conmon-2.1.13-1.20260202095438222298.pr628.126.gef95cee

List of Findings

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1]
conmon-2.1.13/src/close_fds.c: scope_hint: In function ‘init’
conmon-2.1.13/src/close_fds.c:44:20: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir("/proc/self/fd")’
#   42|   		return;
#   43|   
#   44|-> 	for (ent = readdir(d); ent; ent = readdir(d)) {
#   45|   		int fd;
#   46|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def2]
conmon-2.1.13/src/close_fds.c: scope_hint: In function ‘close_all_fds_ge_than’
conmon-2.1.13/src/close_fds.c:98:20: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir("/proc/self/fd")’
#   96|   		return;
#   97|   
#   98|-> 	for (ent = readdir(d); ent; ent = readdir(d)) {
#   99|   		int fd;
#  100|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def3]
conmon-2.1.13/src/cmsg.c: scope_hint: In function ‘recvfd’
conmon-2.1.13/src/cmsg.c:135:23: warning[-Wanalyzer-malloc-leak]: leak of ‘malloc(4096)’
#  133|   	msg.msg_controllen = sizeof(u.buf);
#  134|   
#  135|-> 	ssize_t ret = recvmsg(sockfd, &msg, 0);
#  136|   	if (ret < 0) {
#  137|   		/* Add specific error information for debugging console fd issues */

Error: GCC_ANALYZER_WARNING (CWE-775): [#def4]
conmon-2.1.13/src/conmon.c: scope_hint: In function ‘disconnect_std_streams’
conmon-2.1.13/src/conmon.c:29:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(dev_null_r, 0)’
#   27|   static void disconnect_std_streams(int dev_null_r, int dev_null_w)
#   28|   {
#   29|-> 	if (dup2(dev_null_r, STDIN_FILENO) < 0)
#   30|   		pexit("Failed to dup over stdin");
#   31|   	if (dup2(dev_null_w, STDOUT_FILENO) < 0)

Error: GCC_ANALYZER_WARNING (CWE-775): [#def5]
conmon-2.1.13/src/conmon.c:31:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(dev_null_w, 1)’
#   29|   	if (dup2(dev_null_r, STDIN_FILENO) < 0)
#   30|   		pexit("Failed to dup over stdin");
#   31|-> 	if (dup2(dev_null_w, STDOUT_FILENO) < 0)
#   32|   		pexit("Failed to dup over stdout");
#   33|   	if (dup2(dev_null_w, STDERR_FILENO) < 0)

Error: GCC_ANALYZER_WARNING (CWE-775): [#def6]
conmon-2.1.13/src/conmon.c:33:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(dev_null_w, 2)’
#   31|   	if (dup2(dev_null_w, STDOUT_FILENO) < 0)
#   32|   		pexit("Failed to dup over stdout");
#   33|-> 	if (dup2(dev_null_w, STDERR_FILENO) < 0)
#   34|   		pexit("Failed to dup over stderr");
#   35|   }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def7]
conmon-2.1.13/src/conmon.c: scope_hint: In function ‘main’
conmon-2.1.13/src/conmon.c:244:28: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(workerfd_stdin, 0)’
#  242|   			if (workerfd_stdin < 0)
#  243|   				workerfd_stdin = dev_null_r;
#  244|-> 			if (dup2(workerfd_stdin, STDIN_FILENO) < 0)
#  245|   				_pexit("Failed to dup over stdin");
#  246|   			if (workerfd_stdin != dev_null_r && fchmod(STDIN_FILENO, 0777) < 0 && errno != EINVAL)

Error: GCC_ANALYZER_WARNING (CWE-775): [#def8]
conmon-2.1.13/src/conmon.c:251:28: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(workerfd_stdout, 1)’
#  249|   			if (workerfd_stdout < 0)
#  250|   				workerfd_stdout = dev_null_w;
#  251|-> 			if (dup2(workerfd_stdout, STDOUT_FILENO) < 0)
#  252|   				_pexit("Failed to dup over stdout");
#  253|   			if (workerfd_stdout != dev_null_w && fchmod(STDOUT_FILENO, 0777) < 0 && errno != EINVAL)

Error: GCC_ANALYZER_WARNING (CWE-775): [#def9]
conmon-2.1.13/src/conmon.c:256:28: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(workerfd_stderr, 2)’
#  254|   				nwarn("Failed to chmod stdout");
#  255|   
#  256|-> 			if (dup2(workerfd_stderr, STDERR_FILENO) < 0)
#  257|   				_pexit("Failed to dup over stderr");
#  258|   			if (workerfd_stderr != dev_null_w && fchmod(STDERR_FILENO, 0777) < 0 && errno != EINVAL)

Error: GCC_ANALYZER_WARNING (CWE-910): [#def10]
conmon-2.1.13/src/conmon.c:285:44: warning[-Wanalyzer-fd-use-after-close]: ‘read’ on closed file descriptor ‘get_pipe_fd_from_env("_OCI_STARTPIPE")’
conmon-2.1.13/src/conmon.c:284:33: note: in expansion of macro ‘ndebug’
#  283|   			if (start_pipe_fd > 0) {
#  284|   				ndebug("exec with attach is waiting for start message from parent");
#  285|-> 				num_read = read(start_pipe_fd, buf, BUF_SIZE);
#  286|   				if (num_read < 0) {
#  287|   					_pexit("start-pipe read failed");

Error: GCC_ANALYZER_WARNING (CWE-1341): [#def11]
conmon-2.1.13/src/conmon.c:290:33: warning[-Wanalyzer-fd-double-close]: double ‘close’ of file descriptor ‘get_pipe_fd_from_env("_OCI_STARTPIPE")’
conmon-2.1.13/src/conmon.c:284:33: note: in expansion of macro ‘ndebug’
conmon-2.1.13/src/conmon.c:289:33: note: in expansion of macro ‘ndebug’
#  288|   				}
#  289|   				ndebug("exec with attach got start message from parent");
#  290|-> 				close(start_pipe_fd);
#  291|   			}
#  292|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def12]
conmon-2.1.13/src/conn_sock.c:215:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘*fd’
conmon-2.1.13/src/conn_sock.c: scope_hint: In function ‘setup_socket’
#  213|   		pexit("Failed to create socket");
#  214|   	bind_relative_to_dir(sfd, *fd, bname);
#  215|-> 	if (listen(*fd, 128) < 0)
#  216|   		pexit("Failed to listen on console-socket");
#  217|   

Error: GCC_ANALYZER_WARNING (CWE-688): [#def13]
conmon-2.1.13/src/conn_sock.c: scope_hint: In function ‘bind_unix_socket’
conmon-2.1.13/src/conn_sock.c:277:45: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘socket_parent_dir(use_full_attach_path, 108)’ where non-null expected
/usr/include/glib-2.0/glib-unix.h:34: included_from: Included from here.
conmon-2.1.13/src/utils.h:11: included_from: Included from here.
/usr/include/fcntl.h:209:12: note: argument 1 of ‘open’ must be non-null
#  275|   	 * to actually refer to the file where the socket will be created below.
#  276|   	 */
#  277|-> 	_cleanup_close_ int parent_dir_fd = open(parent_dir, O_PATH | O_CLOEXEC);
#  278|   	if (parent_dir_fd < 0)
#  279|   		pexitf("failed to open socket path parent dir %s", parent_dir);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def14]
conmon-2.1.13/src/conn_sock.c:320:24: warning[-Wanalyzer-malloc-leak]: leak of ‘socket_parent_dir(use_full_attach_path, 108)’
conmon-2.1.13/src/conn_sock.c:279:17: note: in expansion of macro ‘pexitf’
#  318|   	/* if we're to use the full path, ignore the socket path and only use the bundle_path */
#  319|   	if (use_full_attach_path)
#  320|-> 		return strdup(opt_bundle_path);
#  321|   
#  322|   	char *base_path = g_build_filename(opt_socket_path, opt_cuuid, NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def15]
conmon-2.1.13/src/conn_sock.c: scope_hint: In function ‘attach_cb’
conmon-2.1.13/src/conn_sock.c:393:17: warning[-Wanalyzer-malloc-leak]: leak of ‘remote_sock’
#  391|   		init_remote_sock(remote_sock, srcsock);
#  392|   		remote_sock->fd = new_fd;
#  393|-> 		g_unix_fd_add(remote_sock->fd, G_IO_IN | G_IO_HUP | G_IO_ERR, remote_sock_cb, remote_sock);
#  394|   		g_ptr_array_add(remote_sock->dest->readers, remote_sock);
#  395|   		ndebugf("Accepted%s connection %d", SOCK_IS_CONSOLE(srcsock->sock_type) ? " console" : "", remote_sock->fd);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def16]
conmon-2.1.13/src/conn_sock.c: scope_hint: In function ‘init_remote_sock’
conmon-2.1.13/src/conn_sock.c:612:17: warning[-Wanalyzer-malloc-leak]: leak of ‘remote_sock’
#  610|   		sock->writable = src->writable;
#  611|   		sock->dest = src->dest;
#  612|-> 		g_unix_set_fd_nonblocking(*sock->dest->fd, TRUE, NULL);
#  613|   		sock->sock_type = src->sock_type;
#  614|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def17]
conmon-2.1.13/src/ctrl.c:269:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dummyfd’
conmon-2.1.13/src/ctrl.c: scope_hint: In function ‘setup_terminal_control_fifo’
#  267|   	setup_fifo(&terminal_ctrl_fd, &dummyfd, "ctl", "terminal control fifo");
#  268|   	ndebugf("terminal_ctrl_fd: %d", terminal_ctrl_fd);
#  269|-> 	g_unix_fd_add(terminal_ctrl_fd, G_IO_IN, ctrl_cb, NULL);
#  270|   
#  271|   	return dummyfd;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def18]
conmon-2.1.13/src/oom.c:28:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/proc/self/oom_score_adj", 524290)’
#   26|   	}
#   27|   	snprintf(fmt_oom_score, sizeof(fmt_oom_score), "%d", oom_score);
#   28|-> 	if (write(oom_score_fd, fmt_oom_score, strlen(fmt_oom_score)) < 0) {
#   29|   		ndebugf("failed to write to /proc/self/oom_score_adj: %m");
#   30|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def19]
conmon-2.1.13/src/oom.c:31:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/proc/self/oom_score_adj", 524290)’
#   29|   		ndebugf("failed to write to /proc/self/oom_score_adj: %m");
#   30|   	}
#   31|-> 	close(oom_score_fd);
#   32|   #else
#   33|   	(void)oom_score;

Error: GCC_ANALYZER_WARNING (CWE-404): [#def20]
conmon-2.1.13/src/runtime_args.c: scope_hint: In function ‘add_argv’
conmon-2.1.13/src/runtime_args.c:121:17: warning[-Wanalyzer-va-list-leak]: missing call to ‘va_end’
#  119|   	va_start(args, argv_array);
#  120|   	while ((arg = va_arg(args, char *)))
#  121|-> 		g_ptr_array_add(argv_array, arg);
#  122|   	va_end(args);
#  123|   }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def21]
conmon-2.1.13/src/utils.h:68:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(g_build_filename(process_cgroup_subsystem_path(pid, 0, "memory"), "cgroup.event_control", 0), 524289)’
conmon-2.1.13/src/cgroup.c:167:17: note: in expansion of macro ‘pexit’
conmon-2.1.13/src/cgroup.c: scope_hint: In function ‘setup_oom_handling_cgroup_v1’
conmon-2.1.13/src/cgroup.c:167:17: note: in expansion of macro ‘pexit’
conmon-2.1.13/src/cgroup.c:167:17: note: in expansion of macro ‘pexit’
#   66|   		int saved_errno = errno; \
#   67|   		errno = saved_errno; \
#   68|-> 		fprintf(stderr, "[conmon:e]: %s %m\n", s); \
#   69|   		if (use_syslog) { \
#   70|   			errno = saved_errno; \

Error: GCC_ANALYZER_WARNING (CWE-401): [#def22]
conmon-2.1.13/src/conn_sock.c: scope_hint: In function ‘setup_socket’
conmon-2.1.13/src/utils.h:68:17: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(path)’
conmon-2.1.13/src/conn_sock.c:177:25: note: in expansion of macro ‘pexit’
conmon-2.1.13/src/conn_sock.c:177:25: note: in expansion of macro ‘pexit’
conmon-2.1.13/src/conn_sock.c:177:25: note: in expansion of macro ‘pexit’
#   66|   		int saved_errno = errno; \
#   67|   		errno = saved_errno; \
#   68|-> 		fprintf(stderr, "[conmon:e]: %s %m\n", s); \
#   69|   		if (use_syslog) { \
#   70|   			errno = saved_errno; \

Error: GCC_ANALYZER_WARNING (CWE-775): [#def23]
conmon-2.1.13/src/cgroup.c: scope_hint: In function ‘setup_oom_handling_cgroup_v1’
conmon-2.1.13/src/utils.h:80:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(g_build_filename(process_cgroup_subsystem_path(pid, 0, "memory"), "cgroup.event_control", 0), 524289)’
conmon-2.1.13/src/cgroup.c:164:17: note: in expansion of macro ‘pexitf’
conmon-2.1.13/src/cgroup.c: scope_hint: In function ‘setup_oom_handling_cgroup_v1’
/usr/include/glib-2.0/glib/gtestutils.h:32: included_from: Included from here.
/usr/include/glib-2.0/glib.h:89: included_from: Included from here.
conmon-2.1.13/src/cgroup.c:164:17: note: in expansion of macro ‘pexitf’
conmon-2.1.13/src/cgroup.c:164:17: note: in expansion of macro ‘pexitf’
#   78|   		int saved_errno = errno; \
#   79|   		errno = saved_errno; \
#   80|-> 		fprintf(stderr, "[conmon:e]: " fmt " %m\n", ##__VA_ARGS__); \
#   81|   		if (use_syslog) { \
#   82|   			errno = saved_errno; \

Error: GCC_ANALYZER_WARNING (CWE-775): [#def24]
conmon-2.1.13/src/utils.h:80:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(socket_parent_dir(use_full_attach_path, 108), 2621440)’
conmon-2.1.13/src/conn_sock.c:294:17: note: in expansion of macro ‘pexitf’
conmon-2.1.13/src/conn_sock.c:294:17: note: in expansion of macro ‘pexitf’
conmon-2.1.13/src/conn_sock.c:294:17: note: in expansion of macro ‘pexitf’
#   78|   		int saved_errno = errno; \
#   79|   		errno = saved_errno; \
#   80|-> 		fprintf(stderr, "[conmon:e]: " fmt " %m\n", ##__VA_ARGS__); \
#   81|   		if (use_syslog) { \
#   82|   			errno = saved_errno; \

Error: GCC_ANALYZER_WARNING (CWE-401): [#def25]
conmon-2.1.13/src/utils.h:80:17: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(path)’
conmon-2.1.13/src/conn_sock.c:182:25: note: in expansion of macro ‘pexitf’
conmon-2.1.13/src/conn_sock.c:182:25: note: in expansion of macro ‘pexitf’
conmon-2.1.13/src/conn_sock.c:182:25: note: in expansion of macro ‘pexitf’
#   78|   		int saved_errno = errno; \
#   79|   		errno = saved_errno; \
#   80|-> 		fprintf(stderr, "[conmon:e]: " fmt " %m\n", ##__VA_ARGS__); \
#   81|   		if (use_syslog) { \
#   82|   			errno = saved_errno; \

Error: GCC_ANALYZER_WARNING (CWE-775): [#def26]
conmon-2.1.13/src/oom.c: scope_hint: In function ‘write_oom_adjust’
conmon-2.1.13/src/utils.h:176:23: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/proc/self/oom_score_adj", 524290)’
conmon-2.1.13/src/oom.c:23:25: note: in expansion of macro ‘ndebugf’
conmon-2.1.13/src/oom.c:23:25: note: in expansion of macro ‘ndebugf’
conmon-2.1.13/src/oom.c:23:25: note: in expansion of macro ‘ndebugf’
conmon-2.1.13/src/oom.c:23:25: note: in expansion of macro ‘ndebugf’
conmon-2.1.13/src/oom.c:23:25: note: in expansion of macro ‘ndebugf’
conmon-2.1.13/src/oom.c:23:25: note: in expansion of macro ‘ndebugf’
#  174|   
#  175|   #define ndebugf(fmt, ...) \
#  176|-> 	if (log_level >= DEBUG_LEVEL) { \
#  177|   		do { \
#  178|   			fprintf(stderr, "[conmon:d]: " fmt "\n", ##__VA_ARGS__); \

Error: GCC_ANALYZER_WARNING (CWE-775): [#def27]
conmon-2.1.13/src/ctrl.c:4: included_from: Included from here.
conmon-2.1.13/src/ctrl.c: scope_hint: In function ‘setup_terminal_control_fifo’
conmon-2.1.13/src/utils.h:180:33: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dummyfd’
conmon-2.1.13/src/ctrl.c:268:9: note: in expansion of macro ‘ndebugf’
conmon-2.1.13/src/ctrl.c: scope_hint: In function ‘setup_terminal_control_fifo’
conmon-2.1.13/src/ctrl.c:268:9: note: in expansion of macro ‘ndebugf’
conmon-2.1.13/src/ctrl.c:268:9: note: in expansion of macro ‘ndebugf’
conmon-2.1.13/src/ctrl.c:268:9: note: in expansion of macro ‘ndebugf’
conmon-2.1.13/src/ctrl.c:268:9: note: in expansion of macro ‘ndebugf’
#  178|   			fprintf(stderr, "[conmon:d]: " fmt "\n", ##__VA_ARGS__); \
#  179|   			if (use_syslog) \
#  180|-> 				syslog(LOG_INFO, "conmon %.20s <ndebug>: " fmt "\n", log_cid, ##__VA_ARGS__); \
#  181|   		} while (0); \
#  182|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def28]
conmon-2.1.13/src/utils.h:211:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘socket_fd’
conmon-2.1.13/src/conn_sock.c: scope_hint: In function ‘bind_unix_socket’
conmon-2.1.13/src/conn_sock.c:297:17: note: in expansion of macro ‘pexitf’
conmon-2.1.13/src/conn_sock.c:297:17: note: in expansion of macro ‘pexitf’
conmon-2.1.13/src/conn_sock.c:297:17: note: in expansion of macro ‘pexitf’
conmon-2.1.13/src/conn_sock.c:297:17: note: in expansion of macro ‘pexitf’
conmon-2.1.13/src/conn_sock.c: scope_hint: In function ‘bind_unix_socket’
#  209|   static inline void freep(void *p)
#  210|   {
#  211|-> 	free(*(void **)p);
#  212|   }
#  213|   

Error: GCC_ANALYZER_WARNING (CWE-457): [#def29]
conmon-2.1.13/src/utils.h:211:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘<unknown>’
conmon-2.1.13/src/ctr_logging.c: scope_hint: In function ‘shift_backup_files’
#  209|   static inline void freep(void *p)
#  210|   {
#  211|-> 	free(*(void **)p);
#  212|   }
#  213|   

Error: GCC_ANALYZER_WARNING (CWE-457): [#def30]
conmon-2.1.13/src/utils.h:211:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘attach_symlink_dir_path’
conmon-2.1.13/src/conmon.c: scope_hint: In function ‘main’
#  209|   static inline void freep(void *p)
#  210|   {
#  211|-> 	free(*(void **)p);
#  212|   }
#  213|   

Error: GCC_ANALYZER_WARNING (CWE-457): [#def31]
conmon-2.1.13/src/utils.h:211:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘basename’
conmon-2.1.13/src/ctr_logging.c: scope_hint: In function ‘secure_validate_log_path’
/usr/include/features.h:540: included_from: Included from here.
/usr/include/bits/libc-header-start.h:33: included_from: Included from here.
/usr/include/stdio.h:28: included_from: Included from here.
conmon-2.1.13/src/utils.h:5: included_from: Included from here.
#  209|   static inline void freep(void *p)
#  210|   {
#  211|-> 	free(*(void **)p);
#  212|   }
#  213|   

Error: GCC_ANALYZER_WARNING (CWE-457): [#def32]
conmon-2.1.13/src/utils.h:211:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘b’
conmon-2.1.13/src/seccomp_notify.c: scope_hint: In function ‘seccomp_notify_plugins_load’
conmon-2.1.13/src/seccomp_notify.c:8: included_from: Included from here.
conmon-2.1.13/src/seccomp_notify.c:117:17: note: in expansion of macro ‘pexit’
conmon-2.1.13/src/seccomp_notify.c:117:17: note: in expansion of macro ‘pexit’
conmon-2.1.13/src/seccomp_notify.c:117:17: note: in expansion of macro ‘pexit’
conmon-2.1.13/src/seccomp_notify.c:117:17: note: in expansion of macro ‘pexit’
#  209|   static inline void freep(void *p)
#  210|   {
#  211|-> 	free(*(void **)p);
#  212|   }
#  213|   

Error: GCC_ANALYZER_WARNING (CWE-457): [#def33]
conmon-2.1.13/src/utils.h:211:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘csname’
conmon-2.1.13/src/conmon.c: scope_hint: In function ‘main’
#  209|   static inline void freep(void *p)
#  210|   {
#  211|-> 	free(*(void **)p);
#  212|   }
#  213|   

Error: GCC_ANALYZER_WARNING (CWE-457): [#def34]
conmon-2.1.13/src/utils.h:211:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘expected_canonical’
conmon-2.1.13/src/ctr_logging.c: scope_hint: In function ‘validate_fd_path_security’
#  209|   static inline void freep(void *p)
#  210|   {
#  211|-> 	free(*(void **)p);
#  212|   }
#  213|   

Error: GCC_ANALYZER_WARNING (CWE-457): [#def35]
conmon-2.1.13/src/utils.h:211:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘json’
conmon-2.1.13/src/parent_pipe_fd.c: scope_hint: In function ‘write_or_close_sync_fd’
#  209|   static inline void freep(void *p)
#  210|   {
#  211|-> 	free(*(void **)p);
#  212|   }
#  213|   

Error: GCC_ANALYZER_WARNING (CWE-457): [#def36]
conmon-2.1.13/src/utils.h:211:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘path_copy’
conmon-2.1.13/src/ctr_logging.c: scope_hint: In function ‘path_contains_symlinks_atomic’
/usr/include/glib-2.0/glib/gstring.h:37: included_from: Included from here.
/usr/include/glib-2.0/glib/giochannel.h:36: included_from: Included from here.
/usr/include/glib-2.0/glib.h:56: included_from: Included from here.
conmon-2.1.13/src/utils.h:10: included_from: Included from here.
conmon-2.1.13/src/ctr_logging.c:810:21: note: in expansion of macro ‘g_strdup’
conmon-2.1.13/src/ctr_logging.c: scope_hint: In function ‘path_contains_symlinks_atomic’
#  209|   static inline void freep(void *p)
#  210|   {
#  211|-> 	free(*(void **)p);
#  212|   }
#  213|   

Error: GCC_ANALYZER_WARNING (CWE-457): [#def37]
conmon-2.1.13/src/utils.h:211:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘temp_basename’
conmon-2.1.13/src/ctr_logging.c: scope_hint: In function ‘setup_rotation_files’
#  209|   static inline void freep(void *p)
#  210|   {
#  211|-> 	free(*(void **)p);
#  212|   }
#  213|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def38]
conmon-2.1.13/src/utils.h:216:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(g_build_filename(process_cgroup_subsystem_path(pid, 0, "memory"), "cgroup.event_control", 0), 524289)’
conmon-2.1.13/src/cgroup.c: scope_hint: In function ‘setup_oom_handling_cgroup_v1’
/usr/include/features.h:540: included_from: Included from here.
/usr/include/bits/libc-header-start.h:33: included_from: Included from here.
/usr/include/limits.h:26: included_from: Included from here.
/usr/lib/gcc/x86_64-redhat-linux/16/include/limits.h:210: included_from: Included from here.
/usr/lib/gcc/x86_64-redhat-linux/16/include/syslimits.h:9: included_from: Included from here.
/usr/lib/gcc/x86_64-redhat-linux/16/include/limits.h:34: included_from: Included from here.
/usr/lib64/glib-2.0/include/glibconfig.h:11: included_from: Included from here.
/usr/include/glib-2.0/glib/gtypes.h:34: included_from: Included from here.
/usr/include/glib-2.0/glib/galloca.h:34: included_from: Included from here.
/usr/include/glib-2.0/glib.h:32: included_from: Included from here.
conmon-2.1.13/src/cgroup.h:4: included_from: Included from here.
conmon-2.1.13/src/cgroup.c:3: included_from: Included from here.
conmon-2.1.13/src/cgroup.c: scope_hint: In function ‘setup_oom_handling_cgroup_v1’
#  214|   static inline void closep(int *fd)
#  215|   {
#  216|-> 	if (*fd >= 0)
#  217|   		close(*fd);
#  218|   	*fd = -1;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def39]
conmon-2.1.13/src/utils.h:216:12: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘dev_null_r_cleanup’
conmon-2.1.13/src/conmon.c: scope_hint: In function ‘main’
conmon-2.1.13/src/conmon.c: scope_hint: In function ‘main’
conmon-2.1.13/src/conmon.c: scope_hint: In function ‘main’
#  214|   static inline void closep(int *fd)
#  215|   {
#  216|-> 	if (*fd >= 0)
#  217|   		close(*fd);
#  218|   	*fd = -1;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def40]
conmon-2.1.13/src/utils.h:216:12: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘dev_null_w_cleanup’
conmon-2.1.13/src/conmon.c: scope_hint: In function ‘main’
#  214|   static inline void closep(int *fd)
#  215|   {
#  216|-> 	if (*fd >= 0)
#  217|   		close(*fd);
#  218|   	*fd = -1;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def41]
conmon-2.1.13/src/utils.h:216:12: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘sfd’
conmon-2.1.13/src/conn_sock.c: scope_hint: In function ‘setup_socket’
conmon-2.1.13/src/conn_sock.c: scope_hint: In function ‘setup_socket’
/usr/include/glib-2.0/glib/gtestutils.h:32: included_from: Included from here.
/usr/include/glib-2.0/glib.h:89: included_from: Included from here.
conmon-2.1.13/src/conn_sock.h:4: included_from: Included from here.
conmon-2.1.13/src/conn_sock.c:3: included_from: Included from here.
conmon-2.1.13/src/conn_sock.c:213:17: note: in expansion of macro ‘pexit’
conmon-2.1.13/src/conn_sock.c:213:17: note: in expansion of macro ‘pexit’
conmon-2.1.13/src/conn_sock.c:213:17: note: in expansion of macro ‘pexit’
conmon-2.1.13/src/conn_sock.c:213:17: note: in expansion of macro ‘pexit’
#  214|   static inline void closep(int *fd)
#  215|   {
#  216|-> 	if (*fd >= 0)
#  217|   		close(*fd);
#  218|   	*fd = -1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def42]
conmon-2.1.13/src/utils.h:217:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(g_build_filename(process_cgroup_subsystem_path(pid, 0, "memory"), "cgroup.event_control", 0), 524289)’
conmon-2.1.13/src/cgroup.c: scope_hint: In function ‘setup_oom_handling_cgroup_v1’
conmon-2.1.13/src/cgroup.c: scope_hint: In function ‘setup_oom_handling_cgroup_v1’
#  215|   {
#  216|   	if (*fd >= 0)
#  217|-> 		close(*fd);
#  218|   	*fd = -1;
#  219|   }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def43]
conmon-2.1.13/src/utils.h:217:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(socket_parent_dir(use_full_attach_path, 108), 2621440)’
conmon-2.1.13/src/conn_sock.c: scope_hint: In function ‘bind_unix_socket’
#  215|   {
#  216|   	if (*fd >= 0)
#  217|-> 		close(*fd);
#  218|   	*fd = -1;
#  219|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def44]
conmon-2.1.13/src/utils.h:217:17: warning[-Wanalyzer-malloc-leak]: leak of ‘csname’
conmon-2.1.13/src/conn_sock.c: scope_hint: In function ‘setup_socket’
conmon-2.1.13/src/conn_sock.c:10: included_from: Included from here.
conmon-2.1.13/src/conn_sock.c: scope_hint: In function ‘setup_socket’
#  215|   {
#  216|   	if (*fd >= 0)
#  217|-> 		close(*fd);
#  218|   	*fd = -1;
#  219|   }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def45]
conmon-2.1.13/src/utils.h:237:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘workerfd_stderr’
conmon-2.1.13/src/conmon.c: scope_hint: In function ‘main’
conmon-2.1.13/src/conmon.c: scope_hint: In function ‘main’
#  235|   {
#  236|   	if (*err)
#  237|-> 		g_error_free(*err);
#  238|   }
#  239|
Scan Properties

analyzer-version-clippy	1.93.0
analyzer-version-cppcheck	2.19.1
analyzer-version-gcc	16.0.1
analyzer-version-gcc-analyzer	16.0.1
analyzer-version-shellcheck	0.11.0
analyzer-version-unicontrol	0.0.2
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-101.us-west-2.compute.internal
known-false-positives	/usr/share/csmock/known-false-positives.js
known-false-positives-rpm	known-false-positives-0.0.0.20260119.105402.g7a5be1b.main-1.el9.noarch
mock-config	fedora-rawhide-x86_64
project-name	conmon-2.1.13-1.20260202095438222298.pr628.126.gef95cee
store-results-to	/tmp/tmpimapgm_a/conmon-2.1.13-1.20260202095438222298.pr628.126.gef95cee.tar.xz
time-created	2026-02-02 10:19:07
time-finished	2026-02-02 10:20:39
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'cppcheck,unicontrol,shellcheck,gcc,clippy' '-o' '/tmp/tmpimapgm_a/conmon-2.1.13-1.20260202095438222298.pr628.126.gef95cee.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '/tmp/tmpimapgm_a/conmon-2.1.13-1.20260202095438222298.pr628.126.gef95cee.src.rpm'
tool-version	csmock-3.8.3.20260128.181932.g41af877-1.el9