Error: GCC_ANALYZER_WARNING (CWE-457): [#def1] crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/json_common.c: scope_hint: In function 'free_json_map_string_string.part.0' crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/json_common.c:1480:16: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value '*map.values' crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/json_common.c:1486:1: note: in expansion of macro 'define_cleaner_function' crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/json_common.h:42:7: note: in definition of macro 'define_cleaner_function' crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/json_common.c: scope_hint: In function 'free_json_map_string_string.part.0' # 1478| free (map->keys); # 1479| map->keys = NULL; # 1480|-> free (map->values); # 1481| map->values = NULL; # 1482| free (map); Error: GCC_ANALYZER_WARNING (CWE-401): [#def2] crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/runtime_spec_schema_config_linux.c: scope_hint: In function 'make_runtime_spec_schema_config_linux' crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/runtime_spec_schema_config_linux.c:1800:30: warning[-Wanalyzer-malloc-leak]: leak of 'make_runtime_spec_schema_config_linux_resources(get_val(tree, "resources", 3), ctx, err)' # 1798| while (0); # 1799| ret->pids = make_runtime_spec_schema_config_linux_resources_pids (get_val (tree, "pids", yajl_t_object), ctx, err); # 1800|-> if (ret->pids == NULL && *err != 0) # 1801| return NULL; # 1802| ret->block_io = make_runtime_spec_schema_config_linux_resources_block_io (get_val (tree, "blockIO", yajl_t_object), ctx, err); Error: GCC_ANALYZER_WARNING (CWE-401): [#def3] crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/runtime_spec_schema_config_linux.c:2253:8: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>' crun-1.16.1-build/crun-HEAD/libocispec/yajl/src/api/yajl_tree.h:162:29: note: in expansion of macro 'YAJL_IS_STRING' crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/runtime_spec_schema_config_linux.c:2119:25: note: in expansion of macro 'YAJL_GET_STRING' # 2251| } # 2252| # 2253|-> if (tree->type == yajl_t_object) # 2254| { # 2255| size_t i; Error: GCC_ANALYZER_WARNING (CWE-401): [#def4] crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/runtime_spec_schema_defs.c: scope_hint: In function 'make_runtime_spec_schema_defs_mount' crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/runtime_spec_schema_defs.c:683:12: warning[-Wanalyzer-malloc-leak]: leak of 'resi' crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/json_common.h:9: included_from: Included from here. crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/runtime_spec_schema_defs.h:7: included_from: Included from here. crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/runtime_spec_schema_defs.c:8: included_from: Included from here. crun-1.16.1-build/crun-HEAD/libocispec/yajl/src/api/yajl_tree.h:162:29: note: in expansion of macro 'YAJL_IS_STRING' crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/runtime_spec_schema_defs.c:536:25: note: in expansion of macro 'YAJL_GET_STRING' # 681| (void) fprintf (ctx->errfile, "WARNING: unknown key found\n"); # 682| } # 683|-> if (ctx->options & OPT_PARSE_FULLKEY) # 684| ret->_residual = resi; # 685| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def5] crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/runtime_spec_schema_features_linux.c:434:8: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>' crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/runtime_spec_schema_features_linux.c:289:28: note: in expansion of macro 'YAJL_IS_TRUE' # 432| while (0); # 433| # 434|-> if (tree->type == yajl_t_object) # 435| { # 436| size_t i; Error: GCC_ANALYZER_WARNING (CWE-401): [#def6] crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/runtime_spec_schema_features_linux.c:434:13: warning[-Wanalyzer-malloc-leak]: leak of 'make_runtime_spec_schema_features_linux_seccomp(get_val(tree, "seccomp", 3), ctx, err)' # 432| while (0); # 433| # 434|-> if (tree->type == yajl_t_object) # 435| { # 436| size_t i; Error: GCC_ANALYZER_WARNING (CWE-401): [#def7] crun-1.16.1-build/crun-HEAD/libocispec/yajl/src/api/yajl_tree.h:150:49: warning[-Wanalyzer-malloc-leak]: leak of 'make_runtime_spec_schema_config_linux_seccomp(get_val(tree, "seccomp", 3), ctx, err)' crun-1.16.1-build/crun-HEAD/libocispec/yajl/src/api/yajl_tree.h:162:29: note: in expansion of macro 'YAJL_IS_STRING' crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/runtime_spec_schema_config_linux.c:2119:25: note: in expansion of macro 'YAJL_GET_STRING' crun-1.16.1-build/crun-HEAD/libocispec/yajl/src/api/yajl_tree.h:162:29: note: in expansion of macro 'YAJL_IS_STRING' crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/runtime_spec_schema_config_linux.c:2119:25: note: in expansion of macro 'YAJL_GET_STRING' crun-1.16.1-build/crun-HEAD/libocispec/yajl/src/api/yajl_tree.h:162:29: note: in expansion of macro 'YAJL_IS_STRING' crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/runtime_spec_schema_config_linux.c:2119:25: note: in expansion of macro 'YAJL_GET_STRING' # 148| # 149| /* Various convenience macros to check the type of a `yajl_val` */ # 150|-> #define YAJL_IS_STRING(v) (((v) != NULL) && ((v)->type == yajl_t_string)) # 151| #define YAJL_IS_NUMBER(v) (((v) != NULL) && ((v)->type == yajl_t_number)) # 152| #define YAJL_IS_INTEGER(v) (YAJL_IS_NUMBER(v) && ((v)->u.number.flags & YAJL_NUMBER_INT_VALID)) Error: GCC_ANALYZER_WARNING (CWE-401): [#def8] crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/json_common.h:9: included_from: Included from here. crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/runtime_spec_schema_config_windows.h:7: included_from: Included from here. crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/runtime_spec_schema_config_windows.c:8: included_from: Included from here. crun-1.16.1-build/crun-HEAD/libocispec/yajl/src/api/yajl_tree.h:155:49: warning[-Wanalyzer-malloc-leak]: leak of 'make_runtime_spec_schema_config_windows_network(get_val(tree, "network", 3), ctx, err)' crun-1.16.1-build/crun-HEAD/libocispec/yajl/src/api/yajl_tree.h:180:29: note: in expansion of macro 'YAJL_IS_ARRAY' crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/runtime_spec_schema_config_windows.c:706:28: note: in expansion of macro 'YAJL_GET_ARRAY' crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/runtime_spec_schema_config_windows.c:734:48: note: in expansion of macro 'YAJL_IS_TRUE' crun-1.16.1-build/crun-HEAD/libocispec/yajl/src/api/yajl_tree.h:180:29: note: in expansion of macro 'YAJL_IS_ARRAY' crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/runtime_spec_schema_config_windows.c:706:28: note: in expansion of macro 'YAJL_GET_ARRAY' # 153| #define YAJL_IS_DOUBLE(v) (YAJL_IS_NUMBER(v) && ((v)->u.number.flags & YAJL_NUMBER_DOUBLE_VALID)) # 154| #define YAJL_IS_OBJECT(v) (((v) != NULL) && ((v)->type == yajl_t_object)) # 155|-> #define YAJL_IS_ARRAY(v) (((v) != NULL) && ((v)->type == yajl_t_array )) # 156| #define YAJL_IS_TRUE(v) (((v) != NULL) && ((v)->type == yajl_t_true )) # 157| #define YAJL_IS_FALSE(v) (((v) != NULL) && ((v)->type == yajl_t_false )) Error: GCC_ANALYZER_WARNING (CWE-401): [#def9] crun-1.16.1-build/crun-HEAD/libocispec/yajl/src/api/yajl_tree.h:156:49: warning[-Wanalyzer-malloc-leak]: leak of 'make_runtime_spec_schema_config_windows_network(get_val(tree, "network", 3), ctx, err)' crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/runtime_spec_schema_config_windows.c:734:48: note: in expansion of macro 'YAJL_IS_TRUE' crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/runtime_spec_schema_config_windows.c:734:48: note: in expansion of macro 'YAJL_IS_TRUE' crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/runtime_spec_schema_config_windows.c:734:48: note: in expansion of macro 'YAJL_IS_TRUE' # 154| #define YAJL_IS_OBJECT(v) (((v) != NULL) && ((v)->type == yajl_t_object)) # 155| #define YAJL_IS_ARRAY(v) (((v) != NULL) && ((v)->type == yajl_t_array )) # 156|-> #define YAJL_IS_TRUE(v) (((v) != NULL) && ((v)->type == yajl_t_true )) # 157| #define YAJL_IS_FALSE(v) (((v) != NULL) && ((v)->type == yajl_t_false )) # 158| #define YAJL_IS_NULL(v) (((v) != NULL) && ((v)->type == yajl_t_null )) Error: GCC_ANALYZER_WARNING (CWE-401): [#def10] crun-1.16.1-build/crun-HEAD/libocispec/yajl/src/api/yajl_tree.h:156:49: warning[-Wanalyzer-malloc-leak]: leak of 'make_runtime_spec_schema_features_linux_seccomp(get_val(tree, "seccomp", 3), ctx, err)' crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/runtime_spec_schema_features_linux.c:289:28: note: in expansion of macro 'YAJL_IS_TRUE' crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/runtime_spec_schema_features_linux.c:289:28: note: in expansion of macro 'YAJL_IS_TRUE' crun-1.16.1-build/crun-HEAD/libocispec/src/ocispec/runtime_spec_schema_features_linux.c:289:28: note: in expansion of macro 'YAJL_IS_TRUE' # 154| #define YAJL_IS_OBJECT(v) (((v) != NULL) && ((v)->type == yajl_t_object)) # 155| #define YAJL_IS_ARRAY(v) (((v) != NULL) && ((v)->type == yajl_t_array )) # 156|-> #define YAJL_IS_TRUE(v) (((v) != NULL) && ((v)->type == yajl_t_true )) # 157| #define YAJL_IS_FALSE(v) (((v) != NULL) && ((v)->type == yajl_t_false )) # 158| #define YAJL_IS_NULL(v) (((v) != NULL) && ((v)->type == yajl_t_null )) Error: GCC_ANALYZER_WARNING (CWE-401): [#def11] crun-1.16.1-build/crun-HEAD/src/libcrun/container.c: scope_hint: In function 'libcrun_container_exec_with_options' crun-1.16.1-build/crun-HEAD/src/libcrun/container.c:579:10: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>' crun-1.16.1-build/crun-HEAD/src/libcrun/container.c: scope_hint: In function 'libcrun_container_exec_with_options' crun-1.16.1-build/crun-HEAD/src/libcrun/container.c: scope_hint: In function 'libcrun_container_exec_with_options' # 577| dst->username = xstrdup (src->username); # 578| # 579|-> return dst; # 580| } # 581| Error: GCC_ANALYZER_WARNING (CWE-401): [#def12] crun-1.16.1-build/crun-HEAD/src/libcrun/container.c:3665:23: warning[-Wanalyzer-malloc-leak]: leak of '*process.user' crun-1.16.1-build/crun-HEAD/src/libcrun/container.c: scope_hint: In function 'libcrun_container_exec_with_options' crun-1.16.1-build/crun-HEAD/src/libcrun/container.c: scope_hint: In function 'libcrun_container_exec_with_options' # 3663| # 3664| if (process->user == NULL && container->container_def->process->user) # 3665|-> process->user = process_user_dup (container->container_def->process->user); # 3666| } # 3667| Error: GCC_ANALYZER_WARNING (CWE-401): [#def13] crun-1.16.1-build/crun-HEAD/src/libcrun/container.c:3665:23: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>' crun-1.16.1-build/crun-HEAD/src/libcrun/container.c: scope_hint: In function 'libcrun_container_exec_with_options' crun-1.16.1-build/crun-HEAD/src/libcrun/container.c: scope_hint: In function 'libcrun_container_exec_with_options' # 3663| # 3664| if (process->user == NULL && container->container_def->process->user) # 3665|-> process->user = process_user_dup (container->container_def->process->user); # 3666| } # 3667| Error: GCC_ANALYZER_WARNING (CWE-401): [#def14] crun-1.16.1-build/crun-HEAD/src/libcrun/utils.h: scope_hint: In function 'libcrun_container_exec_with_options' crun-1.16.1-build/crun-HEAD/src/libcrun/utils.h:71:21: warning[-Wanalyzer-malloc-leak]: leak of 'process_user_dup(*_79->process.user)' crun-1.16.1-build/crun-HEAD/src/libcrun/utils.h:56:40: note: in definition of macro 'UNLIKELY' crun-1.16.1-build/crun-HEAD/src/libcrun/container.c: scope_hint: In function 'libcrun_container_exec_with_options' crun-1.16.1-build/crun-HEAD/src/libcrun/container.c: scope_hint: In function 'libcrun_container_exec_with_options' crun-1.16.1-build/crun-HEAD/src/libcrun/utils.h:56:40: note: in definition of macro 'UNLIKELY' # 69| { # 70| void *res = calloc (1, size); # 71|-> if (UNLIKELY (res == NULL)) # 72| OOM (); # 73| return res;
| analyzer-version-clippy | 1.80.1 |
| analyzer-version-cppcheck | 2.15.0 |
| analyzer-version-gcc | 14.2.1 |
| analyzer-version-gcc-analyzer | 14.2.1 |
| analyzer-version-shellcheck | 0.10.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.80.1 |
| diffbase-analyzer-version-cppcheck | 2.15.0 |
| diffbase-analyzer-version-gcc | 14.2.1 |
| diffbase-analyzer-version-gcc-analyzer | 14.2.1 |
| diffbase-analyzer-version-shellcheck | 0.10.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-169.us-west-2.compute.internal |
| diffbase-mock-config | fedora-rawhide-x86_64 |
| diffbase-project-name | crun-1.16.1-1.20240905210057144655.pr1554.54.g23716a5 |
| diffbase-store-results-to | /tmp/tmpaukwhacr/crun-1.16.1-1.20240905210057144655.pr1554.54.g23716a5.tar.xz |
| diffbase-time-created | 2024-09-05 21:16:04 |
| diffbase-time-finished | 2024-09-05 21:21:43 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'unicontrol,gcc,cppcheck,clippy,shellcheck' '-o' '/tmp/tmpaukwhacr/crun-1.16.1-1.20240905210057144655.pr1554.54.g23716a5.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '/tmp/tmpaukwhacr/crun-1.16.1-1.20240905210057144655.pr1554.54.g23716a5.src.rpm' |
| diffbase-tool-version | csmock-3.6.1-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-169.us-west-2.compute.internal |
| mock-config | fedora-rawhide-x86_64 |
| project-name | crun-1.16.1-1.20240905182041106108.main.52.g00fde03 |
| store-results-to | /tmp/tmp2w0f3gjz/crun-1.16.1-1.20240905182041106108.main.52.g00fde03.tar.xz |
| time-created | 2024-09-05 21:09:54 |
| time-finished | 2024-09-05 21:15:45 |
| title | Fixed findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'unicontrol,gcc,cppcheck,clippy,shellcheck' '-o' '/tmp/tmp2w0f3gjz/crun-1.16.1-1.20240905182041106108.main.52.g00fde03.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '/tmp/tmp2w0f3gjz/crun-1.16.1-1.20240905182041106108.main.52.g00fde03.src.rpm' |
| tool-version | csmock-3.6.1-1.el9 |