderConstLocalName(reader), TAG_REMARK_STR) &&
#  296|   			xmlTextReaderNodeType(reader) == XML_READER_TYPE_ELEMENT) {
#  297|   			ret->remark = parse_text_element(reader, (char *)TAG_REMARK_STR);	// TODO: 0-n remarks !

Error: GCC_ANALYZER_WARNING (CWE-688): [#def9]
openscap-1.4.4/src/DS/rds.c: scope_hint: In function ‘ds_rds_create_source’
openscap-1.4.4/src/DS/rds.c:851:25: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘tailoring_doc_timestamp’ where non-null expected
openscap-1.4.4/src/DS/rds.c:44: included_from: Included from here.
/usr/include/time.h:108:15: note: argument 1 of ‘strftime’ must be non-null
#  849|   			struct tm result;
#  850|   			tailoring_doc_timestamp = malloc(max_timestamp_len);
#  851|-> 			strftime(tailoring_doc_timestamp, max_timestamp_len, "%Y-%m-%dT%H:%M:%S", localtime_r(&file_stat.st_mtime, &result));
#  852|   		}
#  853|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def10]
openscap-1.4.4/src/common/list.c: scope_hint: In function ‘oscap_create_lists’
openscap-1.4.4/src/common/list.c:45:64: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
#   43|   	va_list ap;
#   44|   	va_start(ap, first);
#   45|-> 	for (struct oscap_list **cur = first; cur != NULL; cur = va_arg(ap, struct oscap_list **))
#   46|   		*cur = oscap_list_new();
#   47|   	va_end(ap);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def11]
openscap-1.4.4/src/common/list.c: scope_hint: In function ‘oscap_list_clone’
openscap-1.4.4/src/common/list.c:155:21: warning[-Wanalyzer-malloc-leak]: leak of ‘oscap_list_new()’
#  153|           while (item != NULL) {
#  154|                   if (cloner)
#  155|->                     oscap_list_add(copy, cloner(item->data));
#  156|                   else oscap_list_add(copy, item->data);
#  157|                   item = item->next;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def12]
openscap-1.4.4/src/common/list.c: scope_hint: In function ‘oscap_list_find’
openscap-1.4.4/src/common/list.c:336:20: warning[-Wanalyzer-malloc-leak]: leak of ‘oscap_iterator_new(list)’
#  334|   static inline bool _oscap_iterator_has_more_internal(const struct oscap_iterator *it)
#  335|   {
#  336|-> 	return (!it->cur && it->list->first) || (it->cur && it->cur->next);
#  337|   }
#  338|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def13]
openscap-1.4.4/src/common/list.c: scope_hint: In function ‘oscap_htable_clone’
openscap-1.4.4/src/common/list.c:430:37: warning[-Wanalyzer-malloc-leak]: leak of ‘oscap_htable_new()’
#  428|   		return NULL;
#  429|   
#  430|-> 	for (size_t i = 0; i < table->hsize; ++i) {
#  431|   		struct oscap_htable_item *item = table->table[i];
#  432|   		while (item != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def14]
openscap-1.4.4/tests/API/SEAP/test_api_seap_spb.c: scope_hint: In function ‘main’
openscap-1.4.4/tests/API/SEAP/test_api_seap_spb.c:43:32: warning[-Wanalyzer-malloc-leak]: leak of ‘iov[0].iov_base’
#   41|                   case EINVAL:
#   42|                           fprintf (stderr, "Invalid seed: Not a number\n");
#   43|->                         return (-1);
#   44|                   }
#   45|                   break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def15]
openscap-1.4.4/tests/API/SEAP/test_api_seap_spb.c:43:32: warning[-Wanalyzer-malloc-leak]: leak of ‘iov[1].iov_base’
#   41|                   case EINVAL:
#   42|                           fprintf (stderr, "Invalid seed: Not a number\n");
#   43|->                         return (-1);
#   44|                   }
#   45|                   break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def16]
openscap-1.4.4/tests/API/SEAP/test_api_seap_spb.c:43:32: warning[-Wanalyzer-malloc-leak]: leak of ‘iov[2].iov_base’
#   41|                   case EINVAL:
#   42|                           fprintf (stderr, "Invalid seed: Not a number\n");
#   43|->                         return (-1);
#   44|                   }
#   45|                   break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def17]
openscap-1.4.4/tests/API/SEAP/test_api_seap_spb.c:68:41: warning[-Wanalyzer-malloc-leak]: leak of ‘iov[0].iov_base’
#   66|                   
#   67|                                   if (iov[i].iov_base == NULL) {
#   68|->                                         perror ("iov alloc");
#   69|                                           return (2);
#   70|                                   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def18]
openscap-1.4.4/tests/API/SEAP/test_api_seap_spb.c:68:41: warning[-Wanalyzer-malloc-leak]: leak of ‘iov[1].iov_base’
#   66|                   
#   67|                                   if (iov[i].iov_base == NULL) {
#   68|->                                         perror ("iov alloc");
#   69|                                           return (2);
#   70|                                   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def19]
openscap-1.4.4/tests/API/SEAP/test_api_seap_spb.c:68:41: warning[-Wanalyzer-malloc-leak]: leak of ‘iov[2].iov_base’
#   66|                   
#   67|                                   if (iov[i].iov_base == NULL) {
#   68|->                                         perror ("iov alloc");
#   69|                                           return (2);
#   70|                                   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def20]
openscap-1.4.4/tests/API/SEAP/test_api_seap_spb.c:68:41: warning[-Wanalyzer-malloc-leak]: leak of ‘r_buf’
#   66|                   
#   67|                                   if (iov[i].iov_base == NULL) {
#   68|->                                         perror ("iov alloc");
#   69|                                           return (2);
#   70|                                   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def21]
openscap-1.4.4/tests/API/crypt/test_crapi_digest.c:115:13: warning[-Wanalyzer-malloc-leak]: leak of ‘comp_sum’
#  113|   		char *comp_sum = malloc(comp_sum_len);
#  114|   
#  115|-> 	if (crapi_digest_fd(fd, algorithm, dst, &dstlen) != 0) {
#  116|                   fprintf (stderr, "crapi_digest() != 0\n");
#  117|                   abort ();

Error: GCC_ANALYZER_WARNING (CWE-401): [#def22]
openscap-1.4.4/tests/API/crypt/test_crapi_digest.c:115:13: warning[-Wanalyzer-malloc-leak]: leak of ‘dst’
#  113|   		char *comp_sum = malloc(comp_sum_len);
#  114|   
#  115|-> 	if (crapi_digest_fd(fd, algorithm, dst, &dstlen) != 0) {
#  116|                   fprintf (stderr, "crapi_digest() != 0\n");
#  117|                   abort ();

Error: GCC_ANALYZER_WARNING (CWE-401): [#def23]
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:39:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "rb")’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’
#   37|   	oscap_assert(file != NULL);
#   38|   
#   39|-> 	fseek(file, 0, SEEK_END);
#   40|   	unsigned long len = ftell(file);
#   41|   	fseek(file, 0, SEEK_SET);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def24]
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:40:29: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "rb")’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’
#   38|   
#   39|   	fseek(file, 0, SEEK_END);
#   40|-> 	unsigned long len = ftell(file);
#   41|   	fseek(file, 0, SEEK_SET);
#   42|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def25]
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:41:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "rb")’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’
#   39|   	fseek(file, 0, SEEK_END);
#   40|   	unsigned long len = ftell(file);
#   41|-> 	fseek(file, 0, SEEK_SET);
#   42|   
#   43|   	oscap_assert(buffer != NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def26]
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:44:30: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "rb")’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:43:9: note: in expansion of macro ‘oscap_assert’
#   42|   
#   43|   	oscap_assert(buffer != NULL);
#   44|-> 	*buffer = malloc(len + 1);
#   45|   	oscap_assert(*buffer != NULL);
#   46|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def27]
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c: scope_hint: In function ‘main’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:61:36: warning[-Wanalyzer-malloc-leak]: leak of ‘buffer’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:56:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:43:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:45:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:45:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:59:9: note: in expansion of macro ‘oscap_assert’
#   59|   	oscap_assert(buff_size != 0);
#   60|   
#   61|-> 	struct oscap_source *src = oscap_source_new_from_memory(buffer, buff_size, "file.xml.bz2");
#   62|   	printf("SCAP TYPE: %s\n", oscap_document_type_to_string(oscap_source_get_scap_type(src)));
#   63|   	oscap_assert(oscap_source_validate(src, NULL, NULL) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def28]
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:62:9: warning[-Wanalyzer-malloc-leak]: leak of ‘buffer’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:56:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:43:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:45:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:45:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:59:9: note: in expansion of macro ‘oscap_assert’
#   60|   
#   61|   	struct oscap_source *src = oscap_source_new_from_memory(buffer, buff_size, "file.xml.bz2");
#   62|-> 	printf("SCAP TYPE: %s\n", oscap_document_type_to_string(oscap_source_get_scap_type(src)));
#   63|   	oscap_assert(oscap_source_validate(src, NULL, NULL) == 0);
#   64|   	oscap_source_free(src);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def29]
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:63:22: warning[-Wanalyzer-malloc-leak]: leak of ‘buffer’
openscap-1.4.4/tests/oscap_assert.h:30:15: note: in definition of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:56:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:43:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:45:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:45:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:59:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/oscap_assert.h:30:15: note: in definition of macro ‘oscap_assert’
openscap-1.4.4/tests/oscap_assert.h:30:15: note: in definition of macro ‘oscap_assert’
#   61|   	struct oscap_source *src = oscap_source_new_from_memory(buffer, buff_size, "file.xml.bz2");
#   62|   	printf("SCAP TYPE: %s\n", oscap_document_type_to_string(oscap_source_get_scap_type(src)));
#   63|-> 	oscap_assert(oscap_source_validate(src, NULL, NULL) == 0);
#   64|   	oscap_source_free(src);
#   65|   	free(buffer);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def30]
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:64:9: warning[-Wanalyzer-malloc-leak]: leak of ‘buffer’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:56:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:43:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:45:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:45:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:59:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:63:9: note: in expansion of macro ‘oscap_assert’
#   62|   	printf("SCAP TYPE: %s\n", oscap_document_type_to_string(oscap_source_get_scap_type(src)));
#   63|   	oscap_assert(oscap_source_validate(src, NULL, NULL) == 0);
#   64|-> 	oscap_source_free(src);
#   65|   	free(buffer);
#   66|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def31]
openscap-1.4.4/tests/oscap_assert.h:30:12: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "rb")’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:43:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:43:9: note: in expansion of macro ‘oscap_assert’
#   28|   /* Unlike standard assert() macro this works even if NDEBUG is defined. */
#   29|   #define oscap_assert(expr) \
#   30|-> 	if (!(expr)) { \
#   31|   		fprintf(stderr, "Assertion failed: %s, file %s, line %d, function %s.", #expr, __FILE__, __LINE__, __PRETTY_FUNCTION__); \
#   32|   		abort(); \

Error: GCC_ANALYZER_WARNING (CWE-401): [#def32]
openscap-1.4.4/utils/oscap-xccdf.c: scope_hint: In function ‘_system_is_in_bootc_mode.part.0’
openscap-1.4.4/utils/oscap-xccdf.c:665:17: warning[-Wanalyzer-malloc-leak]: leak of ‘popen("/usr/bin/bootc status --format json 2>/dev/null", "r")’
#  663|   	char *buf = calloc(buf_size, sizeof(char));
#  664|   	if (buf == NULL) {
#  665|-> 		pclose(output);
#  666|   		return false;
#  667|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def33]
openscap-1.4.4/utils/oscap-xccdf.c:670:21: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
#  668|   	int c;
#  669|   	size_t i = 0;
#  670|-> 	while ((c = fgetc(output)) != EOF) {
#  671|   		if (i >= buf_size) {
#  672|   			buf_size += CHUNK_SIZE;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def34]
openscap-1.4.4/utils/oscap-xccdf.c:670:21: warning[-Wanalyzer-malloc-leak]: leak of ‘popen("/usr/bin/bootc status --format json 2>/dev/null", "r")’
#  668|   	int c;
#  669|   	size_t i = 0;
#  670|-> 	while ((c = fgetc(output)) != EOF) {
#  671|   		if (i >= buf_size) {
#  672|   			buf_size += CHUNK_SIZE;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def35]
openscap-1.4.4/utils/oscap-xccdf.c:680:20: warning[-Wanalyzer-malloc-leak]: leak of ‘popen("/usr/bin/bootc status --format json 2>/dev/null", "r")’
#  678|   			buf = new_buf;
#  679|   		}
#  680|-> 		buf[i++] = c;
#  681|   	}
#  682|   	pclose(output);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def36]
openscap-1.4.4/utils/oscap-xccdf.c:682:9: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
#  680|   		buf[i++] = c;
#  681|   	}
#  682|-> 	pclose(output);
#  683|   	bool result = (*buf != '\0' && strstr(buf, "\"booted\":null") == NULL);
#  684|   	free(buf);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def37]
openscap-1.4.4/utils/oscap-xccdf.c:682:9: warning[-Wanalyzer-malloc-leak]: leak of ‘popen("/usr/bin/bootc status --format json 2>/dev/null", "r")’
#  680|   		buf[i++] = c;
#  681|   	}
#  682|-> 	pclose(output);
#  683|   	bool result = (*buf != '\0' && strstr(buf, "\"booted\":null") == NULL);
#  684|   	free(buf);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def38]
openscap-1.4.4/utils/oscap-xccdf.c: scope_hint: In function ‘_some_result_exists’
openscap-1.4.4/utils/oscap-xccdf.c:1047:16: warning[-Wanalyzer-malloc-leak]: leak of ‘oval_result’
# 1045|   	files_it = oscap_file_entry_list_get_files(files);
# 1046|   	oval_result = malloc(PATH_MAX * sizeof(char));
# 1047|-> 	while (oscap_file_entry_iterator_has_more(files_it)) {
# 1048|   		struct oscap_file_entry *file_entry = (struct oscap_file_entry *) oscap_file_entry_iterator_next(files_it);;
# 1049|   		struct stat sb;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def39]
openscap-1.4.4/utils/oscap-xccdf.c:1048:83: warning[-Wanalyzer-malloc-leak]: leak of ‘oval_result’
# 1046|   	oval_result = malloc(PATH_MAX * sizeof(char));
# 1047|   	while (oscap_file_entry_iterator_has_more(files_it)) {
# 1048|-> 		struct oscap_file_entry *file_entry = (struct oscap_file_entry *) oscap_file_entry_iterator_next(files_it);;
# 1049|   		struct stat sb;
# 1050|   		if (strcmp(oscap_file_entry_get_system(file_entry), namespace))

Error: GCC_ANALYZER_WARNING (CWE-401): [#def40]
openscap-1.4.4/utils/oscap-xccdf.c:1050:21: warning[-Wanalyzer-malloc-leak]: leak of ‘oval_result’
# 1048|   		struct oscap_file_entry *file_entry = (struct oscap_file_entry *) oscap_file_entry_iterator_next(files_it);;
# 1049|   		struct stat sb;
# 1050|-> 		if (strcmp(oscap_file_entry_get_system(file_entry), namespace))
# 1051|   			continue;
# 1052|   		snprintf(oval_result, PATH_MAX, "./%s.result.xml", oscap_file_entry_get_file(file_entry));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def41]
openscap-1.4.4/utils/oscap-xccdf.c:1052:17: warning[-Wanalyzer-malloc-leak]: leak of ‘oval_result’
# 1050|   		if (strcmp(oscap_file_entry_get_system(file_entry), namespace))
# 1051|   			continue;
# 1052|-> 		snprintf(oval_result, PATH_MAX, "./%s.result.xml", oscap_file_entry_get_file(file_entry));
# 1053|   		if (stat(oval_result, &sb) == 0) {
# 1054|   			result = true;

Scan Properties

analyzer-version-clippy	1.92.0
analyzer-version-cppcheck	2.19.1
analyzer-version-gcc	16.0.0
analyzer-version-gcc-analyzer	16.0.0
analyzer-version-shellcheck	0.11.0
analyzer-version-unicontrol	0.0.2
diffbase-analyzer-version-clippy	1.92.0
diffbase-analyzer-version-cppcheck	2.19.1
diffbase-analyzer-version-gcc	16.0.0
diffbase-analyzer-version-gcc-analyzer	16.0.0
diffbase-analyzer-version-shellcheck	0.11.0
diffbase-analyzer-version-unicontrol	0.0.2
diffbase-enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
diffbase-exit-code	0
diffbase-host	ip-172-16-1-233.us-west-2.compute.internal
diffbase-known-false-positives	/usr/share/csmock/known-false-positives.js
diffbase-known-false-positives-rpm	known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch
diffbase-mock-config	fedora-rawhide-x86_64
diffbase-project-name	openscap-1.4.4-0.20260112115410058871.main.21.g7a61a088a
diffbase-store-results-to	/tmp/tmpy37nacxu/openscap-1.4.4-0.20260112115410058871.main.21.g7a61a088a.tar.xz
diffbase-time-created	2026-01-12 19:22:33
diffbase-time-finished	2026-01-12 19:36:41
diffbase-tool	csmock
diffbase-tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmpy37nacxu/openscap-1.4.4-0.20260112115410058871.main.21.g7a61a088a.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '/tmp/tmpy37nacxu/openscap-1.4.4-0.20260112115410058871.main.21.g7a61a088a.src.rpm'
diffbase-tool-version	csmock-3.8.3.20251215.161544.g62de9a5-1.el9
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-233.us-west-2.compute.internal
known-false-positives	/usr/share/csmock/known-false-positives.js
known-false-positives-rpm	known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch
mock-config	fedora-rawhide-x86_64
project-name	openscap-1.4.4-0.20260112191348495074.pr2301.23.g016338c21
store-results-to	/tmp/tmp72jvbokr/openscap-1.4.4-0.20260112191348495074.pr2301.23.g016338c21.tar.xz
time-created	2026-01-12 19:37:13
time-finished	2026-01-12 19:49:47
title	Newly introduced findings
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmp72jvbokr/openscap-1.4.4-0.20260112191348495074.pr2301.23.g016338c21.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '/tmp/tmp72jvbokr/openscap-1.4.4-0.20260112191348495074.pr2301.23.g016338c21.src.rpm'
tool-version	csmock-3.8.3.20251215.161544.g62de9a5-1.el9