Task #92884 - fixed.err
back to task #92884download
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/DS/rds_index.c:274:77: warning[-Wanalyzer-malloc-leak]: leak of ‘rds_index_new()’
# 272| }
# 273|
# 274|-> struct rds_report_request_index* rr_index = rds_report_request_index_parse(reader);
# 275| rds_index_add_report_request(ret, rr_index);
# 276|
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/DS/rds_index.c:284:29: warning[-Wanalyzer-malloc-leak]: leak of ‘rds_index_new()’
# 282| else if (strcmp(name, "assets") == 0)
# 283| {
# 284|-> if (xmlTextReaderRead(reader) != 1) {
# 285| oscap_setxmlerr(xmlGetLastError());
# 286| }
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/DS/rds_index.c:288:32: warning[-Wanalyzer-malloc-leak]: leak of ‘rds_index_new()’
# 286| }
# 287|
# 288|-> while (oscap_to_start_element(reader, 2))
# 289| {
# 290| if (strcmp((const char*)xmlTextReaderConstLocalName(reader), "asset") != 0) {
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/DS/rds_index.c:290:57: warning[-Wanalyzer-malloc-leak]: leak of ‘rds_index_new()’
# 288| while (oscap_to_start_element(reader, 2))
# 289| {
# 290|-> if (strcmp((const char*)xmlTextReaderConstLocalName(reader), "asset") != 0) {
# 291| // TODO: warning?
# 292| continue;
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/DS/rds_index.c:295:67: warning[-Wanalyzer-malloc-leak]: leak of ‘rds_index_new()’
# 293| }
# 294|
# 295|-> struct rds_asset_index* a_index = rds_asset_index_parse(reader);
# 296| rds_index_add_asset(ret, a_index);
# 297|
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/DS/rds_index.c:305:29: warning[-Wanalyzer-malloc-leak]: leak of ‘rds_index_new()’
# 303| else if (strcmp(name, "reports") == 0)
# 304| {
# 305|-> if (xmlTextReaderRead(reader) != 1) {
# 306| oscap_setxmlerr(xmlGetLastError());
# 307| }
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/DS/rds_index.c:309:32: warning[-Wanalyzer-malloc-leak]: leak of ‘rds_index_new()’
# 307| }
# 308|
# 309|-> while (oscap_to_start_element(reader, 2))
# 310| {
# 311| if (strcmp((const char*)xmlTextReaderConstLocalName(reader), "report") != 0) {
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/DS/rds_index.c:311:57: warning[-Wanalyzer-malloc-leak]: leak of ‘rds_index_new()’
# 309| while (oscap_to_start_element(reader, 2))
# 310| {
# 311|-> if (strcmp((const char*)xmlTextReaderConstLocalName(reader), "report") != 0) {
# 312| // TODO: warning?
# 313| continue;
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/DS/rds_index.c:316:68: warning[-Wanalyzer-malloc-leak]: leak of ‘rds_index_new()’
# 314| }
# 315|
# 316|-> struct rds_report_index* r_index = rds_report_index_parse(reader);
# 317| rds_index_add_report(ret, r_index);
# 318|
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/DS/rds_index.c:329:61: warning[-Wanalyzer-malloc-leak]: leak of ‘rds_index_new()’
# 327| //
# 328| // extended = 1 means that we want to copy all including children
# 329|-> xmlNodePtr new_relationships_node = xmlCopyNode(xmlTextReaderExpand(reader), 1);
# 330|
# 331| if (relationships_node)
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/DS/sds.c: scope_hint: In function ‘ds_sds_compose_add_component_dependencies’
openscap-1.4.4/src/DS/sds.c:835:60: warning[-Wanalyzer-malloc-leak]: leak of ‘ds_sds_mangle_filepath(real_path)’
openscap-1.4.4/src/DS/sds.c: scope_hint: In function ‘ds_sds_compose_add_component_dependencies’
openscap-1.4.4/src/DS/sds.c: scope_hint: In function ‘ds_sds_compose_add_component_dependencies’
# 833| // the string will grow 2x the size in the worst case (every char is /)
# 834| // TODO: We can do better than this by counting the slashes
# 835|-> char* ret = malloc(strlen(filepath) * sizeof(char) * 2);
# 836|
# 837| const char* src_it = filepath;
Error: GCC_ANALYZER_WARNING (CWE-476):
openscap-1.4.4/src/DS/sds.c: scope_hint: In function ‘ds_sds_mangle_filepath’
openscap-1.4.4/src/DS/sds.c:844:35: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst_it’
# 842| if (*src_it == '/')
# 843| {
# 844|-> *dst_it++ = '-';
# 845| *dst_it++ = '-';
# 846| }
Error: GCC_ANALYZER_WARNING (CWE-476):
openscap-1.4.4/src/DS/sds.c:848:35: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst_it’
# 846| }
# 847| else if (*src_it == '@') {
# 848|-> *dst_it++ = '-';
# 849| *dst_it++ = '-';
# 850| }
Error: GCC_ANALYZER_WARNING (CWE-476):
openscap-1.4.4/src/DS/sds.c:853:35: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst_it’
# 851| else
# 852| {
# 853|-> *dst_it++ = *src_it;
# 854| }
# 855|
Error: GCC_ANALYZER_WARNING (CWE-476):
openscap-1.4.4/src/DS/sds.c:859:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst_it’
# 857| }
# 858|
# 859|-> *dst_it = '\0';
# 860|
# 861| return ret;
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/DS/sds.c: scope_hint: In function ‘ds_sds_compose_add_component_dependencies’
openscap-1.4.4/src/DS/sds.c:910:29: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
openscap-1.4.4/src/DS/sds.c: scope_hint: In function ‘ds_sds_compose_add_component_dependencies’
openscap-1.4.4/src/DS/sds.c: scope_hint: In function ‘ds_sds_compose_add_component_dependencies’
# 908| struct oscap_htable *exported = oscap_htable_new();
# 909| char* filepath_cpy = oscap_strdup(oscap_source_readable_origin(component_source));
# 910|-> char *dir = oscap_dirname(filepath_cpy);
# 911|
# 912| for (int i = 0; i < nodeset->nodeNr; i++)
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/DS/sds_index.c:270:33: warning[-Wanalyzer-malloc-leak]: leak of ‘ds_sds_index_new()’
# 268| // sanity check
# 269| if (xmlTextReaderNodeType(reader) != XML_READER_TYPE_ELEMENT ||
# 270|-> strcmp((const char*)xmlTextReaderConstLocalName(reader), "component") != 0)
# 271| {
# 272| oscap_seterr(OSCAP_EFAMILY_XML,
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/DS/sds_index.c:275:74: warning[-Wanalyzer-malloc-leak]: leak of ‘ds_sds_index_new()’
openscap-1.4.4/src/common/_error.h:52:100: note: in definition of macro ‘oscap_seterr’
openscap-1.4.4/src/common/_error.h:52:100: note: in definition of macro ‘oscap_seterr’
openscap-1.4.4/src/common/_error.h:52:100: note: in definition of macro ‘oscap_seterr’
# 273| "Expected to have xmlTextReader at start of <ds:component>, "
# 274| "the current event is '%i' at '%s' instead. I refuse to parse!",
# 275|-> xmlTextReaderNodeType(reader), (const char*)xmlTextReaderConstLocalName(reader));
# 276|
# 277| return NULL;
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/DS/sds_index.c:281:16: warning[-Wanalyzer-malloc-leak]: leak of ‘ds_sds_index_new()’
# 279|
# 280| char *ret = NULL;
# 281|-> while (xmlTextReaderRead(reader) == 1)
# 282| {
# 283| int node_type = xmlTextReaderNodeType(reader);
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/DS/sds_index.c:283:33: warning[-Wanalyzer-malloc-leak]: leak of ‘ds_sds_index_new()’
# 281| while (xmlTextReaderRead(reader) == 1)
# 282| {
# 283|-> int node_type = xmlTextReaderNodeType(reader);
# 284| const char* local_name = (const char*)xmlTextReaderConstLocalName(reader);
# 285|
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/DS/sds_index.c: scope_hint: In function ‘ds_sds_index_parse’
openscap-1.4.4/src/DS/sds_index.c:339:16: warning[-Wanalyzer-malloc-leak]: leak of ‘ds_sds_index_new()’
# 337| struct ds_sds_index* ret = ds_sds_index_new();
# 338|
# 339|-> while (oscap_to_start_element(reader, 1))
# 340| {
# 341| const char* name = (const char *)xmlTextReaderConstLocalName(reader);
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/DS/sds_index.c:341:50: warning[-Wanalyzer-malloc-leak]: leak of ‘ds_sds_index_new()’
# 339| while (oscap_to_start_element(reader, 1))
# 340| {
# 341|-> const char* name = (const char *)xmlTextReaderConstLocalName(reader);
# 342| /*if (strcmp(name, "component") == 0)
# 343| {
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/DS/sds_index.c:357:53: warning[-Wanalyzer-malloc-leak]: leak of ‘ds_sds_index_new()’
# 355| }
# 356| else if (strcmp(name, "component") == 0) {
# 357|-> char *component_id = (char*)xmlTextReaderGetAttribute(reader, BAD_CAST "id");
# 358| char *benchmark_id = ds_sds_component_dig_benchmark_id(reader);
# 359|
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/DS/sds_index.c:397:17: warning[-Wanalyzer-malloc-leak]: leak of ‘ds_sds_index_new()’
# 395| }
# 396|
# 397|-> xmlTextReaderRead(reader);
# 398| }
# 399|
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/oval_recordField.c:368:23: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
openscap-1.4.4/src/OVAL/oval_recordField.c: scope_hint: In function ‘oval_record_field_parse_tag’
# 366| char *var_ref;
# 367|
# 368|-> opr = oval_operation_parse(reader, "operation", OVAL_OPERATION_EQUALS);
# 369| oval_record_field_set_operation(rf, opr);
# 370| var_check = oval_check_parse(reader, "var_check", OVAL_CHECK_ALL);
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/oval_recordField.c:370:29: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
openscap-1.4.4/src/OVAL/oval_recordField.c: scope_hint: In function ‘oval_record_field_parse_tag’
# 368| opr = oval_operation_parse(reader, "operation", OVAL_OPERATION_EQUALS);
# 369| oval_record_field_set_operation(rf, opr);
# 370|-> var_check = oval_check_parse(reader, "var_check", OVAL_CHECK_ALL);
# 371| oval_record_field_set_var_check(rf, var_check);
# 372| ent_check = oval_check_parse(reader, "entity_check", OVAL_CHECK_ALL);
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/oval_recordField.c:372:29: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
openscap-1.4.4/src/OVAL/oval_recordField.c: scope_hint: In function ‘oval_record_field_parse_tag’
# 370| var_check = oval_check_parse(reader, "var_check", OVAL_CHECK_ALL);
# 371| oval_record_field_set_var_check(rf, var_check);
# 372|-> ent_check = oval_check_parse(reader, "entity_check", OVAL_CHECK_ALL);
# 373| oval_record_field_set_ent_check(rf, ent_check);
# 374|
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/oval_recordField.c:375:36: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
openscap-1.4.4/src/OVAL/oval_recordField.c: scope_hint: In function ‘oval_record_field_parse_tag’
# 373| oval_record_field_set_ent_check(rf, ent_check);
# 374|
# 375|-> var_ref = (char *) xmlTextReaderGetAttribute(reader, BAD_CAST "var_ref");
# 376| if (var_ref == NULL) {
# 377| ret = oscap_parser_text_value(reader, &_oval_record_field_value_consumer, rf);
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/oval_recordField.c:377:31: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
openscap-1.4.4/src/OVAL/oval_recordField.c: scope_hint: In function ‘oval_record_field_parse_tag’
# 375| var_ref = (char *) xmlTextReaderGetAttribute(reader, BAD_CAST "var_ref");
# 376| if (var_ref == NULL) {
# 377|-> ret = oscap_parser_text_value(reader, &_oval_record_field_value_consumer, rf);
# 378| } else {
# 379| struct oval_definition_model *model;
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/oval_recordField.c:383:31: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
openscap-1.4.4/src/OVAL/oval_recordField.c: scope_hint: In function ‘oval_record_field_parse_tag’
# 381|
# 382| model = context->definition_model;
# 383|-> var = oval_definition_model_get_new_variable(model, var_ref, OVAL_VARIABLE_UNKNOWN);
# 384| oval_record_field_set_variable(rf, var);
# 385| xmlFree(var_ref);
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/oval_recordField.c:385:25: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
openscap-1.4.4/src/OVAL/oval_recordField.c: scope_hint: In function ‘oval_record_field_parse_tag’
# 383| var = oval_definition_model_get_new_variable(model, var_ref, OVAL_VARIABLE_UNKNOWN);
# 384| oval_record_field_set_variable(rf, var);
# 385|-> xmlFree(var_ref);
# 386| }
# 387| break;
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/oval_recordField.c:393:26: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
openscap-1.4.4/src/OVAL/oval_recordField.c: scope_hint: In function ‘oval_record_field_parse_tag’
# 391| oval_syschar_status_t status;
# 392|
# 393|-> status = oval_syschar_status_parse(reader, "status", SYSCHAR_STATUS_EXISTS);
# 394| oval_record_field_set_status(rf, status);
# 395| ret = oscap_parser_text_value(reader, &_oval_record_field_value_consumer, rf);
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/oval_recordField.c:395:23: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
openscap-1.4.4/src/OVAL/oval_recordField.c: scope_hint: In function ‘oval_record_field_parse_tag’
# 393| status = oval_syschar_status_parse(reader, "status", SYSCHAR_STATUS_EXISTS);
# 394| oval_record_field_set_status(rf, status);
# 395|-> ret = oscap_parser_text_value(reader, &_oval_record_field_value_consumer, rf);
# 396| break;
# 397| }
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/oval_recordField.c:402:10: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
openscap-1.4.4/src/OVAL/oval_recordField.c: scope_hint: In function ‘oval_record_field_parse_tag’
# 400| }
# 401|
# 402|-> (*consumer) (rf, user);
# 403|
# 404| return ret;
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/oval_set.c: scope_hint: In function ‘oval_setobject_get_subsets.part.0’
openscap-1.4.4/src/OVAL/oval_set.c:100:21: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
# 98| struct oval_set_AGGREGATE *aggregate = (struct oval_set_AGGREGATE *)set->extension;
# 99| subsets = (struct oval_setobject_iterator *)
# 100|-> oval_collection_iterator(aggregate->subsets);
# 101| }
# 102| return subsets;
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/oval_set.c: scope_hint: In function ‘oval_setobject_get_objects.part.0’
openscap-1.4.4/src/OVAL/oval_set.c:114:21: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
# 112| struct oval_set_COLLECTIVE *collective = (struct oval_set_COLLECTIVE *)set->extension;
# 113| objects = (struct oval_object_iterator *)
# 114|-> oval_collection_iterator(collective->objects);
# 115| }
# 116| return objects;
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/oval_set.c: scope_hint: In function ‘oval_setobject_get_filters.part.0’
openscap-1.4.4/src/OVAL/oval_set.c:128:21: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
# 126| struct oval_set_COLLECTIVE *collective = (struct oval_set_COLLECTIVE *)set->extension;
# 127| filters = (struct oval_filter_iterator *)
# 128|-> oval_collection_iterator(collective->filters);
# 129| }
# 130| return filters;
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/oval_set.c: scope_hint: In function ‘oval_setobject_clone’
openscap-1.4.4/src/OVAL/oval_set.c:156:32: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
# 154| case OVAL_SET_COLLECTIVE:{
# 155| struct oval_filter_iterator *filters = oval_setobject_get_filters(old_setobject);
# 156|-> while (oval_filter_iterator_has_more(filters)) {
# 157| struct oval_filter *filter = oval_filter_iterator_next(filters);
# 158| oval_setobject_add_filter(new_setobject, oval_filter_clone(new_model, filter));
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/oval_set.c:157:62: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
# 155| struct oval_filter_iterator *filters = oval_setobject_get_filters(old_setobject);
# 156| while (oval_filter_iterator_has_more(filters)) {
# 157|-> struct oval_filter *filter = oval_filter_iterator_next(filters);
# 158| oval_setobject_add_filter(new_setobject, oval_filter_clone(new_model, filter));
# 159| }
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/oval_set.c:158:33: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
# 156| while (oval_filter_iterator_has_more(filters)) {
# 157| struct oval_filter *filter = oval_filter_iterator_next(filters);
# 158|-> oval_setobject_add_filter(new_setobject, oval_filter_clone(new_model, filter));
# 159| }
# 160| oval_filter_iterator_free(filters);
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/oval_set.c:160:25: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
# 158| oval_setobject_add_filter(new_setobject, oval_filter_clone(new_model, filter));
# 159| }
# 160|-> oval_filter_iterator_free(filters);
# 161| struct oval_object_iterator *objects = oval_setobject_get_objects(old_setobject);
# 162| while (oval_object_iterator_has_more(objects)) {
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/oval_set.c:162:32: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
# 160| oval_filter_iterator_free(filters);
# 161| struct oval_object_iterator *objects = oval_setobject_get_objects(old_setobject);
# 162|-> while (oval_object_iterator_has_more(objects)) {
# 163| struct oval_object *object = oval_object_iterator_next(objects);
# 164| oval_setobject_add_object(new_setobject, oval_object_clone(new_model, object));
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/oval_set.c:163:62: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
# 161| struct oval_object_iterator *objects = oval_setobject_get_objects(old_setobject);
# 162| while (oval_object_iterator_has_more(objects)) {
# 163|-> struct oval_object *object = oval_object_iterator_next(objects);
# 164| oval_setobject_add_object(new_setobject, oval_object_clone(new_model, object));
# 165| }
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/oval_set.c:164:33: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
# 162| while (oval_object_iterator_has_more(objects)) {
# 163| struct oval_object *object = oval_object_iterator_next(objects);
# 164|-> oval_setobject_add_object(new_setobject, oval_object_clone(new_model, object));
# 165| }
# 166| oval_object_iterator_free(objects);
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/oval_set.c:166:25: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
# 164| oval_setobject_add_object(new_setobject, oval_object_clone(new_model, object));
# 165| }
# 166|-> oval_object_iterator_free(objects);
# 167|
# 168| } break;
Error: GCC_ANALYZER_WARNING (CWE-476):
openscap-1.4.4/src/OVAL/oval_set.c: scope_hint: In function ‘oval_setobject_set_type’
openscap-1.4.4/src/OVAL/oval_set.c:217:19: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘set’
# 215| __attribute__nonnull__(set);
# 216|
# 217|-> set->type = type;
# 218| switch (type) {
# 219| case OVAL_SET_AGGREGATE:{
Error: GCC_ANALYZER_WARNING (CWE-476):
openscap-1.4.4/src/OVAL/oval_set.c:223:44: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘malloc(8)’
# 221| (oval_set_AGGREGATE_t *) (set->extension =
# 222| malloc(sizeof(oval_set_AGGREGATE_t)));
# 223|-> aggregate->subsets = oval_collection_new();
# 224| }
# 225| break;
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/oval_set.c:223:46: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
# 221| (oval_set_AGGREGATE_t *) (set->extension =
# 222| malloc(sizeof(oval_set_AGGREGATE_t)));
# 223|-> aggregate->subsets = oval_collection_new();
# 224| }
# 225| break;
Error: GCC_ANALYZER_WARNING (CWE-476):
openscap-1.4.4/src/OVAL/oval_set.c: scope_hint: In function ‘oval_setobject_set_type.part.0’
openscap-1.4.4/src/OVAL/oval_set.c:230:45: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘malloc(16)’
# 228| (oval_set_COLLECTIVE_t *) (set->extension =
# 229| malloc(sizeof(oval_set_COLLECTIVE_t)));
# 230|-> collective->filters = oval_collection_new();
# 231| collective->objects = oval_collection_new();
# 232| }
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/oval_set.c:230:47: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
# 228| (oval_set_COLLECTIVE_t *) (set->extension =
# 229| malloc(sizeof(oval_set_COLLECTIVE_t)));
# 230|-> collective->filters = oval_collection_new();
# 231| collective->objects = oval_collection_new();
# 232| }
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/oval_set.c:231:47: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
# 229| malloc(sizeof(oval_set_COLLECTIVE_t)));
# 230| collective->filters = oval_collection_new();
# 231|-> collective->objects = oval_collection_new();
# 232| }
# 233| break;
Error: GCC_ANALYZER_WARNING (CWE-476):
openscap-1.4.4/src/OVAL/oval_set.c: scope_hint: In function ‘oval_setobject_set_operation’
openscap-1.4.4/src/OVAL/oval_set.c:242:24: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘set’
# 240| {
# 241| __attribute__nonnull__(set);
# 242|-> set->operation = operation;
# 243| }
# 244|
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/oval_set.c: scope_hint: In function ‘oval_setobject_add_subset’
openscap-1.4.4/src/OVAL/oval_set.c:250:9: warning[-Wanalyzer-malloc-leak]: leak of ‘oval_setobject_new(*context.definition_model)’
# 248| oval_set_AGGREGATE_t *aggregate = (oval_set_AGGREGATE_t *) set->extension;
# 249| assert(aggregate != NULL);
# 250|-> oval_collection_add(aggregate->subsets, (void *)subset);
# 251| }
# 252|
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/oval_set.c: scope_hint: In function ‘oval_setobject_add_object’
openscap-1.4.4/src/OVAL/oval_set.c:258:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
# 256| oval_set_COLLECTIVE_t *collective = (oval_set_COLLECTIVE_t *) set->extension;
# 257| assert(collective != NULL);
# 258|-> oval_collection_add(collective->objects, (void *)object);
# 259| }
# 260|
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/oval_set.c: scope_hint: In function ‘oval_setobject_add_filter’
openscap-1.4.4/src/OVAL/oval_set.c:266:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
# 264| oval_set_COLLECTIVE_t *collective = (oval_set_COLLECTIVE_t *) set->extension;
# 265| assert(collective != NULL);
# 266|-> oval_collection_add(collective->filters, (void *)filter);
# 267| }
# 268|
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/oval_set.c: scope_hint: In function ‘oval_set_parse_tag’
openscap-1.4.4/src/OVAL/oval_set.c:345:48: warning[-Wanalyzer-malloc-leak]: leak of ‘oval_setobject_new(*context.definition_model)’
# 343| struct oval_setobject *set = oval_setobject_new(context->definition_model);
# 344|
# 345|-> oval_setobject_operation_t operation = oval_set_operation_parse(reader, "set_operator",
# 346| OVAL_SET_OPERATION_UNION);
# 347| oval_setobject_set_operation(set, operation);
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/oval_set.c:349:10: warning[-Wanalyzer-malloc-leak]: leak of ‘oval_setobject_new(*context.definition_model)’
# 347| oval_setobject_set_operation(set, operation);
# 348|
# 349|-> (*consumer) (set, user);
# 350|
# 351| int return_code = oval_parser_parse_tag(reader, context, &_oval_set_parse_tag, set);
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/probes/SEAP/seap-packet.c: scope_hint: In function ‘SEAP_packet_sexp2cmd’
openscap-1.4.4/src/OVAL/probes/SEAP/seap-packet.c:756:37: warning[-Wanalyzer-malloc-leak]: leak of ‘SEAP_packet_new()’
# 754| _packet->type = SEAP_PACKET_CMD;
# 755|
# 756|-> if (SEAP_packet_sexp2cmd (sexp_packet, &(_packet->data.cmd)) != 0) {
# 757| /* error */
# 758| dD("Invalid SEAP packet received: %s.", "can't translate to cmd struct");
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/probes/SEAP/seap-packet.c: scope_hint: In function ‘SEAP_packet_sexp2err’
openscap-1.4.4/src/OVAL/probes/SEAP/seap-packet.c:776:37: warning[-Wanalyzer-malloc-leak]: leak of ‘SEAP_packet_new()’
# 774| _packet->type = SEAP_PACKET_ERR;
# 775|
# 776|-> if (SEAP_packet_sexp2err (sexp_packet, &(_packet->data.err)) != 0) {
# 777| /* error */
# 778| dD("Invalid SEAP packet received: %s.", "can't translate to err struct");
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/probes/unix/xinetd_probe.c:940:20: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
openscap-1.4.4/src/OVAL/probes/unix/xinetd_probe.c:925:26: note: in expansion of macro ‘tmpbuf_get’
openscap-1.4.4/src/OVAL/probes/unix/xinetd_probe.c:925:26: note: in expansion of macro ‘tmpbuf_get’
# 938| */
# 939| key = strdup(buffer + bufidx);
# 940|-> if (key == NULL)
# 941| exit(ENOMEM);
# 942|
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/probes/unix/xinetd_probe.c:1254:20: warning[-Wanalyzer-malloc-leak]: leak of ‘res’
# 1252|
# 1253| xiconf_strans_t *res = malloc(sizeof(xiconf_strans_t));
# 1254|-> res->cnt = rbt_str_size(xiconf->stree);
# 1255| res->srv = malloc(sizeof(xiconf_service_t *) * res->cnt);
# 1256|
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/probes/unix/xinetd_probe.c:1257:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
# 1255| res->srv = malloc(sizeof(xiconf_service_t *) * res->cnt);
# 1256|
# 1257|-> rbt_str_walk_inorder2(xiconf->stree, xiconf_dump_cb, (void *)res, 0);
# 1258|
# 1259| res->cnt = rbt_str_size(xiconf->stree);
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/probes/unix/xinetd_probe.c:1257:9: warning[-Wanalyzer-malloc-leak]: leak of ‘res’
# 1255| res->srv = malloc(sizeof(xiconf_service_t *) * res->cnt);
# 1256|
# 1257|-> rbt_str_walk_inorder2(xiconf->stree, xiconf_dump_cb, (void *)res, 0);
# 1258|
# 1259| res->cnt = rbt_str_size(xiconf->stree);
Error: GCC_ANALYZER_WARNING (CWE-476):
openscap-1.4.4/src/XCCDF/result_scoring.c:108:30: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_default_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_default_score’
# 106| /* Init */
# 107| score = malloc(sizeof(struct xccdf_default_score));
# 108|-> score->count = 0;
# 109| score->score = 0.0;
# 110| score->accumulator = 0.0;
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/result_scoring.c:115:36: warning[-Wanalyzer-malloc-leak]: leak of ‘score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_default_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_default_score’
# 113| struct xccdf_item_iterator * child_it;
# 114| if (itype == XCCDF_GROUP)
# 115|-> child_it = xccdf_group_get_content((const struct xccdf_group *)item);
# 116| else
# 117| child_it = xccdf_benchmark_get_content((const struct xccdf_benchmark *)item);
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/result_scoring.c:117:36: warning[-Wanalyzer-malloc-leak]: leak of ‘score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_default_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_default_score’
# 115| child_it = xccdf_group_get_content((const struct xccdf_group *)item);
# 116| else
# 117|-> child_it = xccdf_benchmark_get_content((const struct xccdf_benchmark *)item);
# 118|
# 119| while (xccdf_item_iterator_has_more(child_it)) {
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/result_scoring.c:119:24: warning[-Wanalyzer-malloc-leak]: leak of ‘score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_default_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_default_score’
# 117| child_it = xccdf_benchmark_get_content((const struct xccdf_benchmark *)item);
# 118|
# 119|-> while (xccdf_item_iterator_has_more(child_it)) {
# 120| child = xccdf_item_iterator_next(child_it);
# 121| ch_score = xccdf_item_get_default_score(child, test_result);
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/result_scoring.c:120:33: warning[-Wanalyzer-malloc-leak]: leak of ‘score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_default_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_default_score’
# 118|
# 119| while (xccdf_item_iterator_has_more(child_it)) {
# 120|-> child = xccdf_item_iterator_next(child_it);
# 121| ch_score = xccdf_item_get_default_score(child, test_result);
# 122|
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/result_scoring.c:143:54: warning[-Wanalyzer-malloc-leak]: leak of ‘score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_default_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_default_score’
# 141| score->score = score->score / score->accumulator;
# 142| /* Default weight */
# 143|-> score->weight_score = score->score * xccdf_item_get_weight(item);
# 144|
# 145| xccdf_item_iterator_free(child_it);
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/result_scoring.c:145:17: warning[-Wanalyzer-malloc-leak]: leak of ‘score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_default_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_default_score’
# 143| score->weight_score = score->score * xccdf_item_get_weight(item);
# 144|
# 145|-> xccdf_item_iterator_free(child_it);
# 146| } break;
# 147|
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c:166:30: warning[-Wanalyzer-malloc-leak]: leak of ‘score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
# 164| struct xccdf_item *child;
# 165|
# 166|-> xccdf_type_t itype = xccdf_item_get_type(item);
# 167|
# 168| switch (itype) {
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/result_scoring.c:171:39: warning[-Wanalyzer-malloc-leak]: leak of ‘score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
# 169| case XCCDF_RULE:{
# 170| /* Rule */
# 171|-> const char *rule_id = xccdf_rule_get_id((const struct xccdf_rule *) item);
# 172| rule_result = xccdf_result_get_rule_result_by_id(test_result, rule_id);
# 173| if (rule_result == NULL) {
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/result_scoring.c:172:31: warning[-Wanalyzer-malloc-leak]: leak of ‘score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
# 170| /* Rule */
# 171| const char *rule_id = xccdf_rule_get_id((const struct xccdf_rule *) item);
# 172|-> rule_result = xccdf_result_get_rule_result_by_id(test_result, rule_id);
# 173| if (rule_result == NULL) {
# 174| dE("Rule result ID(%s) not fount", rule_id);
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/result_scoring.c:177:21: warning[-Wanalyzer-malloc-leak]: leak of ‘score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
# 175| return NULL;
# 176| }
# 177|-> if (xccdf_rule_result_get_role(rule_result) == XCCDF_ROLE_UNSCORED) {
# 178| return NULL;
# 179| }
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/result_scoring.c:182:22: warning[-Wanalyzer-malloc-leak]: leak of ‘score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
# 180|
# 181| /* Ignore these rules */
# 182|-> if ((xccdf_rule_result_get_result(rule_result) == XCCDF_RESULT_NOT_SELECTED) ||
# 183| (xccdf_rule_result_get_result(rule_result) == XCCDF_RESULT_NOT_APPLICABLE) ||
# 184| (xccdf_rule_result_get_result(rule_result) == XCCDF_RESULT_INFORMATIONAL) ||
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/result_scoring.c:183:34: warning[-Wanalyzer-malloc-leak]: leak of ‘score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
# 181| /* Ignore these rules */
# 182| if ((xccdf_rule_result_get_result(rule_result) == XCCDF_RESULT_NOT_SELECTED) ||
# 183|-> (xccdf_rule_result_get_result(rule_result) == XCCDF_RESULT_NOT_APPLICABLE) ||
# 184| (xccdf_rule_result_get_result(rule_result) == XCCDF_RESULT_INFORMATIONAL) ||
# 185| (xccdf_rule_result_get_result(rule_result) == XCCDF_RESULT_NOT_CHECKED))
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/result_scoring.c:184:34: warning[-Wanalyzer-malloc-leak]: leak of ‘score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
# 182| if ((xccdf_rule_result_get_result(rule_result) == XCCDF_RESULT_NOT_SELECTED) ||
# 183| (xccdf_rule_result_get_result(rule_result) == XCCDF_RESULT_NOT_APPLICABLE) ||
# 184|-> (xccdf_rule_result_get_result(rule_result) == XCCDF_RESULT_INFORMATIONAL) ||
# 185| (xccdf_rule_result_get_result(rule_result) == XCCDF_RESULT_NOT_CHECKED))
# 186| return NULL;
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/result_scoring.c:194:25: warning[-Wanalyzer-malloc-leak]: leak of ‘score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
# 192| score->weight = 1.0;
# 193| else score->weight =
# 194|-> xccdf_item_get_weight(item);
# 195|
# 196| /* score = sum of weights of rules that pass */
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/result_scoring.c:197:22: warning[-Wanalyzer-malloc-leak]: leak of ‘score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
# 195|
# 196| /* score = sum of weights of rules that pass */
# 197|-> if ((xccdf_rule_result_get_result(rule_result) == XCCDF_RESULT_PASS) ||
# 198| (xccdf_rule_result_get_result(rule_result) == XCCDF_RESULT_FIXED)) {
# 199| if (unweighted)
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/result_scoring.c:198:34: warning[-Wanalyzer-malloc-leak]: leak of ‘score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
# 196| /* score = sum of weights of rules that pass */
# 197| if ((xccdf_rule_result_get_result(rule_result) == XCCDF_RESULT_PASS) ||
# 198|-> (xccdf_rule_result_get_result(rule_result) == XCCDF_RESULT_FIXED)) {
# 199| if (unweighted)
# 200| score->score = 1.0;
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/result_scoring.c:202:48: warning[-Wanalyzer-malloc-leak]: leak of ‘score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
# 200| score->score = 1.0;
# 201| else
# 202|-> score->score = xccdf_item_get_weight(item);
# 203| } else
# 204| score->score = 0.0; /* fail */
Error: GCC_ANALYZER_WARNING (CWE-476):
openscap-1.4.4/src/XCCDF/result_scoring.c:210:30: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
# 208| /* Init */
# 209| score = malloc(sizeof(struct xccdf_flat_score));
# 210|-> score->score = 0;
# 211| score->weight = 0.0;
# 212|
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/result_scoring.c:216:36: warning[-Wanalyzer-malloc-leak]: leak of ‘score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
# 214| struct xccdf_item_iterator * child_it;
# 215| if (itype == XCCDF_GROUP)
# 216|-> child_it = xccdf_group_get_content((const struct xccdf_group *)item);
# 217| else
# 218| child_it = xccdf_benchmark_get_content((const struct xccdf_benchmark *)item);
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/result_scoring.c:218:36: warning[-Wanalyzer-malloc-leak]: leak of ‘score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
# 216| child_it = xccdf_group_get_content((const struct xccdf_group *)item);
# 217| else
# 218|-> child_it = xccdf_benchmark_get_content((const struct xccdf_benchmark *)item);
# 219|
# 220| while (xccdf_item_iterator_has_more(child_it)) {
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/result_scoring.c:220:24: warning[-Wanalyzer-malloc-leak]: leak of ‘score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
# 218| child_it = xccdf_benchmark_get_content((const struct xccdf_benchmark *)item);
# 219|
# 220|-> while (xccdf_item_iterator_has_more(child_it)) {
# 221| child = xccdf_item_iterator_next(child_it);
# 222| ch_score = xccdf_item_get_flat_score(child, test_result, unweighted);
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/result_scoring.c:221:33: warning[-Wanalyzer-malloc-leak]: leak of ‘score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
# 219|
# 220| while (xccdf_item_iterator_has_more(child_it)) {
# 221|-> child = xccdf_item_iterator_next(child_it);
# 222| ch_score = xccdf_item_get_flat_score(child, test_result, unweighted);
# 223|
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/result_scoring.c:239:17: warning[-Wanalyzer-malloc-leak]: leak of ‘score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/common/util.h: scope_hint: In function ‘xccdf_item_get_flat_score’
openscap-1.4.4/src/XCCDF/result_scoring.c: scope_hint: In function ‘xccdf_item_get_flat_score’
# 237| }
# 238|
# 239|-> xccdf_item_iterator_free(child_it);
# 240| } break;
# 241|
Error: GCC_ANALYZER_WARNING (CWE-126):
openscap-1.4.4/src/XCCDF/xccdf_session.c:1006:38: warning[-Wanalyzer-out-of-bounds]: heap-based buffer over-read
openscap-1.4.4/src/XCCDF/xccdf_session.c: scope_hint: In function ‘_oval_content_resources_free.part.0’
openscap-1.4.4/src/XCCDF/xccdf_session.c: scope_hint: In function ‘_oval_content_resources_free.part.0’
openscap-1.4.4/src/XCCDF/xccdf_session.c:1006:38: note: read of 8 bytes from after the end of the region
# 1004| for (int i=0; resources[i]; i++) {
# 1005| free(resources[i]->href);
# 1006|-> if (resources[i]->source_owned) {
# 1007| oscap_source_free(resources[i]->source);
# 1008| }
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/xccdf_session.c:1007:33: warning[-Wanalyzer-malloc-leak]: leak of ‘resources’
openscap-1.4.4/src/XCCDF/xccdf_session.c: scope_hint: In function ‘_oval_content_resources_free.part.0’
openscap-1.4.4/src/XCCDF/xccdf_session.c: scope_hint: In function ‘_oval_content_resources_free.part.0’
# 1005| free(resources[i]->href);
# 1006| if (resources[i]->source_owned) {
# 1007|-> oscap_source_free(resources[i]->source);
# 1008| }
# 1009| free(resources[i]);
Error: GCC_ANALYZER_WARNING (CWE-126):
openscap-1.4.4/src/XCCDF/xccdf_session.c:1009:25: warning[-Wanalyzer-out-of-bounds]: heap-based buffer over-read
openscap-1.4.4/src/XCCDF/xccdf_session.c: scope_hint: In function ‘_oval_content_resources_free.part.0’
openscap-1.4.4/src/XCCDF/xccdf_session.c: scope_hint: In function ‘_oval_content_resources_free.part.0’
openscap-1.4.4/src/XCCDF/xccdf_session.c:1009:25: note: read of 8 bytes from after the end of the region
# 1007| oscap_source_free(resources[i]->source);
# 1008| }
# 1009|-> free(resources[i]);
# 1010| }
# 1011| free(resources);
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/xccdf_session.c: scope_hint: In function ‘_xccdf_session_get_oval_from_model’
openscap-1.4.4/src/XCCDF/xccdf_session.c:1056:20: warning[-Wanalyzer-malloc-leak]: leak of ‘xccdf_path_cpy’
# 1054|
# 1055| xccdf_path_cpy = strdup(oscap_source_readable_origin(session->xccdf.source));
# 1056|-> dir_path = oscap_dirname(xccdf_path_cpy);
# 1057|
# 1058| resources = malloc(sizeof(struct oval_content_resource *));
Error: GCC_ANALYZER_WARNING (CWE-476):
openscap-1.4.4/src/XCCDF/xccdf_session.c:1059:24: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘resources’
# 1057|
# 1058| resources = malloc(sizeof(struct oval_content_resource *));
# 1059|-> resources[idx] = NULL;
# 1060|
# 1061| files = xccdf_policy_model_get_systems_and_files(session->xccdf.policy_model);
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/xccdf_session.c:1061:17: warning[-Wanalyzer-malloc-leak]: leak of ‘resources’
# 1059| resources[idx] = NULL;
# 1060|
# 1061|-> files = xccdf_policy_model_get_systems_and_files(session->xccdf.policy_model);
# 1062| files_it = oscap_file_entry_list_get_files(files);
# 1063| while (oscap_file_entry_iterator_has_more(files_it)) {
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/xccdf_session.c:1062:20: warning[-Wanalyzer-malloc-leak]: leak of ‘resources’
# 1060|
# 1061| files = xccdf_policy_model_get_systems_and_files(session->xccdf.policy_model);
# 1062|-> files_it = oscap_file_entry_list_get_files(files);
# 1063| while (oscap_file_entry_iterator_has_more(files_it)) {
# 1064| struct oscap_file_entry *file_entry;
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/xccdf_session.c:1063:16: warning[-Wanalyzer-malloc-leak]: leak of ‘resources’
# 1061| files = xccdf_policy_model_get_systems_and_files(session->xccdf.policy_model);
# 1062| files_it = oscap_file_entry_list_get_files(files);
# 1063|-> while (oscap_file_entry_iterator_has_more(files_it)) {
# 1064| struct oscap_file_entry *file_entry;
# 1065| struct stat sb;
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/xccdf_session.c:1068:58: warning[-Wanalyzer-malloc-leak]: leak of ‘resources’
# 1066| bool source_owned = false;
# 1067|
# 1068|-> file_entry = (struct oscap_file_entry *) oscap_file_entry_iterator_next(files_it);
# 1069|
# 1070| // we only care about OVAL referenced files
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/xccdf_session.c:1071:21: warning[-Wanalyzer-malloc-leak]: leak of ‘resources’
# 1069|
# 1070| // we only care about OVAL referenced files
# 1071|-> if (strcmp(oscap_file_entry_get_system(file_entry), oval_sysname))
# 1072| continue;
# 1073|
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/xccdf_session.c:1074:41: warning[-Wanalyzer-malloc-leak]: leak of ‘resources’
# 1072| continue;
# 1073|
# 1074|-> const char *file_path = oscap_file_entry_get_file(file_entry);
# 1075| struct oscap_source *source = NULL;
# 1076|
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/xccdf_session.c:1089:34: warning[-Wanalyzer-malloc-leak]: leak of ‘resources’
# 1087|
# 1088| if (xccdf_session_get_ds_sds_session(session) != NULL) {
# 1089|-> source = ds_sds_session_get_component_by_href(xccdf_session_get_ds_sds_session(session), file_path);
# 1090| source_owned = false;
# 1091| } else {
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/xccdf_session.c:1093:42: warning[-Wanalyzer-malloc-leak]: leak of ‘resources’
# 1091| } else {
# 1092| if (stat(tmp_path, &sb) == 0) {
# 1093|-> source = oscap_source_new_from_file(tmp_path);
# 1094| source_owned = true;
# 1095| }
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/xccdf_session.c:1100:46: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
openscap-1.4.4/src/XCCDF/xccdf_session.c: scope_hint: In function ‘_xccdf_session_get_oval_from_model’
# 1098| if (source != NULL) {
# 1099| resources[idx] = malloc(sizeof(struct oval_content_resource));
# 1100|-> resources[idx]->href = oscap_strdup(oscap_file_entry_get_file(file_entry));
# 1101| resources[idx]->source_owned = source_owned;
# 1102| resources[idx]->source = source;
Error: GCC_ANALYZER_WARNING (CWE-476):
openscap-1.4.4/src/XCCDF/xccdf_session.c:1100:46: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*<unknown>’
openscap-1.4.4/src/XCCDF/xccdf_session.c: scope_hint: In function ‘_xccdf_session_get_oval_from_model’
# 1098| if (source != NULL) {
# 1099| resources[idx] = malloc(sizeof(struct oval_content_resource));
# 1100|-> resources[idx]->href = oscap_strdup(oscap_file_entry_get_file(file_entry));
# 1101| resources[idx]->source_owned = source_owned;
# 1102| resources[idx]->source = source;
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/xccdf_session.c:1100:48: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
# 1098| if (source != NULL) {
# 1099| resources[idx] = malloc(sizeof(struct oval_content_resource));
# 1100|-> resources[idx]->href = oscap_strdup(oscap_file_entry_get_file(file_entry));
# 1101| resources[idx]->source_owned = source_owned;
# 1102| resources[idx]->source = source;
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/xccdf_session.c:1100:48: warning[-Wanalyzer-malloc-leak]: leak of ‘resources’
# 1098| if (source != NULL) {
# 1099| resources[idx] = malloc(sizeof(struct oval_content_resource));
# 1100|-> resources[idx]->href = oscap_strdup(oscap_file_entry_get_file(file_entry));
# 1101| resources[idx]->source_owned = source_owned;
# 1102| resources[idx]->source = source;
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/xccdf_session.c:1115:29: warning[-Wanalyzer-malloc-leak]: leak of ‘resources’
# 1113| }
# 1114| else {
# 1115|-> if (oscap_acquire_url_is_supported(oscap_file_entry_get_file(file_entry))) {
# 1116| // Strip out the 'path' for printing the url.
# 1117| printable_path = (char *) oscap_file_entry_get_file(file_entry);
Error: GCC_ANALYZER_WARNING (CWE-476):
openscap-1.4.4/src/XCCDF/xccdf_session.c:1130:70: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘malloc(24)’
openscap-1.4.4/src/XCCDF/xccdf_session.c: scope_hint: In function ‘_xccdf_session_get_oval_from_model’
# 1128|
# 1129| resources[idx] = malloc(sizeof(struct oval_content_resource));
# 1130|-> resources[idx]->href = oscap_strdup(printable_path);
# 1131| resources[idx]->source = oscap_source_new_take_memory(data, data_size, printable_path);
# 1132| resources[idx]->source_owned = true;
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/xccdf_session.c: scope_hint: In function ‘xccdf_session_load_check_engine_plugin2’
openscap-1.4.4/src/XCCDF/xccdf_session.c:1279:39: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
openscap-1.4.4/src/XCCDF/xccdf_session.c: scope_hint: In function ‘xccdf_session_load_check_engine_plugin2’
# 1277| } else {
# 1278| char* xccdf_filename = oscap_strdup(oscap_source_readable_origin(session->xccdf.source));
# 1279|-> char *xccdf_dirname = oscap_dirname(xccdf_filename);
# 1280| int res = check_engine_plugin_register(plugin, session->xccdf.policy_model, xccdf_dirname);
# 1281| free(xccdf_dirname);
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/XCCDF/xccdf_session.c: scope_hint: In function ‘_xccdf_session_export_oval_result_file’
openscap-1.4.4/src/XCCDF/xccdf_session.c:1698:14: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(_xccdf_session_get_unique_oval_result_filename(session, oval_session, oval_results_directory))’
openscap-1.4.4/src/XCCDF/xccdf_session.c: scope_hint: In function ‘_xccdf_session_export_oval_result_file’
# 1696| const char *original_name = oval_agent_get_filename(oval_session);
# 1697| char *results_file_name = oscap_strdup(name);
# 1698|-> if (!oscap_htable_add(session->oval.results_mapping, original_name, results_file_name)){
# 1699| free(results_file_name);
# 1700| }
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/common/debug_priv.h:47:37: warning[-Wanalyzer-malloc-leak]: leak of ‘new_valstr_array’
openscap-1.4.4/src/common/debug_priv.h:54:33: note: in expansion of macro ‘__dlprintf_wrapper’
openscap-1.4.4/src/common/debug_priv.h:64:17: note: in expansion of macro ‘oscap_dlprintf’
openscap-1.4.4/src/OVAL/probes/unix/xinetd_probe.c:1502:25: note: in expansion of macro ‘dD’
openscap-1.4.4/src/common/debug_priv.h:54:33: note: in expansion of macro ‘__dlprintf_wrapper’
openscap-1.4.4/src/common/debug_priv.h:64:17: note: in expansion of macro ‘oscap_dlprintf’
openscap-1.4.4/src/OVAL/probes/unix/xinetd_probe.c:1502:25: note: in expansion of macro ‘dD’
openscap-1.4.4/src/common/debug_priv.h:54:33: note: in expansion of macro ‘__dlprintf_wrapper’
openscap-1.4.4/src/common/debug_priv.h:64:17: note: in expansion of macro ‘oscap_dlprintf’
openscap-1.4.4/src/OVAL/probes/unix/xinetd_probe.c:1502:25: note: in expansion of macro ‘dD’
openscap-1.4.4/src/common/debug_priv.h:54:33: note: in expansion of macro ‘__dlprintf_wrapper’
openscap-1.4.4/src/common/debug_priv.h:64:17: note: in expansion of macro ‘oscap_dlprintf’
openscap-1.4.4/src/OVAL/probes/unix/xinetd_probe.c:1502:25: note: in expansion of macro ‘dD’
# 45|
# 46|
# 47|-> # define __dlprintf_wrapper(l, ...) __oscap_dlprintf (l, __FILE__, __PRETTY_FUNCTION__, __LINE__, 0, __VA_ARGS__)
# 48|
# 49| /**
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/OVAL/probes/unix/xinetd_probe.c: scope_hint: In function ‘op_remove_strl’
openscap-1.4.4/src/common/debug_priv.h:47:37: warning[-Wanalyzer-malloc-leak]: leak of ‘newstr_array’
openscap-1.4.4/src/common/debug_priv.h:54:33: note: in expansion of macro ‘__dlprintf_wrapper’
openscap-1.4.4/src/common/debug_priv.h:64:17: note: in expansion of macro ‘oscap_dlprintf’
openscap-1.4.4/src/OVAL/probes/unix/xinetd_probe.c:1479:17: note: in expansion of macro ‘dD’
openscap-1.4.4/src/common/debug_priv.h:54:33: note: in expansion of macro ‘__dlprintf_wrapper’
openscap-1.4.4/src/common/debug_priv.h:64:17: note: in expansion of macro ‘oscap_dlprintf’
openscap-1.4.4/src/OVAL/probes/unix/xinetd_probe.c:1479:17: note: in expansion of macro ‘dD’
openscap-1.4.4/src/common/debug_priv.h:54:33: note: in expansion of macro ‘__dlprintf_wrapper’
openscap-1.4.4/src/common/debug_priv.h:64:17: note: in expansion of macro ‘oscap_dlprintf’
openscap-1.4.4/src/OVAL/probes/unix/xinetd_probe.c:1479:17: note: in expansion of macro ‘dD’
# 45|
# 46|
# 47|-> # define __dlprintf_wrapper(l, ...) __oscap_dlprintf (l, __FILE__, __PRETTY_FUNCTION__, __LINE__, 0, __VA_ARGS__)
# 48|
# 49| /**
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/common/debug_priv.h:47:37: warning[-Wanalyzer-malloc-leak]: leak of ‘srv’
openscap-1.4.4/src/common/debug_priv.h:54:33: note: in expansion of macro ‘__dlprintf_wrapper’
openscap-1.4.4/src/common/debug_priv.h:64:17: note: in expansion of macro ‘oscap_dlprintf’
openscap-1.4.4/src/OVAL/probes/unix/xinetd_probe.c:1553:25: note: in expansion of macro ‘dD’
openscap-1.4.4/src/common/debug_priv.h:54:33: note: in expansion of macro ‘__dlprintf_wrapper’
openscap-1.4.4/src/common/debug_priv.h:64:17: note: in expansion of macro ‘oscap_dlprintf’
openscap-1.4.4/src/OVAL/probes/unix/xinetd_probe.c:1553:25: note: in expansion of macro ‘dD’
openscap-1.4.4/src/common/debug_priv.h:54:33: note: in expansion of macro ‘__dlprintf_wrapper’
openscap-1.4.4/src/common/debug_priv.h:64:17: note: in expansion of macro ‘oscap_dlprintf’
openscap-1.4.4/src/OVAL/probes/unix/xinetd_probe.c:1553:25: note: in expansion of macro ‘dD’
# 45|
# 46|
# 47|-> # define __dlprintf_wrapper(l, ...) __oscap_dlprintf (l, __FILE__, __PRETTY_FUNCTION__, __LINE__, 0, __VA_ARGS__)
# 48|
# 49| /**
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/common/list.c: scope_hint: In function ‘oscap_create_lists’
openscap-1.4.4/src/common/list.c:45:64: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
# 43| va_list ap;
# 44| va_start(ap, first);
# 45|-> for (struct oscap_list **cur = first; cur != NULL; cur = va_arg(ap, struct oscap_list **))
# 46| *cur = oscap_list_new();
# 47| va_end(ap);
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/common/list.c: scope_hint: In function ‘oscap_list_clone’
openscap-1.4.4/src/common/list.c:155:21: warning[-Wanalyzer-malloc-leak]: leak of ‘oscap_list_new()’
# 153| while (item != NULL) {
# 154| if (cloner)
# 155|-> oscap_list_add(copy, cloner(item->data));
# 156| else oscap_list_add(copy, item->data);
# 157| item = item->next;
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/common/list.c: scope_hint: In function ‘oscap_list_find’
openscap-1.4.4/src/common/list.c:336:20: warning[-Wanalyzer-malloc-leak]: leak of ‘oscap_iterator_new(list)’
# 334| static inline bool _oscap_iterator_has_more_internal(const struct oscap_iterator *it)
# 335| {
# 336|-> return (!it->cur && it->list->first) || (it->cur && it->cur->next);
# 337| }
# 338|
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/src/common/list.c: scope_hint: In function ‘oscap_htable_clone’
openscap-1.4.4/src/common/list.c:430:37: warning[-Wanalyzer-malloc-leak]: leak of ‘oscap_htable_new()’
# 428| return NULL;
# 429|
# 430|-> for (size_t i = 0; i < table->hsize; ++i) {
# 431| struct oscap_htable_item *item = table->table[i];
# 432| while (item != NULL) {
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/tests/API/SEAP/test_api_seap_spb.c: scope_hint: In function ‘main’
openscap-1.4.4/tests/API/SEAP/test_api_seap_spb.c:43:32: warning[-Wanalyzer-malloc-leak]: leak of ‘iov[0].iov_base’
# 41| case EINVAL:
# 42| fprintf (stderr, "Invalid seed: Not a number\n");
# 43|-> return (-1);
# 44| }
# 45| break;
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/tests/API/SEAP/test_api_seap_spb.c:43:32: warning[-Wanalyzer-malloc-leak]: leak of ‘iov[1].iov_base’
# 41| case EINVAL:
# 42| fprintf (stderr, "Invalid seed: Not a number\n");
# 43|-> return (-1);
# 44| }
# 45| break;
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/tests/API/SEAP/test_api_seap_spb.c:43:32: warning[-Wanalyzer-malloc-leak]: leak of ‘iov[2].iov_base’
# 41| case EINVAL:
# 42| fprintf (stderr, "Invalid seed: Not a number\n");
# 43|-> return (-1);
# 44| }
# 45| break;
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/tests/API/SEAP/test_api_seap_spb.c:68:41: warning[-Wanalyzer-malloc-leak]: leak of ‘iov[0].iov_base’
# 66|
# 67| if (iov[i].iov_base == NULL) {
# 68|-> perror ("iov alloc");
# 69| return (2);
# 70| }
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/tests/API/SEAP/test_api_seap_spb.c:68:41: warning[-Wanalyzer-malloc-leak]: leak of ‘iov[1].iov_base’
# 66|
# 67| if (iov[i].iov_base == NULL) {
# 68|-> perror ("iov alloc");
# 69| return (2);
# 70| }
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/tests/API/SEAP/test_api_seap_spb.c:68:41: warning[-Wanalyzer-malloc-leak]: leak of ‘iov[2].iov_base’
# 66|
# 67| if (iov[i].iov_base == NULL) {
# 68|-> perror ("iov alloc");
# 69| return (2);
# 70| }
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/tests/API/SEAP/test_api_seap_spb.c:68:41: warning[-Wanalyzer-malloc-leak]: leak of ‘r_buf’
# 66|
# 67| if (iov[i].iov_base == NULL) {
# 68|-> perror ("iov alloc");
# 69| return (2);
# 70| }
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:39:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "rb")’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’
# 37| oscap_assert(file != NULL);
# 38|
# 39|-> fseek(file, 0, SEEK_END);
# 40| unsigned long len = ftell(file);
# 41| fseek(file, 0, SEEK_SET);
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:40:29: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "rb")’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’
# 38|
# 39| fseek(file, 0, SEEK_END);
# 40|-> unsigned long len = ftell(file);
# 41| fseek(file, 0, SEEK_SET);
# 42|
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:41:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "rb")’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’
# 39| fseek(file, 0, SEEK_END);
# 40| unsigned long len = ftell(file);
# 41|-> fseek(file, 0, SEEK_SET);
# 42|
# 43| oscap_assert(buffer != NULL);
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:44:30: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "rb")’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:43:9: note: in expansion of macro ‘oscap_assert’
# 42|
# 43| oscap_assert(buffer != NULL);
# 44|-> *buffer = malloc(len + 1);
# 45| oscap_assert(*buffer != NULL);
# 46|
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c: scope_hint: In function ‘main’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:61:36: warning[-Wanalyzer-malloc-leak]: leak of ‘buffer’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:56:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:43:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:45:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:45:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:59:9: note: in expansion of macro ‘oscap_assert’
# 59| oscap_assert(buff_size != 0);
# 60|
# 61|-> struct oscap_source *src = oscap_source_new_from_memory(buffer, buff_size, "file.xml.bz2");
# 62| printf("SCAP TYPE: %s\n", oscap_document_type_to_string(oscap_source_get_scap_type(src)));
# 63| oscap_assert(oscap_source_validate(src, NULL, NULL) == 0);
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:62:9: warning[-Wanalyzer-malloc-leak]: leak of ‘buffer’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:56:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:43:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:45:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:45:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:59:9: note: in expansion of macro ‘oscap_assert’
# 60|
# 61| struct oscap_source *src = oscap_source_new_from_memory(buffer, buff_size, "file.xml.bz2");
# 62|-> printf("SCAP TYPE: %s\n", oscap_document_type_to_string(oscap_source_get_scap_type(src)));
# 63| oscap_assert(oscap_source_validate(src, NULL, NULL) == 0);
# 64| oscap_source_free(src);
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:63:22: warning[-Wanalyzer-malloc-leak]: leak of ‘buffer’
openscap-1.4.4/tests/oscap_assert.h:30:15: note: in definition of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:56:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:43:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:45:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:45:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:59:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/oscap_assert.h:30:15: note: in definition of macro ‘oscap_assert’
openscap-1.4.4/tests/oscap_assert.h:30:15: note: in definition of macro ‘oscap_assert’
# 61| struct oscap_source *src = oscap_source_new_from_memory(buffer, buff_size, "file.xml.bz2");
# 62| printf("SCAP TYPE: %s\n", oscap_document_type_to_string(oscap_source_get_scap_type(src)));
# 63|-> oscap_assert(oscap_source_validate(src, NULL, NULL) == 0);
# 64| oscap_source_free(src);
# 65| free(buffer);
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:64:9: warning[-Wanalyzer-malloc-leak]: leak of ‘buffer’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:56:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:43:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:45:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:45:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:59:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:63:9: note: in expansion of macro ‘oscap_assert’
# 62| printf("SCAP TYPE: %s\n", oscap_document_type_to_string(oscap_source_get_scap_type(src)));
# 63| oscap_assert(oscap_source_validate(src, NULL, NULL) == 0);
# 64|-> oscap_source_free(src);
# 65| free(buffer);
# 66|
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/tests/oscap_assert.h:30:12: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "rb")’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:43:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:37:9: note: in expansion of macro ‘oscap_assert’
openscap-1.4.4/tests/bz2/test_bz2_memory_source.c:43:9: note: in expansion of macro ‘oscap_assert’
# 28| /* Unlike standard assert() macro this works even if NDEBUG is defined. */
# 29| #define oscap_assert(expr) \
# 30|-> if (!(expr)) { \
# 31| fprintf(stderr, "Assertion failed: %s, file %s, line %d, function %s.", #expr, __FILE__, __LINE__, __PRETTY_FUNCTION__); \
# 32| abort(); \
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/utils/oscap-tool.c: scope_hint: In function ‘getopt_parse_env’
openscap-1.4.4/utils/oscap-tool.c:301:15: warning[-Wanalyzer-malloc-leak]: leak of ‘opts’
openscap-1.4.4/utils/oscap-tool.c: scope_hint: In function ‘getopt_parse_env’
# 299| eargc = 0;
# 300| opts = strdup(opts);
# 301|-> opt = oscap_strtok_r(opts, delim, &state);
# 302| while (opt != NULL) {
# 303| eargc++;
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/utils/oscap-tool.c:304:35: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
openscap-1.4.4/utils/oscap-tool.c: scope_hint: In function ‘getopt_parse_env’
# 302| while (opt != NULL) {
# 303| eargc++;
# 304|-> void *new_eargv = realloc(eargv, eargc * sizeof(char *));
# 305| if (new_eargv == NULL)
# 306| goto exit;
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/utils/oscap-tool.c:309:23: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
openscap-1.4.4/utils/oscap-tool.c: scope_hint: In function ‘getopt_parse_env’
# 307| eargv = new_eargv;
# 308| eargv[eargc - 1] = strdup(opt);
# 309|-> opt = oscap_strtok_r(NULL, delim, &state);
# 310| }
# 311|
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/utils/oscap-tool.c:309:23: warning[-Wanalyzer-malloc-leak]: leak of ‘new_eargv’
openscap-1.4.4/utils/oscap-tool.c: scope_hint: In function ‘getopt_parse_env’
# 307| eargv = new_eargv;
# 308| eargv[eargc - 1] = strdup(opt);
# 309|-> opt = oscap_strtok_r(NULL, delim, &state);
# 310| }
# 311|
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/utils/oscap-tool.c:328:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
openscap-1.4.4/utils/oscap-tool.c: scope_hint: In function ‘getopt_parse_env’
# 326| exit:
# 327| free(opts);
# 328|-> free(eargv);
# 329| }
# 330|
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/utils/oscap-tool.c: scope_hint: In function ‘oscap_module_process’
openscap-1.4.4/utils/oscap-tool.c:358:18: warning[-Wanalyzer-malloc-leak]: leak of ‘argv’
openscap-1.4.4/utils/oscap-tool.c: scope_hint: In function ‘oscap_module_process’
# 356|
# 357| if (module->opt_parser) {
# 358|-> if (!module->opt_parser(argc, argv, &action)) {
# 359| ret = OSCAP_BADARGS;
# 360| goto cleanup;
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/utils/oscap-xccdf.c: scope_hint: In function ‘_system_is_in_bootc_mode.part.0’
openscap-1.4.4/utils/oscap-xccdf.c:665:17: warning[-Wanalyzer-malloc-leak]: leak of ‘popen("/usr/bin/bootc status --format json 2>/dev/null", "r")’
# 663| char *buf = calloc(buf_size, sizeof(char));
# 664| if (buf == NULL) {
# 665|-> pclose(output);
# 666| return false;
# 667| }
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/utils/oscap-xccdf.c:670:21: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
# 668| int c;
# 669| size_t i = 0;
# 670|-> while ((c = fgetc(output)) != EOF) {
# 671| if (i >= buf_size) {
# 672| buf_size += CHUNK_SIZE;
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/utils/oscap-xccdf.c:670:21: warning[-Wanalyzer-malloc-leak]: leak of ‘popen("/usr/bin/bootc status --format json 2>/dev/null", "r")’
# 668| int c;
# 669| size_t i = 0;
# 670|-> while ((c = fgetc(output)) != EOF) {
# 671| if (i >= buf_size) {
# 672| buf_size += CHUNK_SIZE;
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/utils/oscap-xccdf.c:680:20: warning[-Wanalyzer-malloc-leak]: leak of ‘popen("/usr/bin/bootc status --format json 2>/dev/null", "r")’
# 678| buf = new_buf;
# 679| }
# 680|-> buf[i++] = c;
# 681| }
# 682| pclose(output);
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/utils/oscap-xccdf.c:682:9: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
# 680| buf[i++] = c;
# 681| }
# 682|-> pclose(output);
# 683| bool result = (*buf != '\0' && strstr(buf, "\"booted\":null") == NULL);
# 684| free(buf);
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/utils/oscap-xccdf.c:682:9: warning[-Wanalyzer-malloc-leak]: leak of ‘popen("/usr/bin/bootc status --format json 2>/dev/null", "r")’
# 680| buf[i++] = c;
# 681| }
# 682|-> pclose(output);
# 683| bool result = (*buf != '\0' && strstr(buf, "\"booted\":null") == NULL);
# 684| free(buf);
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/utils/oscap-xccdf.c: scope_hint: In function ‘_some_result_exists’
openscap-1.4.4/utils/oscap-xccdf.c:1047:16: warning[-Wanalyzer-malloc-leak]: leak of ‘oval_result’
# 1045| files_it = oscap_file_entry_list_get_files(files);
# 1046| oval_result = malloc(PATH_MAX * sizeof(char));
# 1047|-> while (oscap_file_entry_iterator_has_more(files_it)) {
# 1048| struct oscap_file_entry *file_entry = (struct oscap_file_entry *) oscap_file_entry_iterator_next(files_it);;
# 1049| struct stat sb;
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/utils/oscap-xccdf.c:1048:83: warning[-Wanalyzer-malloc-leak]: leak of ‘oval_result’
# 1046| oval_result = malloc(PATH_MAX * sizeof(char));
# 1047| while (oscap_file_entry_iterator_has_more(files_it)) {
# 1048|-> struct oscap_file_entry *file_entry = (struct oscap_file_entry *) oscap_file_entry_iterator_next(files_it);;
# 1049| struct stat sb;
# 1050| if (strcmp(oscap_file_entry_get_system(file_entry), namespace))
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/utils/oscap-xccdf.c:1050:21: warning[-Wanalyzer-malloc-leak]: leak of ‘oval_result’
# 1048| struct oscap_file_entry *file_entry = (struct oscap_file_entry *) oscap_file_entry_iterator_next(files_it);;
# 1049| struct stat sb;
# 1050|-> if (strcmp(oscap_file_entry_get_system(file_entry), namespace))
# 1051| continue;
# 1052| snprintf(oval_result, PATH_MAX, "./%s.result.xml", oscap_file_entry_get_file(file_entry));
Error: GCC_ANALYZER_WARNING (CWE-401):
openscap-1.4.4/utils/oscap-xccdf.c:1052:17: warning[-Wanalyzer-malloc-leak]: leak of ‘oval_result’
# 1050| if (strcmp(oscap_file_entry_get_system(file_entry), namespace))
# 1051| continue;
# 1052|-> snprintf(oval_result, PATH_MAX, "./%s.result.xml", oscap_file_entry_get_file(file_entry));
# 1053| if (stat(oval_result, &sb) == 0) {
# 1054| result = true;