Error: GCC_ANALYZER_WARNING (CWE-401): [#def1] diffutils-3.12/lib/exclude.c:579:11: warning[-Wanalyzer-malloc-leak]: leak of 'xstrdup(pattern)' # 577| # 578| char *str = xstrdup (pattern); # 579|-> if ((options & (EXCLUDE_WILDCARDS | FNM_NOESCAPE)) == EXCLUDE_WILDCARDS) # 580| unescape_pattern (str); # 581| if (hash_insert (ex->head->v.table, str) != str) Error: GCC_ANALYZER_WARNING (CWE-476): [#def2] diffutils-3.12/lib/exclude.c:604:7: warning[-Wanalyzer-null-dereference]: dereference of NULL 'buf' diffutils-3.12/lib/exclude.c:657:1: enter_function: entry to 'add_exclude_file' diffutils-3.12/lib/exclude.c:661:6: branch_false: following 'false' branch (when the strings are non-equal)... diffutils-3.12/lib/exclude.c:664:14: branch_false: ...to here diffutils-3.12/lib/exclude.c:665:6: branch_false: following 'false' branch... diffutils-3.12/lib/exclude.c:667:12: branch_false: ...to here diffutils-3.12/lib/exclude.c:667:12: call_function: calling 'add_exclude_fp' from 'add_exclude_file' # 602| if (buf_count == buf_alloc) # 603| buf = xpalloc (buf, &buf_alloc, 1, -1, 1); # 604|-> buf[buf_count++] = c; # 605| } # 606| Error: GCC_ANALYZER_WARNING (CWE-401): [#def3] diffutils-3.12/lib/ialloc.h:57:10: warning[-Wanalyzer-malloc-leak]: leak of 'ximalloc(s + 1)' diffutils-3.12/lib/xmalloc.c:327:1: enter_function: entry to 'ximemdup0' diffutils-3.12/lib/xmalloc.c:329:18: call_function: calling 'ximalloc' from 'ximemdup0' # 55| imalloc (idx_t s) # 56| { # 57|-> return s <= SIZE_MAX ? malloc (s) : _gl_alloc_nomem (); # 58| } # 59| Error: GCC_ANALYZER_WARNING (CWE-401): [#def4] diffutils-3.12/lib/ialloc.h:57:10: warning[-Wanalyzer-malloc-leak]: leak of 'ximalloc(s)' diffutils-3.12/lib/xmalloc.c:318:1: enter_function: entry to 'ximemdup' diffutils-3.12/lib/xmalloc.c:320:10: call_function: calling 'ximalloc' from 'ximemdup' # 55| imalloc (idx_t s) # 56| { # 57|-> return s <= SIZE_MAX ? malloc (s) : _gl_alloc_nomem (); # 58| } # 59| Error: GCC_ANALYZER_WARNING (CWE-401): [#def5] diffutils-3.12/lib/ialloc.h:91:10: warning[-Wanalyzer-malloc-leak]: leak of 'xicalloc(s, 1)' diffutils-3.12/lib/xmalloc.c:287:1: enter_function: entry to 'xizalloc' diffutils-3.12/lib/xmalloc.c:289:10: call_function: calling 'xicalloc' from 'xizalloc' # 89| s = 0; # 90| } # 91|-> return calloc (n, s); # 92| } # 93| Error: GCC_ANALYZER_WARNING (CWE-401): [#def6] diffutils-3.12/lib/time_rz.c:88:22: warning[-Wanalyzer-malloc-leak]: leak of 'tzalloc(getenv("TZ"))' diffutils-3.12/lib/./time.h:1116:1: enter_function: entry to 'mktime_z' diffutils-3.12/lib/time_rz.c:282:6: branch_false: following 'false' branch (when 'tz' is non-NULL)... diffutils-3.12/lib/time_rz.c:286:27: branch_false: ...to here diffutils-3.12/lib/time_rz.c:286:27: call_function: calling 'set_tz' from 'mktime_z' # 86| { # 87| size_t name_size = name ? strlen (name) + 1 : 0; # 88|-> size_t abbr_size = name_size < ABBR_SIZE_MIN ? ABBR_SIZE_MIN : name_size + 1; # 89| timezone_t tz = malloc (FLEXSIZEOF (struct tm_zone, abbrs, abbr_size)); # 90| if (tz) Error: GCC_ANALYZER_WARNING (CWE-401): [#def7] diffutils-3.12/lib/time_rz.c:206:10: warning[-Wanalyzer-malloc-leak]: leak of 'set_tz(tz)' diffutils-3.12/lib/./time.h:1116:1: enter_function: entry to 'mktime_z' diffutils-3.12/lib/time_rz.c:282:6: branch_false: following 'false' branch (when 'tz' is non-NULL)... diffutils-3.12/lib/time_rz.c:286:27: branch_false: ...to here diffutils-3.12/lib/time_rz.c:286:27: call_function: calling 'set_tz' from 'mktime_z' diffutils-3.12/lib/time_rz.c:286:27: return_function: returning to 'mktime_z' from 'set_tz' diffutils-3.12/lib/time_rz.c:287:10: branch_true: following 'true' branch... diffutils-3.12/lib/time_rz.c:290:25: branch_true: ...to here diffutils-3.12/lib/time_rz.c:206:10: danger: 'set_tz(tz)' leaks here; was allocated at [(10)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/9) # 204| if (env_tz # 205| ? tz->tz_is_set && strcmp (tz->abbrs, env_tz) == 0 # 206|-> : !tz->tz_is_set) # 207| return local_tz; # 208| else Error: CPPCHECK_WARNING (CWE-252): [#def8] diffutils-3.12/lib/xfreopen.c:31: error[leakReturnValNotUsed]: Return value of allocation function 'freopen' is not stored. # 29| xfreopen (char const *filename, char const *mode, FILE *fp) # 30| { # 31|-> if (!freopen (filename, mode, fp)) # 32| { # 33| char const *f = (filename ? filename Error: GCC_ANALYZER_WARNING (CWE-401): [#def9] diffutils-3.12/lib/xmalloc.c:45:10: warning[-Wanalyzer-malloc-leak]: leak of 'xmalloc(n)' diffutils-3.12/lib/xmalloc.c:55:1: enter_function: entry to 'xcharalloc' diffutils-3.12/lib/xmalloc.c:57:10: call_function: calling 'xmalloc' from 'xcharalloc' # 43| xmalloc (size_t s) # 44| { # 45|-> return check_nonnull (malloc (s)); # 46| } # 47| Error: GCC_ANALYZER_WARNING (CWE-401): [#def10] diffutils-3.12/lib/xmalloc.c:45:10: warning[-Wanalyzer-malloc-leak]: leak of 'xmalloc(s)' diffutils-3.12/lib/xmalloc.c:312:1: enter_function: entry to 'xmemdup' diffutils-3.12/lib/xmalloc.c:314:10: call_function: calling 'xmalloc' from 'xmemdup' # 43| xmalloc (size_t s) # 44| { # 45|-> return check_nonnull (malloc (s)); # 46| } # 47| Error: GCC_ANALYZER_WARNING (CWE-401): [#def11] diffutils-3.12/lib/xmalloc.c:298:10: warning[-Wanalyzer-malloc-leak]: leak of 'xcalloc(s, 1)' diffutils-3.12/lib/xmalloc.c:281:1: enter_function: entry to 'xzalloc' diffutils-3.12/lib/xmalloc.c:283:10: call_function: calling 'xcalloc' from 'xzalloc' # 296| xcalloc (size_t n, size_t s) # 297| { # 298|-> return check_nonnull (calloc (n, s)); # 299| } # 300| Error: GCC_ANALYZER_WARNING (CWE-401): [#def12] diffutils-3.12/lib/xmalloc.c:314:10: warning[-Wanalyzer-malloc-leak]: leak of 'xmemdup(string, strlen(string) + 1)' diffutils-3.12/lib/xmalloc.c:337:1: enter_function: entry to 'xstrdup' diffutils-3.12/lib/xmalloc.c:339:10: call_function: calling 'xmemdup' from 'xstrdup' # 312| xmemdup (void const *p, size_t s) # 313| { # 314|-> return memcpy (xmalloc (s), p, s); # 315| } # 316| Error: CPPCHECK_WARNING (CWE-457): [#def13] diffutils-3.12/src/cmp.c:338: error[uninitvar]: Uninitialized variable: &nullstat # 336| && S_ISCHR (outstat.st_mode) # 337| && stat (NULL_DEVICE, &nullstat) == 0 # 338|-> && same_file (&outstat, &nullstat)) # 339| comparison_type = type_no_stdout; # 340| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def14] diffutils-3.12/src/diff.c:434:27: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>' diffutils-3.12/src/diff.c:326:8: branch_true: following 'true' branch (when 'c >= 0')... diffutils-3.12/src/diff.c:328:5: branch_true: ...to here diffutils-3.12/src/diff.c:434:27: branch_true: following 'true' branch (when 'i != 104')... diffutils-3.12/src/diff.c:436:20: branch_true: ...to here diffutils-3.12/src/diff.c:434:27: branch_true: following 'true' branch (when 'i != 104')... diffutils-3.12/src/diff.c:436:20: branch_true: ...to here diffutils-3.12/src/diff.c:434:27: branch_true: following 'true' branch (when 'i != 104')... diffutils-3.12/src/diff.c:436:20: branch_true: ...to here diffutils-3.12/src/diff.c:434:27: branch_false: following 'false' branch (when 'i == 104')... branch_false: ...to here diffutils-3.12/src/diff.c:434:27: danger: '<unknown>' leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4) # 432| int changes = 0; # 433| # 434|-> for (int i = 0; i < sizeof C_ifdef_group_formats; i++) # 435| { # 436| char ch = C_ifdef_group_formats[i]; Error: GCC_ANALYZER_WARNING (CWE-401): [#def15] diffutils-3.12/src/diff.c:935:11: warning[-Wanalyzer-malloc-leak]: leak of '**reglist.buf.fastmap' diffutils-3.12/src/diff.c:931:6: branch_true: following 'true' branch... diffutils-3.12/src/diff.c:934:7: branch_true: ...to here diffutils-3.12/src/diff.c:935:11: danger: '**reglist.buf.fastmap' leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2) # 933| /* At least one regexp was specified. Allocate a fastmap for it. */ # 934| reglist->buf->fastmap = xmalloc (1 << CHAR_BIT); # 935|-> if (reglist->multiple_regexps) # 936| { # 937| /* Compile the disjunction of the regexps. Error: GCC_ANALYZER_WARNING (CWE-401): [#def16] diffutils-3.12/src/diff3.c:857:14: warning[-Wanalyzer-malloc-leak]: leak of 'create_diff3_block(low[0], high[0], low[1], high[1], lowc, highc)' diffutils-3.12/src/diff3.c:678:1: enter_function: entry to 'using_to_diff3_block' diffutils-3.12/src/diff3.c:692:19: branch_true: following 'true' branch (when 'd != 2')... diffutils-3.12/src/diff3.c:693:14: branch_true: ...to here diffutils-3.12/src/diff3.c:706:7: call_function: calling 'create_diff3_block' from 'using_to_diff3_block' diffutils-3.12/src/diff3.c:706:7: return_function: returning to 'using_to_diff3_block' from 'create_diff3_block' diffutils-3.12/src/diff3.c:711:19: branch_true: following 'true' branch (when 'd != 2')... diffutils-3.12/src/diff3.c:712:40: branch_true: ...to here diffutils-3.12/src/diff3.c:712:45: branch_true: following 'true' branch (when 'ptr' is non-NULL)... diffutils-3.12/src/diff3.c:714:29: branch_true: ...to here diffutils-3.12/src/diff3.c:857:14: danger: 'create_diff3_block(low[0], high[0], low[1], high[1], lowc, highc)' leaks here; was allocated at [(6)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/5) # 855| } # 856| # 857|-> numlines = D_NUMLINES (result, FILE1); # 858| if (numlines) # 859| { Error: GCC_ANALYZER_WARNING (CWE-401): [#def17] diffutils-3.12/src/diff3.c:1051:7: warning[-Wanalyzer-malloc-leak]: leak of 'xmalloc(72)' diffutils-3.12/src/diff3.c:908:1: enter_function: entry to 'process_diff' diffutils-3.12/src/diff3.c:914:22: call_function: calling 'read_diff' from 'process_diff' diffutils-3.12/src/diff3.c:914:22: return_function: returning to 'process_diff' from 'read_diff' diffutils-3.12/src/diff3.c:916:10: branch_true: following 'true' branch... diffutils-3.12/src/diff3.c:918:33: branch_true: ...to here diffutils-3.12/src/diff3.c:922:27: call_function: calling 'process_diff_control' from 'process_diff' diffutils-3.12/src/diff3.c:922:27: return_function: returning to 'process_diff' from 'process_diff_control' diffutils-3.12/src/diff3.c:1051:7: danger: 'xmalloc(72)' leaks here; was allocated at [(24)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/23) # 1049| # 1050| /* Read first set of digits */ # 1051|-> s = readnum (skipwhite (s), &db->ranges[0][RANGE_START]); # 1052| if (! s) # 1053| return DIFF_ERROR; Error: GCC_ANALYZER_WARNING (CWE-401): [#def18] diffutils-3.12/src/io.c:1300:3: warning[-Wanalyzer-malloc-leak]: leak of 'xnmalloc((long unsigned int)__real__ <unknown>, 8)' diffutils-3.12/src/io.c:1329:1: enter_function: entry to 'read_files' diffutils-3.12/src/io.c:1334:6: branch_true: following 'true' branch... diffutils-3.12/src/io.c:1335:41: branch_true: ...to here diffutils-3.12/src/io.c:1335:23: call_function: calling 'sip' from 'read_files' diffutils-3.12/src/io.c:1335:23: return_function: returning to 'read_files' from 'sip' diffutils-3.12/src/io.c:1342:6: branch_false: following 'false' branch (when 'appears_binary == 0')... diffutils-3.12/src/io.c:1349:3: branch_false: ...to here diffutils-3.12/src/io.c:1349:3: call_function: calling 'find_identical_ends' from 'read_files' # 1298| linbuf[0] points at the first differing line. */ # 1299| filevec[0].linbuf = linbuf0 + buffered_prefix; # 1300|-> filevec[1].linbuf = linbuf1 + buffered_prefix; # 1301| filevec[0].linbuf_base = filevec[1].linbuf_base = - buffered_prefix; # 1302| filevec[0].alloc_lines = alloc_lines0 - buffered_prefix; Error: GCC_ANALYZER_WARNING (CWE-401): [#def19] diffutils-3.12/src/io.c:1305:1: warning[-Wanalyzer-malloc-leak]: leak of 'linbuf0' diffutils-3.12/src/io.c:1329:1: enter_function: entry to 'read_files' diffutils-3.12/src/io.c:1334:6: branch_true: following 'true' branch... diffutils-3.12/src/io.c:1335:41: branch_true: ...to here diffutils-3.12/src/io.c:1335:23: call_function: calling 'sip' from 'read_files' diffutils-3.12/src/io.c:1335:23: return_function: returning to 'read_files' from 'sip' diffutils-3.12/src/io.c:1342:6: branch_false: following 'false' branch (when 'appears_binary == 0')... diffutils-3.12/src/io.c:1349:3: branch_false: ...to here diffutils-3.12/src/io.c:1349:3: call_function: calling 'find_identical_ends' from 'read_files' # 1303| filevec[1].alloc_lines = alloc_lines1 - buffered_prefix; # 1304| filevec[0].prefix_lines = filevec[1].prefix_lines = lines; # 1305|-> } # 1306| # 1307| /* If 1 < k, then (2**k - prime_offset[k]) is the largest prime less
| analyzer-version-clippy | 1.86.0 |
| analyzer-version-cppcheck | 2.17.1 |
| analyzer-version-gcc | 15.0.1 |
| analyzer-version-gcc-analyzer | 15.0.1 |
| analyzer-version-shellcheck | 0.10.0 |
| analyzer-version-unicontrol | 0.0.2 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-220.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250425.124705.g1c7c448.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | diffutils-3.12-1.fc43 |
| store-results-to | /tmp/tmpvpoilbq8/diffutils-3.12-1.fc43.tar.xz |
| time-created | 2025-04-25 12:21:42 |
| time-finished | 2025-04-25 12:24:14 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'unicontrol,cppcheck,gcc,clippy,shellcheck' '-o' '/tmp/tmpvpoilbq8/diffutils-3.12-1.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpvpoilbq8/diffutils-3.12-1.fc43.src.rpm' |
| tool-version | csmock-3.8.1.20250422.172604.g26bc3d6-1.el9 |