Error: GCC_ANALYZER_WARNING (CWE-401): [#def1] bind-9.18.35/build/lib/isc/../../../lib/isc/mem.c:1365:9: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>' bind-9.18.35/build/lib/isc/../../../lib/isc/mem.c:1334:1: enter_function: entry to 'isc__mempool_get' bind-9.18.35/build/lib/isc/../../../lib/isc/mem.c:1337:9: branch_true: following 'true' branch... bind-9.18.35/build/lib/isc/../../../lib/isc/mem.c:1341:12: branch_true: following 'true' branch... bind-9.18.35/build/lib/isc/../../../lib/isc/mem.c:1342:28: branch_true: ...to here bind-9.18.35/build/lib/isc/../../../lib/isc/mem.c:1351:36: branch_true: following 'true' branch (when 'i < fillcount')... bind-9.18.35/build/lib/isc/../../../lib/isc/mem.c:1352:32: branch_true: ...to here bind-9.18.35/build/lib/isc/../../../lib/isc/mem.c:1352:32: call_function: calling 'mem_get' from 'isc__mempool_get' bind-9.18.35/build/lib/isc/../../../lib/isc/mem.c:1352:32: return_function: returning to 'isc__mempool_get' from 'mem_get' bind-9.18.35/build/lib/isc/../../../lib/isc/mem.c:1353:25: call_function: calling 'mem_getstats' from 'isc__mempool_get' bind-9.18.35/build/lib/isc/../../../lib/isc/mem.c:1353:25: return_function: returning to 'isc__mempool_get' from 'mem_getstats' bind-9.18.35/build/lib/isc/../../../lib/isc/mem.c:1351:36: branch_true: following 'true' branch (when 'i < fillcount')... bind-9.18.35/build/lib/isc/../../../lib/isc/mem.c:1352:32: branch_true: ...to here bind-9.18.35/build/lib/isc/../../../lib/isc/mem.c:1352:32: call_function: calling 'mem_get' from 'isc__mempool_get' bind-9.18.35/build/lib/isc/../../../lib/isc/mem.c:1352:32: return_function: returning to 'isc__mempool_get' from 'mem_get' bind-9.18.35/build/lib/isc/../../../lib/isc/mem.c:1353:25: call_function: calling 'mem_getstats' from 'isc__mempool_get' bind-9.18.35/build/lib/isc/../../../lib/isc/mem.c:1353:25: return_function: returning to 'isc__mempool_get' from 'mem_getstats' bind-9.18.35/build/lib/isc/../../../lib/isc/mem.c:1351:36: branch_false: following 'false' branch (when 'i >= fillcount')... bind-9.18.35/build/lib/isc/../../../lib/isc/mem.c:1360:9: branch_false: ...to here bind-9.18.35/build/lib/isc/../../../lib/isc/mem.c:1361:9: branch_true: following 'true' branch (when 'item' is non-NULL)... bind-9.18.35/build/lib/isc/../../../lib/isc/mem.c:1363:24: branch_true: ...to here bind-9.18.35/build/lib/isc/../../../lib/isc/mem.c:1365:9: danger: '<unknown>' leaks here; was allocated at [(30)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/29) # 1363| mpctx->items = item->next; # 1364| # 1365|-> INSIST(mpctx->freecount > 0); # 1366| mpctx->freecount--; # 1367| mpctx->gets++; Error: COMPILER_WARNING (CWE-563): [#def2] bind-9.18.35/lib/dns/openssl_link.c: scope_hint: In function 'dst__openssl_fromlabel_provider' bind-9.18.35/lib/dns/openssl_link.c:274:81: warning[-Wunused-parameter]: unused parameter 'pin' # 274 | dst__openssl_fromlabel_provider(int key_base_id, const char *label, const char *pin, # | ~~~~~~~~~~~~^~~ # 272| # 273| static isc_result_t # 274|-> dst__openssl_fromlabel_provider(int key_base_id, const char *label, const char *pin, # 275| EVP_PKEY **ppub, EVP_PKEY **ppriv) { # 276| #if OPENSSL_VERSION_NUMBER >= 0x30000000L Error: CPPCHECK_WARNING (CWE-476): [#def3] bind-9.18.35/lib/isc/jemalloc_shim.h:46: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: si # 44| INSIST(si != NULL); # 45| # 46|-> si->size = size; # 47| ptr = &si[1]; # 48| Error: CPPCHECK_WARNING (CWE-590): [#def4] bind-9.18.35/lib/isc/jemalloc_shim.h:56: error[autovarInvalidDeallocation]: Deallocation of an auto-variable ([) results in undefined behaviour. # 54| size_info *si = &(((size_info *)ptr)[-1]); # 55| # 56|-> free(si); # 57| } # 58| Error: CPPCHECK_WARNING (CWE-401): [#def5] bind-9.18.35/lib/isc/jemalloc_shim.h:72: error[memleakOnRealloc]: Common realloc mistake: 'si' nulled but not freed upon failure # 70| UNUSED(flags); # 71| # 72|-> si = realloc(si, size + sizeof(*si)); # 73| INSIST(si != NULL); # 74|
| analyzer-version-clippy | 1.86.0 |
| analyzer-version-cppcheck | 2.17.1 |
| analyzer-version-gcc | 15.0.1 |
| analyzer-version-gcc-analyzer | 15.0.1 |
| analyzer-version-shellcheck | 0.10.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.86.0 |
| diffbase-analyzer-version-cppcheck | 2.17.1 |
| diffbase-analyzer-version-gcc | 15.0.1 |
| diffbase-analyzer-version-gcc-analyzer | 15.0.1 |
| diffbase-analyzer-version-shellcheck | 0.10.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-128.us-west-2.compute.internal |
| diffbase-known-false-positives | /usr/share/csmock/known-false-positives.js |
| diffbase-known-false-positives-rpm | known-false-positives-0.0.0.20250425.124705.g1c7c448.main-1.el9.noarch |
| diffbase-mock-config | fedora-rawhide-x86_64 |
| diffbase-project-name | bind-9.18.33-1.fc42 |
| diffbase-store-results-to | /tmp/tmpugc_v9ru/bind-9.18.33-1.fc42.tar.xz |
| diffbase-time-created | 2025-04-25 12:01:21 |
| diffbase-time-finished | 2025-04-25 12:08:44 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'unicontrol,cppcheck,gcc,clippy,shellcheck' '-o' '/tmp/tmpugc_v9ru/bind-9.18.33-1.fc42.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpugc_v9ru/bind-9.18.33-1.fc42.src.rpm' |
| diffbase-tool-version | csmock-3.8.1.20250422.172604.g26bc3d6-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-128.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250425.124705.g1c7c448.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | bind-9.18.35-2.fc43 |
| store-results-to | /tmp/tmp8sz0das6/bind-9.18.35-2.fc43.tar.xz |
| time-created | 2025-04-25 12:09:15 |
| time-finished | 2025-04-25 12:16:05 |
| title | Newly introduced findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'unicontrol,cppcheck,gcc,clippy,shellcheck' '-o' '/tmp/tmp8sz0das6/bind-9.18.35-2.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmp8sz0das6/bind-9.18.35-2.fc43.src.rpm' |
| tool-version | csmock-3.8.1.20250422.172604.g26bc3d6-1.el9 |