gpgme-1.24.2-1.fc43

List of Findings

Error: SHELLCHECK_WARNING (CWE-156): [#def1]
/usr/bin/gpgme-config:2:28: warning[SC2046]: Quote this to prevent word splitting.
#    1|   #!/usr/bin/sh
#    2|-> exec /usr/bin/gpgme-config.$(arch) $@

Error: SHELLCHECK_WARNING (CWE-88): [#def2]
/usr/bin/gpgme-config:2:36: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#    1|   #!/usr/bin/sh
#    2|-> exec /usr/bin/gpgme-config.$(arch) $@

Error: SHELLCHECK_WARNING (CWE-563): [#def3]
/usr/bin/gpgme-config.x86_64:41:1: warning[SC2034]: libs_pthread appears unused. Verify use (or export if used externally).
#   39|   # thread modules variable.
#   40|   thread_modules="$thread_modules pthread"
#   41|-> libs_pthread="-lpthread"
#   42|   cflags_pthread=""
#   43|   

Error: SHELLCHECK_WARNING (CWE-457): [#def4]
/usr/bin/gpgme-config.x86_64:128:37: warning[SC2154]: assuan_cflags is referenced but not assigned.
#  126|   	    esac
#  127|   	    test "x$with_glib" = "xyes" && tmp_g="$cflags_glib"
#  128|->             for i in $cflags $tmp_c $assuan_cflags $gpg_error_cflags $tmp_g ; do
#  129|                 skip=no
#  130|                 case $i in

Error: SHELLCHECK_WARNING (CWE-457): [#def5]
/usr/bin/gpgme-config.x86_64:164:35: warning[SC2154]: assuan_libs is referenced but not assigned.
#  162|   		    ;;
#  163|   	    esac
#  164|->             for i in $libs $tmp_l $assuan_libs $gpg_error_libs $tmp_x; do
#  165|                 skip=no
#  166|                 case $i in

Error: SHELLCHECK_WARNING (CWE-457): [#def6]
/usr/bin/gpgme-config.x86_64:164:48: warning[SC2154]: gpg_error_libs is referenced but not assigned.
#  162|   		    ;;
#  163|   	    esac
#  164|->             for i in $libs $tmp_l $assuan_libs $gpg_error_libs $tmp_x; do
#  165|                 skip=no
#  166|                 case $i in

Error: GCC_ANALYZER_WARNING (CWE-401): [#def7]
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:199:23: warning[-Wanalyzer-malloc-leak]: leak of ‘opt_date’
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:142:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:155:10: branch_true: following ‘true’ branch...
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:158:10: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:163:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:163:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:174:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:198:26: call_function: calling ‘xstrdup’ from ‘main’
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:198:26: return_function: returning to ‘main’ from ‘xstrdup’
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:155:10: branch_true: following ‘true’ branch...
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:158:10: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:163:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:163:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:174:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:198:26: call_function: calling ‘xstrdup’ from ‘main’
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:198:26: return_function: returning to ‘main’ from ‘xstrdup’
gpgme-1.24.2/build-qt6/doc/../../doc/mkdefsinc.c:199:23: danger: ‘opt_date’ leaks here; was allocated at [(12)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/11)
#  197|               {
#  198|                 opt_date = xstrdup (*argv);
#  199|->               argc--; argv++;
#  200|               }
#  201|           }

Error: CPPCHECK_WARNING (CWE-457): [#def8]
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:785: warning[uninitvar]: Uninitialized variable: buff
#  783|       *r = 0;
#  784|     }
#  785|->   return buff;
#  786|   }
#  787|   

Error: CPPCHECK_WARNING (CWE-476): [#def9]
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:1681: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: data
# 1679|       SwigPyClientData *data = (SwigPyClientData *)malloc(sizeof(SwigPyClientData));
# 1680|       /* the klass element */
# 1681|->     data->klass = obj;
# 1682|       SWIG_Py_INCREF(data->klass);
# 1683|       /* the newraw method and newargs arguments used to create a new raw instance */

Error: CPPCHECK_WARNING (CWE-476): [#def10]
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:1682: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: data
# 1680|       /* the klass element */
# 1681|       data->klass = obj;
# 1682|->     SWIG_Py_INCREF(data->klass);
# 1683|       /* the newraw method and newargs arguments used to create a new raw instance */
# 1684|       if (PyClass_Check(obj)) {

Error: COMPILER_WARNING (CWE-457): [#def11]
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:3960:10: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
# 3960 |     *obj = value;
#      |     ~~~~~^~~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_error_t_p_assign’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:49010:17: note: ‘arg2’ was declared here
#49010 |   gpgme_error_t arg2 ;
#      |                 ^~~~
# 3958|   
# 3959|     static void gpgme_error_t_p_assign(gpgme_error_t *obj, gpgme_error_t value) {
# 3960|->     *obj = value;
# 3961|     }
# 3962|   

Error: COMPILER_WARNING (CWE-457): [#def12]
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_data_seek’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:4158:14: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
# 4158 |     result = gpgme_data_seek(arg1,arg2,arg3);
#      |              ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:4119:9: note: ‘arg2’ was declared here
# 4119 |   off_t arg2 ;
#      |         ^~~~
# 4156|     {
# 4157|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
# 4158|->     result = gpgme_data_seek(arg1,arg2,arg3);
# 4159|       SWIG_PYTHON_THREAD_END_ALLOW;
# 4160|     }

Error: COMPILER_WARNING (CWE-457): [#def13]
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_strerror’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:4718:22: warning[-Wmaybe-uninitialized]: ‘arg1’ may be used uninitialized
# 4718 |     result = (char *)gpgme_strerror(arg1);
#      |                      ^~~~~~~~~~~~~~~~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:4699:17: note: ‘arg1’ was declared here
# 4699 |   gpgme_error_t arg1 ;
#      |                 ^~~~
# 4716|     {
# 4717|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
# 4718|->     result = (char *)gpgme_strerror(arg1);
# 4719|       SWIG_PYTHON_THREAD_END_ALLOW;
# 4720|     }

Error: COMPILER_WARNING (CWE-457): [#def14]
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_strerror_r’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:4773:14: warning[-Wmaybe-uninitialized]: ‘arg1’ may be used uninitialized
# 4773 |     result = (int)gpgme_strerror_r(arg1,arg2,arg3);
#      |              ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:4730:15: note: ‘arg1’ was declared here
# 4730 |   gpg_error_t arg1 ;
#      |               ^~~~
# 4771|     {
# 4772|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
# 4773|->     result = (int)gpgme_strerror_r(arg1,arg2,arg3);
# 4774|       SWIG_PYTHON_THREAD_END_ALLOW;
# 4775|     }

Error: COMPILER_WARNING (CWE-457): [#def15]
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_strsource’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:4814:22: warning[-Wmaybe-uninitialized]: ‘arg1’ may be used uninitialized
# 4814 |     result = (char *)gpgme_strsource(arg1);
#      |                      ^~~~~~~~~~~~~~~~~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:4795:17: note: ‘arg1’ was declared here
# 4795 |   gpgme_error_t arg1 ;
#      |                 ^~~~
# 4812|     {
# 4813|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
# 4814|->     result = (char *)gpgme_strsource(arg1);
# 4815|       SWIG_PYTHON_THREAD_END_ALLOW;
# 4816|     }

Error: COMPILER_WARNING (CWE-457): [#def16]
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_err_code_to_errno’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:4875:14: warning[-Wmaybe-uninitialized]: ‘arg1’ may be used uninitialized
# 4875 |     result = (int)gpgme_err_code_to_errno(arg1);
#      |              ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:4856:20: note: ‘arg1’ was declared here
# 4856 |   gpgme_err_code_t arg1 ;
#      |                    ^~~~
# 4873|     {
# 4874|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
# 4875|->     result = (int)gpgme_err_code_to_errno(arg1);
# 4876|       SWIG_PYTHON_THREAD_END_ALLOW;
# 4877|     }

Error: COMPILER_WARNING (CWE-457): [#def17]
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_err_make_from_errno’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:4960:14: warning[-Wmaybe-uninitialized]: ‘arg1’ may be used uninitialized
# 4960 |     result = gpgme_err_make_from_errno(arg1,arg2);
#      |              ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:4934:22: note: ‘arg1’ was declared here
# 4934 |   gpgme_err_source_t arg1 ;
#      |                      ^~~~
# 4958|     {
# 4959|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
# 4960|->     result = gpgme_err_make_from_errno(arg1,arg2);
# 4961|       SWIG_PYTHON_THREAD_END_ALLOW;
# 4962|     }

Error: COMPILER_WARNING (CWE-457): [#def18]
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap__gpgme_key_sig_status_set’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:8764:30: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
# 8764 |     if (arg1) (arg1)->status = arg2;
#      |               ~~~~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:8740:17: note: ‘arg2’ was declared here
# 8740 |   gpgme_error_t arg2 ;
#      |                 ^~~~
# 8762|     {
# 8763|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
# 8764|->     if (arg1) (arg1)->status = arg2;
# 8765|       SWIG_PYTHON_THREAD_END_ALLOW;
# 8766|     }

Error: COMPILER_WARNING (CWE-457): [#def19]
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap__gpgme_invalid_key_reason_set’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:13036:30: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#13036 |     if (arg1) (arg1)->reason = arg2;
#      |               ~~~~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:13012:17: note: ‘arg2’ was declared here
#13012 |   gpgme_error_t arg2 ;
#      |                 ^~~~
#13034|     {
#13035|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#13036|->     if (arg1) (arg1)->reason = arg2;
#13037|       SWIG_PYTHON_THREAD_END_ALLOW;
#13038|     }

Error: COMPILER_WARNING (CWE-457): [#def20]
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_io_event_done_data_err_set’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:14712:27: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#14712 |     if (arg1) (arg1)->err = arg2;
#      |               ~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:14688:17: note: ‘arg2’ was declared here
#14688 |   gpgme_error_t arg2 ;
#      |                 ^~~~
#14710|     {
#14711|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#14712|->     if (arg1) (arg1)->err = arg2;
#14713|       SWIG_PYTHON_THREAD_END_ALLOW;
#14714|     }

Error: COMPILER_WARNING (CWE-457): [#def21]
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_io_event_done_data_op_err_set’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:14779:30: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#14779 |     if (arg1) (arg1)->op_err = arg2;
#      |               ~~~~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:14755:17: note: ‘arg2’ was declared here
#14755 |   gpgme_error_t arg2 ;
#      |                 ^~~~
#14777|     {
#14778|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#14779|->     if (arg1) (arg1)->op_err = arg2;
#14780|       SWIG_PYTHON_THREAD_END_ALLOW;
#14781|     }

Error: CPPCHECK_WARNING (CWE-457): [#def22]
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:16356: error[legacyUninitvar]: Uninitialized variable: arg2
#16354|     {
#16355|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#16356|->     result = gpgme_data_new_from_estream(arg1,arg2);
#16357|       SWIG_PYTHON_THREAD_END_ALLOW;
#16358|     }

Error: COMPILER_WARNING (CWE-457): [#def23]
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_data_new_from_filepart’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:16768:14: warning[-Wmaybe-uninitialized]: ‘arg4’ may be used uninitialized
#16768 |     result = gpgme_data_new_from_filepart(arg1,(char const *)arg2,arg3,arg4,arg5);
#      |              ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:16704:9: note: ‘arg4’ was declared here
#16704 |   off_t arg4 ;
#      |         ^~~~
#16766|     {
#16767|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#16768|->     result = gpgme_data_new_from_filepart(arg1,(char const *)arg2,arg3,arg4,arg5);
#16769|       SWIG_PYTHON_THREAD_END_ALLOW;
#16770|     }

Error: COMPILER_WARNING (CWE-457): [#def24]
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap__gpgme_recipient_status_set’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:21694:30: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#21694 |     if (arg1) (arg1)->status = arg2;
#      |               ~~~~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:21670:17: note: ‘arg2’ was declared here
#21670 |   gpgme_error_t arg2 ;
#      |                 ^~~~
#21692|     {
#21693|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#21694|->     if (arg1) (arg1)->status = arg2;
#21695|       SWIG_PYTHON_THREAD_END_ALLOW;
#21696|     }

Error: COMPILER_WARNING (CWE-457): [#def25]
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap__gpgme_signature_status_set’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:27385:30: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#27385 |     if (arg1) (arg1)->status = arg2;
#      |               ~~~~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:27361:17: note: ‘arg2’ was declared here
#27361 |   gpgme_error_t arg2 ;
#      |                 ^~~~
#27383|     {
#27384|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#27385|->     if (arg1) (arg1)->status = arg2;
#27386|       SWIG_PYTHON_THREAD_END_ALLOW;
#27387|     }

Error: COMPILER_WARNING (CWE-457): [#def26]
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap__gpgme_signature_validity_reason_set’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:28084:39: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#28084 |     if (arg1) (arg1)->validity_reason = arg2;
#      |               ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:28060:17: note: ‘arg2’ was declared here
#28060 |   gpgme_error_t arg2 ;
#      |                 ^~~~
#28082|     {
#28083|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#28084|->     if (arg1) (arg1)->validity_reason = arg2;
#28085|       SWIG_PYTHON_THREAD_END_ALLOW;
#28086|     }

Error: COMPILER_WARNING (CWE-457): [#def27]
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap__gpgme_import_status_result_set’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:31690:30: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#31690 |     if (arg1) (arg1)->result = arg2;
#      |               ~~~~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:31666:17: note: ‘arg2’ was declared here
#31666 |   gpgme_error_t arg2 ;
#      |                 ^~~~
#31688|     {
#31689|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#31690|->     if (arg1) (arg1)->result = arg2;
#31691|       SWIG_PYTHON_THREAD_END_ALLOW;
#31692|     }

Error: COMPILER_WARNING (CWE-457): [#def28]
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_op_receive_keys_start’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:33661:19: warning[-Wmaybe-uninitialized]: ‘size2’ may be used uninitialized
#33661 |     for (i = 0; i < size2; i++)
#      |                 ~~^~~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:33589:10: note: ‘size2’ was declared here
#33589 |   size_t size2 ;
#      |          ^~~~~
#33659|       size_t i;
#33660|       free(vector2);
#33661|->     for (i = 0; i < size2; i++)
#33662|       Py_XDECREF(pyVector2[i]);
#33663|     }

Error: COMPILER_WARNING (CWE-457): [#def29]
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_op_receive_keys’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:33747:19: warning[-Wmaybe-uninitialized]: ‘size2’ may be used uninitialized
#33747 |     for (i = 0; i < size2; i++)
#      |                 ~~^~~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:33675:10: note: ‘size2’ was declared here
#33675 |   size_t size2 ;
#      |          ^~~~~
#33745|       size_t i;
#33746|       free(vector2);
#33747|->     for (i = 0; i < size2; i++)
#33748|       Py_XDECREF(pyVector2[i]);
#33749|     }

Error: COMPILER_WARNING (CWE-457): [#def30]
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_op_export_ext_start’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:34540:19: warning[-Wmaybe-uninitialized]: ‘size2’ may be used uninitialized
#34540 |     for (i = 0; i < size2; i++)
#      |                 ~~^~~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:34335:10: note: ‘size2’ was declared here
#34335 |   size_t size2 ;
#      |          ^~~~~
#34538|       size_t i;
#34539|       free(vector2);
#34540|->     for (i = 0; i < size2; i++)
#34541|       Py_XDECREF(pyVector2[i]);
#34542|     }

Error: COMPILER_WARNING (CWE-457): [#def31]
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_op_export_ext’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:34856:19: warning[-Wmaybe-uninitialized]: ‘size2’ may be used uninitialized
#34856 |     for (i = 0; i < size2; i++)
#      |                 ~~^~~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:34651:10: note: ‘size2’ was declared here
#34651 |   size_t size2 ;
#      |          ^~~~~
#34854|       size_t i;
#34855|       free(vector2);
#34856|->     for (i = 0; i < size2; i++)
#34857|       Py_XDECREF(pyVector2[i]);
#34858|     }

Error: COMPILER_WARNING (CWE-457): [#def32]
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_op_keylist_ext_start’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:40192:19: warning[-Wmaybe-uninitialized]: ‘size2’ may be used uninitialized
#40192 |     for (i = 0; i < size2; i++)
#      |                 ~~^~~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:40106:10: note: ‘size2’ was declared here
#40106 |   size_t size2 ;
#      |          ^~~~~
#40190|       size_t i;
#40191|       free(vector2);
#40192|->     for (i = 0; i < size2; i++)
#40193|       Py_XDECREF(pyVector2[i]);
#40194|     }

Error: COMPILER_WARNING (CWE-457): [#def33]
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_op_spawn_start’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:41761:19: warning[-Wmaybe-uninitialized]: ‘size3’ may be used uninitialized
#41761 |     for (i = 0; i < size3; i++)
#      |                 ~~^~~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:41636:10: note: ‘size3’ was declared here
#41636 |   size_t size3 ;
#      |          ^~~~~
#41759|       size_t i;
#41760|       free(vector3);
#41761|->     for (i = 0; i < size3; i++)
#41762|       Py_XDECREF(pyVector3[i]);
#41763|     }

Error: COMPILER_WARNING (CWE-457): [#def34]
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_op_spawn’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:41906:19: warning[-Wmaybe-uninitialized]: ‘size3’ may be used uninitialized
#41906 |     for (i = 0; i < size3; i++)
#      |                 ~~^~~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:41781:10: note: ‘size3’ was declared here
#41781 |   size_t size3 ;
#      |          ^~~~~
#41904|       size_t i;
#41905|       free(vector3);
#41906|->     for (i = 0; i < size3; i++)
#41907|       Py_XDECREF(pyVector3[i]);
#41908|     }

Error: COMPILER_WARNING (CWE-457): [#def35]
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap__gpgme_op_assuan_result_err_set’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:48297:27: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#48297 |     if (arg1) (arg1)->err = arg2;
#      |               ~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/gpgme_wrap.c:48273:17: note: ‘arg2’ was declared here
#48273 |   gpgme_error_t arg2 ;
#      |                 ^~~~
#48295|     {
#48296|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#48297|->     if (arg1) (arg1)->err = arg2;
#48298|       SWIG_PYTHON_THREAD_END_ALLOW;
#48299|     }

Error: COMPILER_WARNING (CWE-477): [#def36]
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/helpers.c: scope_hint: In function ‘_gpg_stash_callback_exception’
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/helpers.c:119:3: warning[-Wdeprecated-declarations]: ‘PyWeakref_GetObject’ is deprecated
#  119 |   self = PyWeakref_GetObject(weak_self);
#      |   ^~~~
/usr/include/python3.13/Python.h:113: included_from: Included from here.
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/helpers.c:30: included_from: Included from here.
/usr/include/python3.13/weakrefobject.h:30:44: note: declared here
#   30 | Py_DEPRECATED(3.13) PyAPI_FUNC(PyObject *) PyWeakref_GetObject(PyObject *ref);
#      |                                            ^~~~~~~~~~~~~~~~~~~
#  117|     }
#  118|   
#  119|->   self = PyWeakref_GetObject(weak_self);
#  120|     /* self only has a borrowed reference.  */
#  121|     if (self == Py_None) {

Error: COMPILER_WARNING (CWE-477): [#def37]
gpgme-1.24.2/build-qt6/lang/python/python3.13-gpg/helpers.c:119:3: warning[-Wdeprecated-declarations]: ‘PyWeakref_GetObject’ is deprecated
#  117|     }
#  118|   
#  119|->   self = PyWeakref_GetObject(weak_self);
#  120|     /* self only has a borrowed reference.  */
#  121|     if (self == Py_None) {

Error: GCC_ANALYZER_WARNING (CWE-465): [#def38]
gpgme-1.24.2/build-qt6/src/../../src/data-identify.c:453:18: warning[-Wanalyzer-deref-before-check]: check of 'data' for NULL after already dereferencing it
gpgme-1.24.2/build-qt6/src/../../src/data-identify.c:316:6: branch_false: following 'false' branch (when 'datalen > 23')...
gpgme-1.24.2/build-qt6/src/../../src/data-identify.c:346:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/data-identify.c:441:6: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/data-identify.c:453:8: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/data-identify.c:453:18: danger: pointer 'data' is checked for NULL here but it was already dereferenced at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#  451|   
#  452|     /* Now check whether there are armor lines.  */
#  453|->   for (s = data; s && *s; s = (*s=='\n')?(s+1):((s=strchr (s,'\n'))?(s+1):s))
#  454|       {
#  455|         if (!strncmp (s, "-----BEGIN ", 11))

Error: GCC_ANALYZER_WARNING (CWE-401): [#def39]
gpgme-1.24.2/build-qt6/src/../../src/data.c:624:14: warning[-Wanalyzer-malloc-leak]: leak of 'malloc((long unsigned int)*dh.io_buffer_size)'
gpgme-1.24.2/build-qt6/src/../../src/data.c:619:6: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/data.c:621:12: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/data.c:621:10: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/data.c:623:32: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/data.c:623:32: acquire_memory: allocated here
gpgme-1.24.2/build-qt6/src/../../src/data.c:624:14: danger: 'malloc((long unsigned int)*dh.io_buffer_size)' leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  622|           {
#  623|             dh->inbound_buffer = malloc (dh->io_buffer_size);
#  624|->           if (!dh->inbound_buffer)
#  625|               return TRACE_ERR (gpg_error_from_syserror ());
#  626|           }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def40]
gpgme-1.24.2/build-qt6/src/../../src/data.c:684:14: warning[-Wanalyzer-malloc-leak]: leak of 'malloc((long unsigned int)*dh.io_buffer_size)'
gpgme-1.24.2/build-qt6/src/../../src/data.c:679:6: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/data.c:681:12: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/data.c:681:10: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/data.c:683:33: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/data.c:683:33: acquire_memory: allocated here
gpgme-1.24.2/build-qt6/src/../../src/data.c:684:14: danger: 'malloc((long unsigned int)*dh.io_buffer_size)' leaks here; was allocated at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
#  682|           {
#  683|             dh->outbound_buffer = malloc (dh->io_buffer_size);
#  684|->           if (!dh->outbound_buffer)
#  685|               return TRACE_ERR (gpg_error_from_syserror ());
#  686|             dh->outbound_pending = 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def41]
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1628:12: warning[-Wanalyzer-malloc-leak]: leak of 'cmd'
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1590:1: enter_function: entry to 'gpgsm_export'
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1609:9: acquire_memory: allocated here
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1610:6: branch_false: following 'false' branch (when 'cmd' is non-NULL)...
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1613:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1625:9: call_function: calling 'gpgsm_set_fd' from 'gpgsm_export'
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1625:9: return_function: returning to 'gpgsm_export' from 'gpgsm_set_fd'
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1627:6: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1628:12: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1628:12: danger: 'cmd' leaks here; was allocated at [(2)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/1)
# 1626|   		      : map_data_enc (gpgsm->output_cb.data));
# 1627|     if (err)
# 1628|->     return err;
# 1629|     gpgsm_clear_fd (gpgsm, INPUT_FD);
# 1630|     gpgsm_clear_fd (gpgsm, MESSAGE_FD);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def42]
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1735:12: warning[-Wanalyzer-malloc-leak]: leak of 'line'
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1640:1: enter_function: entry to 'gpgsm_export_ext'
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1678:10: acquire_memory: allocated here
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1679:6: branch_false: following 'false' branch (when 'line' is non-NULL)...
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1682:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1732:9: call_function: calling 'gpgsm_set_fd' from 'gpgsm_export_ext'
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1732:9: return_function: returning to 'gpgsm_export_ext' from 'gpgsm_set_fd'
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1734:6: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1735:12: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/engine-gpgsm.c:1735:12: danger: 'line' leaks here; was allocated at [(2)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/1)
# 1733|   		      : map_data_enc (gpgsm->output_cb.data));
# 1734|     if (err)
# 1735|->     return err;
# 1736|     gpgsm_clear_fd (gpgsm, INPUT_FD);
# 1737|     gpgsm_clear_fd (gpgsm, MESSAGE_FD);

Error: GCC_ANALYZER_WARNING (CWE-457): [#def43]
gpgme-1.24.2/build-qt6/src/../../src/key.c:470:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'key'
gpgme-1.24.2/build-qt6/src/../../src/key.c:459:1: enter_function: entry to 'gpgme_key_from_uid'
gpgme-1.24.2/build-qt6/src/../../src/key.c:465:9: call_function: calling '_gpgme_key_new' from 'gpgme_key_from_uid'
gpgme-1.24.2/build-qt6/src/../../src/key.c:465:9: return_function: returning to 'gpgme_key_from_uid' from '_gpgme_key_new'
gpgme-1.24.2/build-qt6/src/../../src/key.c:466:6: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/key.c:470:9: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/key.c:470:9: danger: use of uninitialized value 'key' here
#  468|   
#  469|     /* Note: protocol doesn't matter if only email is provided.  */
#  470|->   err = _gpgme_key_append_name (key, name, 0);
#  471|     if (err)
#  472|       gpgme_key_unref (key);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def44]
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:648:35: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open("/dev/null", 2)'
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:549:6: branch_false: following 'false' branch (when 'pid != -1')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:552:6: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:552:6: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:555:18: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:555:10: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:564:14: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:640:20: acquire_resource: opened here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:641:18: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:648:35: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:653:18: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:655:23: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:648:35: danger: 'open("/dev/null", 2)' leaks here; was opened at [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6)
#  646|   		}
#  647|   	      /* Make sure that the process has connected stdin.  */
#  648|-> 	      if (! seen_stdin && fd != 0)
#  649|   		{
#  650|   		  if (dup2 (fd, 0) == -1)

Error: GCC_ANALYZER_WARNING (CWE-775): [#def45]
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:650:22: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'dup2(open("/dev/null", 2), 0)'
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:549:6: branch_false: following 'false' branch (when 'pid != -1')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:552:6: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:552:6: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:555:18: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:555:10: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:564:14: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:641:18: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:648:35: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:648:18: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:650:23: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:650:23: acquire_resource: opened here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:650:22: danger: 'dup2(open("/dev/null", 2), 0)' leaks here; was opened at [(11)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/10)
#  648|   	      if (! seen_stdin && fd != 0)
#  649|   		{
#  650|-> 		  if (dup2 (fd, 0) == -1)
#  651|                       _exit (8);
#  652|   		}

Error: GCC_ANALYZER_WARNING: [#def46]
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:650:23: warning[-Wanalyzer-fd-use-without-check]: 'dup2' on possibly invalid file descriptor '0'
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:549:6: branch_false: following 'false' branch (when 'pid != -1')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:552:6: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:552:6: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:555:18: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:555:10: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:564:14: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:593:24: branch_true: following 'true' branch (when 'max_fds > fd')...
 branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:598:18: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:599:17: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:599:17: release_resource: closed here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:641:18: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:648:35: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:648:18: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:650:23: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:650:23: danger: '0' could be invalid
#  648|   	      if (! seen_stdin && fd != 0)
#  649|   		{
#  650|-> 		  if (dup2 (fd, 0) == -1)
#  651|                       _exit (8);
#  652|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def47]
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:655:22: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'dup2(open("/dev/null", 2), 1)'
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:549:6: branch_false: following 'false' branch (when 'pid != -1')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:552:6: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:552:6: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:555:18: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:555:10: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:564:14: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:641:18: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:648:35: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:653:18: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:655:23: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:655:23: acquire_resource: opened here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:655:22: danger: 'dup2(open("/dev/null", 2), 1)' leaks here; was opened at [(11)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/10)
#  653|   	      if (! seen_stdout && fd != 1)
#  654|                   {
#  655|->                   if (dup2 (fd, 1) == -1)
#  656|                       _exit (8);
#  657|                   }

Error: GCC_ANALYZER_WARNING: [#def48]
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:655:23: warning[-Wanalyzer-fd-use-without-check]: 'dup2' on possibly invalid file descriptor '1'
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:549:6: branch_false: following 'false' branch (when 'pid != -1')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:552:6: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:552:6: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:555:18: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:555:10: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:564:14: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:593:24: branch_true: following 'true' branch (when 'max_fds > fd')...
 branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:598:18: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:599:17: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:593:24: branch_true: following 'true' branch (when 'max_fds > fd')...
 branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:598:18: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:599:17: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:599:17: release_resource: closed here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:603:23: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:638:15: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:638:14: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:640:20: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:641:18: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:648:35: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:653:18: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:655:23: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:655:23: danger: '1' could be invalid
#  653|   	      if (! seen_stdout && fd != 1)
#  654|                   {
#  655|->                   if (dup2 (fd, 1) == -1)
#  656|                       _exit (8);
#  657|                   }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def49]
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:660:22: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'dup2(open("/dev/null", 2), 2)'
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:549:6: branch_false: following 'false' branch (when 'pid != -1')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:552:6: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:552:6: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:555:18: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:555:10: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:564:14: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:641:18: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:648:35: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:655:22: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:658:19: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:658:18: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:660:23: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:660:23: acquire_resource: opened here
gpgme-1.24.2/build-qt6/src/../../src/posix-io.c:660:22: danger: 'dup2(open("/dev/null", 2), 2)' leaks here; was opened at [(13)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/12)
#  658|   	      if (! seen_stderr && fd != 2)
#  659|                   {
#  660|->                   if (dup2 (fd, 2) == -1)
#  661|                       _exit (8);
#  662|                   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def50]
gpgme-1.24.2/build-qt6/src/../../src/sign.c:207:12: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
gpgme-1.24.2/build-qt6/src/../../src/sign.c:310:1: enter_function: entry to '_gpgme_sign_status_handler'
gpgme-1.24.2/build-qt6/src/../../src/sign.c:323:6: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/sign.c:326:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/sign.c:330:13: call_function: calling 'parse_sig_created' from '_gpgme_sign_status_handler'
#  205|     sig = malloc (sizeof (*sig));
#  206|     if (!sig)
#  207|->     return gpg_error_from_syserror ();
#  208|   
#  209|     sig->next = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def51]
gpgme-1.24.2/build-qt6/src/../../src/sign.c:207:12: warning[-Wanalyzer-malloc-leak]: leak of 'sig'
gpgme-1.24.2/build-qt6/src/../../src/sign.c:310:1: enter_function: entry to '_gpgme_sign_status_handler'
gpgme-1.24.2/build-qt6/src/../../src/sign.c:323:6: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/sign.c:326:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/sign.c:330:13: call_function: calling 'parse_sig_created' from '_gpgme_sign_status_handler'
#  205|     sig = malloc (sizeof (*sig));
#  206|     if (!sig)
#  207|->     return gpg_error_from_syserror ();
#  208|   
#  209|     sig->next = NULL;

Error: GCC_ANALYZER_WARNING (CWE-787): [#def52]
gpgme-1.24.2/build-qt6/src/../../src/signers.c:85:9: warning[-Wanalyzer-out-of-bounds]: buffer overflow
gpgme-1.24.2/build-qt6/src/../../src/signers.c:72:6: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/signers.c:75:7: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/signers.c:75:6: branch_true: following 'true' branch...
gpgme-1.24.2/build-qt6/src/../../src/signers.c:78:15: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/signers.c:82:10: branch_false: following 'false' branch (when 'newarr' is non-NULL)...
gpgme-1.24.2/build-qt6/src/../../src/signers.c:84:16: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/signers.c:84:35: branch_true: following 'true' branch (when 'j < n')...
gpgme-1.24.2/build-qt6/src/../../src/signers.c:85:15: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/signers.c:84:35: branch_true: following 'true' branch (when 'j < n')...
gpgme-1.24.2/build-qt6/src/../../src/signers.c:85:15: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/signers.c:84:35: branch_true: following 'true' branch (when 'j < n')...
gpgme-1.24.2/build-qt6/src/../../src/signers.c:85:15: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/signers.c:84:35: branch_true: following 'true' branch (when 'j < n')...
gpgme-1.24.2/build-qt6/src/../../src/signers.c:85:15: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/signers.c:84:35: branch_true: following 'true' branch (when 'j < n')...
gpgme-1.24.2/build-qt6/src/../../src/signers.c:85:15: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/signers.c:84:35: branch_true: following 'true' branch (when 'j < n')...
gpgme-1.24.2/build-qt6/src/../../src/signers.c:85:15: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/signers.c:85:9: danger: write of 8 bytes at offset '(long unsigned int)j * 8' exceeds '*newarr'
#   83|   	return TRACE_ERR (gpg_error_from_syserror ());
#   84|         for (j = ctx->signers_size; j < n; j++)
#   85|-> 	newarr[j] = NULL;
#   86|         ctx->signers = newarr;
#   87|         ctx->signers_size = n;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def53]
gpgme-1.24.2/build-qt6/src/../../src/verify.c:429:6: warning[-Wanalyzer-malloc-leak]: leak of '*sig.fpr'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:930:1: enter_function: entry to '_gpgme_verify_status_handler'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:941:6: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/verify.c:944:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/verify.c:969:14: branch_true: following 'true' branch (when 'sig' is non-NULL)...
gpgme-1.24.2/build-qt6/src/../../src/verify.c:969:20: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/verify.c:969:20: call_function: calling 'parse_valid_sig' from '_gpgme_verify_status_handler'
#  427|       free (sig->fpr);
#  428|     sig->fpr = strdup (args);
#  429|->   if (!sig->fpr)
#  430|       return gpg_error_from_syserror ();
#  431|   

Error: GCC_ANALYZER_WARNING (CWE-688): [#def54]
gpgme-1.24.2/build-qt6/src/../../src/verify.c:433:9: warning[-Wanalyzer-null-argument]: use of NULL 'end' where non-null expected
gpgme-1.24.2/build-qt6/src/../../src/verify.c:930:1: enter_function: entry to '_gpgme_verify_status_handler'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:941:6: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/verify.c:944:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/verify.c:969:14: branch_true: following 'true' branch (when 'sig' is non-NULL)...
gpgme-1.24.2/build-qt6/src/../../src/verify.c:969:20: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/verify.c:969:20: call_function: calling 'parse_valid_sig' from '_gpgme_verify_status_handler'
#argument 1 of '__builtin_strchr' must be non-null
#  431|   
#  432|     /* Skip the creation date.  */
#  433|->   end = strchr (end, ' ');
#  434|     if (end)
#  435|       {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def55]
gpgme-1.24.2/build-qt6/src/../../src/verify.c:757:10: warning[-Wanalyzer-malloc-leak]: leak of 'fpr'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:930:1: enter_function: entry to '_gpgme_verify_status_handler'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:941:6: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/verify.c:944:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1019:10: branch_false: following 'false' branch (when 'sig' is non-NULL)...
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1021:13: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1021:13: call_function: calling 'parse_tofu_user' from '_gpgme_verify_status_handler'
#  755|     free (fpr);
#  756|     free (address);
#  757|->   return err;
#  758|   }
#  759|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def56]
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1014:7: warning[-Wanalyzer-malloc-leak]: leak of '*sig.pka_address'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:941:6: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/verify.c:944:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1008:10: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1012:10: branch_false: following 'false' branch (when 'end' is NULL)...
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1014:26: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1014:26: acquire_memory: allocated here
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1014:7: danger: '*sig.pka_address' leaks here; was allocated at [(10)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/9)
# 1012|         if (end)
# 1013|           *end = 0;
# 1014|->       sig->pka_address = strdup (args);
# 1015|         break;
# 1016|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def57]
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1239:3: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1230:1: enter_function: entry to 'gpgme_get_sig_key'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1235:6: branch_false: following 'false' branch (when 'ctx' is non-NULL)...
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1238:12: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1238:12: call_function: calling 'gpgme_op_verify_result' from 'gpgme_get_sig_key'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1238:12: return_function: returning to 'gpgme_get_sig_key' from 'gpgme_op_verify_result'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1239:3: danger: dereference of NULL 'gpgme_op_verify_result(ctx)'
# 1237|   
# 1238|     result = gpgme_op_verify_result (ctx);
# 1239|->   sig = result->signatures;
# 1240|   
# 1241|     while (sig && idx)

Error: GCC_ANALYZER_WARNING (CWE-476): [#def58]
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1265:3: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1258:1: enter_function: entry to 'gpgme_get_sig_status'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1264:12: call_function: calling 'gpgme_op_verify_result' from 'gpgme_get_sig_status'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1264:12: return_function: returning to 'gpgme_get_sig_status' from 'gpgme_op_verify_result'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1265:3: danger: dereference of NULL 'gpgme_op_verify_result(ctx)'
# 1263|   
# 1264|     result = gpgme_op_verify_result (ctx);
# 1265|->   sig = result->signatures;
# 1266|   
# 1267|     while (sig && idx)

Error: GCC_ANALYZER_WARNING (CWE-476): [#def59]
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1328:3: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1319:1: enter_function: entry to 'gpgme_get_sig_ulong_attr'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1327:12: call_function: calling 'gpgme_op_verify_result' from 'gpgme_get_sig_ulong_attr'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1327:12: return_function: returning to 'gpgme_get_sig_ulong_attr' from 'gpgme_op_verify_result'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1328:3: danger: dereference of NULL 'gpgme_op_verify_result(ctx)'
# 1326|   
# 1327|     result = gpgme_op_verify_result (ctx);
# 1328|->   sig = result->signatures;
# 1329|   
# 1330|     while (sig && idx)

Error: GCC_ANALYZER_WARNING (CWE-476): [#def60]
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1392:3: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1385:1: enter_function: entry to 'gpgme_get_sig_string_attr'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1391:12: call_function: calling 'gpgme_op_verify_result' from 'gpgme_get_sig_string_attr'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1391:12: return_function: returning to 'gpgme_get_sig_string_attr' from 'gpgme_op_verify_result'
gpgme-1.24.2/build-qt6/src/../../src/verify.c:1392:3: danger: dereference of NULL 'gpgme_op_verify_result(ctx)'
# 1390|   
# 1391|     result = gpgme_op_verify_result (ctx);
# 1392|->   sig = result->signatures;
# 1393|   
# 1394|     while (sig && idx)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def61]
gpgme-1.24.2/build-qt6/src/../../src/wait.c:142:3: warning[-Wanalyzer-malloc-leak]: leak of 'item'
gpgme-1.24.2/build-qt6/src/../../src/wait.c:99:1: enter_function: entry to '_gpgme_add_io_cb'
gpgme-1.24.2/build-qt6/src/../../src/wait.c:108:3: branch_true: following 'true' branch (when 'fnc' is non-NULL)...
gpgme-1.24.2/build-qt6/src/../../src/wait.c:109:3: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/wait.c:109:3: branch_true: following 'true' branch (when 'data' is non-NULL)...
gpgme-1.24.2/build-qt6/src/../../src/wait.c:111:3: branch_true: ...to here
gpgme-1.24.2/build-qt6/src/../../src/wait.c:115:6: branch_false: following 'false' branch (when 'tag' is non-NULL)...
gpgme-1.24.2/build-qt6/src/../../src/wait.c:117:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/wait.c:120:10: acquire_memory: allocated here
gpgme-1.24.2/build-qt6/src/../../src/wait.c:121:6: branch_false: following 'false' branch (when 'item' is non-NULL)...
gpgme-1.24.2/build-qt6/src/../../src/wait.c:126:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/wait.c:131:9: call_function: calling 'fd_table_put' from '_gpgme_add_io_cb'
gpgme-1.24.2/build-qt6/src/../../src/wait.c:131:9: return_function: returning to '_gpgme_add_io_cb' from 'fd_table_put'
gpgme-1.24.2/build-qt6/src/../../src/wait.c:132:6: branch_false: following 'false' branch...
gpgme-1.24.2/build-qt6/src/../../src/wait.c:139:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/src/../../src/wait.c:142:3: danger: 'item' leaks here; was allocated at [(8)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/7)
#  140|   	  "fd=%d, dir=%d -> tag=%p", fd, dir, tag);
#  141|   
#  142|->   *r_tag = tag;
#  143|     return 0;
#  144|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def62]
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:254:19: warning[-Wanalyzer-malloc-leak]: leak of ‘trust_model’
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:131:6: branch_true: following ‘true’ branch (when ‘argc != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:132:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:134:10: branch_true: following ‘true’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:137:12: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:137:10: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:142:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:142:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:144:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:251:14: branch_false: following ‘false’ branch (when ‘argc != 1’)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:253:25: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:253:25: acquire_memory: allocated here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:134:10: branch_true: following ‘true’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:137:12: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:137:10: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:142:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:142:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:144:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:144:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:149:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:149:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:154:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:154:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:159:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:159:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:164:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:164:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:169:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:169:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:174:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:174:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:179:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:179:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:184:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:184:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:189:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:189:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:194:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:194:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:199:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:199:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:204:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:204:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:209:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:209:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:214:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:214:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:219:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:219:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:224:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:224:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:229:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:229:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:234:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:234:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:242:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:242:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:248:17: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:248:15: branch_true: following ‘true’ branch (when the strings are equal)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:251:14: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:251:14: branch_false: following ‘false’ branch (when ‘argc != 1’)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:253:25: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-keylist.c:254:19: danger: ‘trust_model’ leaks here; was allocated at [(11)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/10)
#  252|               show_usage (1);
#  253|             trust_model = strdup (*argv);
#  254|->           argc--; argv++;
#  255|           }
#  256|         else if (!strncmp (*argv, "--", 2))

Error: GCC_ANALYZER_WARNING (CWE-476): [#def63]
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:288:3: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘ret’
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:558:1: enter_function: entry to ‘do_data_op’
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:565:6: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:571:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:571:3: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:573:10: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:587:11: call_function: calling ‘verify’ from ‘do_data_op’
#  286|     int data_rand;
#  287|   
#  288|->   ret->fd = -1;
#  289|   
#  290|     if (data_type)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def64]
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:290:7: warning[-Wanalyzer-malloc-leak]: leak of ‘random_data_new(fname)’
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:558:1: enter_function: entry to ‘do_data_op’
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:565:6: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:571:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:571:3: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:573:10: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:607:11: call_function: calling ‘import’ from ‘do_data_op’
#  288|     ret->fd = -1;
#  289|   
#  290|->   if (data_type)
#  291|       {
#  292|         data_rand = data_type;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def65]
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:762:7: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘msg_it’
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:665:6: branch_true: following ‘true’ branch (when ‘argc != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:666:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:750:10: branch_true: following ‘true’ branch (when ‘argc != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:752:10: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:752:10: branch_true: following ‘true’ branch (when ‘msgs’ is NULL)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:754:18: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:754:18: acquire_memory: this call could return NULL
gpgme-1.24.2/build-qt6/tests/../../tests/run-threaded.c:762:7: danger: ‘msg_it’ could be NULL: unchecked value from [(7)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/6)
#  760|             msg_it = msg_it->next;
#  761|           }
#  762|->       msg_it->file_name = *argv;
#  763|         argc--; argv++;
#  764|       }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def66]
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:418:24: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(*argv, "rb")’
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:252:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:272:6: branch_true: following ‘true’ branch (when ‘argc != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:273:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:385:6: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:388:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:388:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:390:15: branch_true: following ‘true’ branch (when ‘i < repeats’)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:395:20: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:401:10: branch_false: following ‘false’ branch (when ‘repeats == 1’)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:406:10: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:406:10: branch_true: following ‘true’ branch (when ‘direct_file_io == 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:408:20: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:408:20: acquire_resource: opened here
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:409:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:416:14: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:416:14: branch_true: following ‘true’ branch (when ‘argc == 2’)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:418:24: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:418:24: danger: ‘fopen(*argv, "rb")’ leaks here; was opened at [(17)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/16)
#  416|             if (argc > 1)
#  417|               {
#  418|->               fp_msg = fopen (argv[1], "rb");
#  419|                 if (!fp_msg)
#  420|                   {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def67]
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:418:24: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(*argv, "rb")’
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:252:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:272:6: branch_true: following ‘true’ branch (when ‘argc != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:273:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:385:6: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:388:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:388:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:390:15: branch_true: following ‘true’ branch (when ‘i < repeats’)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:395:20: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:401:10: branch_false: following ‘false’ branch (when ‘repeats == 1’)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:406:10: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:406:10: branch_true: following ‘true’ branch (when ‘direct_file_io == 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:408:20: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:408:20: acquire_memory: allocated here
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:409:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:416:14: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:416:14: branch_true: following ‘true’ branch (when ‘argc == 2’)...
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:418:24: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/run-verify.c:418:24: danger: ‘fopen(*argv, "rb")’ leaks here; was allocated at [(17)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/16)
#  416|             if (argc > 1)
#  417|               {
#  418|->               fp_msg = fopen (argv[1], "rb");
#  419|                 if (!fp_msg)
#  420|                   {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def68]
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:195:14: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-1.txt")’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:195:14: danger: ‘make_filename("t-data-1.txt")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/3)
#  193|   	case TEST_INVALID_ARGUMENT:
#  194|   	  err = gpgme_data_new (NULL);
#  195|-> 	  if (!err)
#  196|   	    {
#  197|   	      fprintf (stderr, "%s:%d: gpgme_data_new on NULL pointer succeeded "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def69]
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:195:14: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-2.txt")’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:195:14: danger: ‘make_filename("t-data-2.txt")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/8)
#  193|   	case TEST_INVALID_ARGUMENT:
#  194|   	  err = gpgme_data_new (NULL);
#  195|-> 	  if (!err)
#  196|   	    {
#  197|   	      fprintf (stderr, "%s:%d: gpgme_data_new on NULL pointer succeeded "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def70]
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:216:14: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-1.txt")’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:216:14: danger: ‘make_filename("t-data-1.txt")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/3)
#  214|   	case TEST_INOUT_MEM_FROM_INEXISTANT_FILE:
#  215|   	  err = gpgme_data_new_from_file (&data, missing_filename, 1);
#  216|-> 	  if (!err)
#  217|   	    {
#  218|   	      fprintf (stderr, "%s:%d: gpgme_data_new_from_file on inexistant "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def71]
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:216:14: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-2.txt")’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:216:14: danger: ‘make_filename("t-data-2.txt")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/8)
#  214|   	case TEST_INOUT_MEM_FROM_INEXISTANT_FILE:
#  215|   	  err = gpgme_data_new_from_file (&data, missing_filename, 1);
#  216|-> 	  if (!err)
#  217|   	    {
#  218|   	      fprintf (stderr, "%s:%d: gpgme_data_new_from_file on inexistant "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def72]
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:237:14: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-1.txt")’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:237:14: danger: ‘make_filename("t-data-1.txt")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/3)
#  235|   	  err = gpgme_data_new_from_filepart (&data, missing_filename, 0,
#  236|   					      strlen (text), strlen (text));
#  237|-> 	  if (!err)
#  238|   	    {
#  239|   	      fprintf (stderr, "%s:%d: gpgme_data_new_from_file on inexistant "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def73]
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:237:14: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-2.txt")’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:237:14: danger: ‘make_filename("t-data-2.txt")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/8)
#  235|   	  err = gpgme_data_new_from_filepart (&data, missing_filename, 0,
#  236|   					      strlen (text), strlen (text));
#  237|-> 	  if (!err)
#  238|   	    {
#  239|   	      fprintf (stderr, "%s:%d: gpgme_data_new_from_file on inexistant "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def74]
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:247:16: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-1.txt")’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:247:16: danger: ‘make_filename("t-data-1.txt")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/3)
#  245|   	  {
#  246|   	    FILE *fp = fopen (longer_text_filename, "rb");
#  247|-> 	    if (! fp)
#  248|   	      {
#  249|   		fprintf (stderr, "%s:%d: fopen: %s\n", __FILE__, __LINE__,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def75]
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:247:16: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-2.txt")’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:247:16: danger: ‘make_filename("t-data-2.txt")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/8)
#  245|   	  {
#  246|   	    FILE *fp = fopen (longer_text_filename, "rb");
#  247|-> 	    if (! fp)
#  248|   	      {
#  249|   		fprintf (stderr, "%s:%d: fopen: %s\n", __FILE__, __LINE__,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def76]
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:264:7: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-1.txt")’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:264:7: danger: ‘make_filename("t-data-1.txt")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/3)
#  262|   	  exit (1);
#  263|   	}
#  264|->       fail_if_err (err);
#  265|   
#  266|         read_test (round, data);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def77]
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:264:7: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-2.txt")’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/../../tests/t-data.c:264:7: danger: ‘make_filename("t-data-2.txt")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/8)
#  262|   	  exit (1);
#  263|   	}
#  264|->       fail_if_err (err);
#  265|   
#  266|         read_test (round, data);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def78]
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-decrypt-verify.c:125:3: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cipher-2.asc")’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-decrypt-verify.c:109:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-decrypt-verify.c:116:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-decrypt-verify.c:116:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-decrypt-verify.c:122:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-decrypt-verify.c:122:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-decrypt-verify.c:125:3: danger: ‘make_filename("cipher-2.asc")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/3)
#  123|   
#  124|     err = gpgme_new (&ctx);
#  125|->   fail_if_err (err);
#  126|   
#  127|     agent_info = getenv("GPG_AGENT_INFO");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def79]
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-decrypt.c:55:3: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cipher-1.asc")’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-decrypt.c:40:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-decrypt.c:46:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-decrypt.c:46:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-decrypt.c:52:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-decrypt.c:52:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-decrypt.c:55:3: danger: ‘make_filename("cipher-1.asc")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/3)
#   53|   
#   54|     err = gpgme_new (&ctx);
#   55|->   fail_if_err (err);
#   56|   
#   57|     agent_info = getenv("GPG_AGENT_INFO");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def80]
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:228:3: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("pubkey-1.asc")’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:212:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:219:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:219:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:220:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:220:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:225:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:225:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:228:3: danger: ‘make_filename("pubkey-1.asc")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/3)
#  226|   
#  227|     err = gpgme_new (&ctx);
#  228|->   fail_if_err (err);
#  229|   
#  230|     err = gpgme_set_ctx_flag (ctx, "key-origin", "wkd,https://openpgpkey.gnupg.org");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def81]
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:228:3: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("seckey-1.asc")’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:212:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:219:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:219:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:220:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:220:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:225:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:225:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:228:3: danger: ‘make_filename("seckey-1.asc")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/8)
#  226|   
#  227|     err = gpgme_new (&ctx);
#  228|->   fail_if_err (err);
#  229|   
#  230|     err = gpgme_set_ctx_flag (ctx, "key-origin", "wkd,https://openpgpkey.gnupg.org");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def82]
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:230:9: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("pubkey-1.asc")’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:212:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:219:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:219:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:220:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:220:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:225:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:225:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:228:3: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:230:9: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:230:9: danger: ‘make_filename("pubkey-1.asc")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/3)
#  228|     fail_if_err (err);
#  229|   
#  230|->   err = gpgme_set_ctx_flag (ctx, "key-origin", "wkd,https://openpgpkey.gnupg.org");
#  231|     fail_if_err (err);
#  232|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def83]
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:230:9: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("seckey-1.asc")’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:212:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:219:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:219:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:220:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:220:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:225:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:225:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:228:3: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:230:9: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-import.c:230:9: danger: ‘make_filename("seckey-1.asc")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/8)
#  228|     fail_if_err (err);
#  229|   
#  230|->   err = gpgme_set_ctx_flag (ctx, "key-origin", "wkd,https://openpgpkey.gnupg.org");
#  231|     fail_if_err (err);
#  232|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def84]
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:112:7: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cipher-1.asc")’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:94:1: enter_function: entry to ‘thread_two’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:97:24: call_function: calling ‘make_filename’ from ‘thread_two’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:97:24: return_function: returning to ‘thread_two’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:102:15: branch_true: following ‘true’ branch (when ‘i != 20’)...
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:109:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:109:7: call_function: calling ‘init_gpgme’ from ‘thread_two’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:109:7: return_function: returning to ‘thread_two’ from ‘init_gpgme’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:112:7: danger: ‘make_filename("cipher-1.asc")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/3)
#  110|   
#  111|         err = gpgme_new (&ctx);
#  112|->       fail_if_err (err);
#  113|   
#  114|         if (!(agent_info && strchr (agent_info, ':')))

Error: GCC_ANALYZER_WARNING (CWE-401): [#def85]
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:115:9: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cipher-1.asc")’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:94:1: enter_function: entry to ‘thread_two’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:97:24: call_function: calling ‘make_filename’ from ‘thread_two’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:97:24: return_function: returning to ‘thread_two’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:102:15: branch_true: following ‘true’ branch (when ‘i != 20’)...
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:109:7: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:109:7: call_function: calling ‘init_gpgme’ from ‘thread_two’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:109:7: return_function: returning to ‘thread_two’ from ‘init_gpgme’
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:112:7: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:114:10: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpg/../../../tests/gpg/t-thread1.c:115:9: danger: ‘make_filename("cipher-1.asc")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/3)
#  113|   
#  114|         if (!(agent_info && strchr (agent_info, ':')))
#  115|-> 	gpgme_set_passphrase_cb (ctx, passphrase_cb, NULL);
#  116|   
#  117|         err = gpgme_data_new_from_file (&in, cipher_1_asc, 1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def86]
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:153:3: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cert_dfn_pca01.der")’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:141:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:147:18: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:147:18: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:148:18: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:148:18: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:150:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:150:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:153:3: danger: ‘make_filename("cert_dfn_pca01.der")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/3)
#  151|   
#  152|     err = gpgme_new (&ctx);
#  153|->   fail_if_err (err);
#  154|   
#  155|     gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def87]
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:153:3: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cert_dfn_pca15.der")’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:141:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:147:18: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:147:18: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:148:18: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:148:18: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:150:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:150:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:153:3: danger: ‘make_filename("cert_dfn_pca15.der")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/8)
#  151|   
#  152|     err = gpgme_new (&ctx);
#  153|->   fail_if_err (err);
#  154|   
#  155|     gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def88]
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:155:3: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cert_dfn_pca15.der")’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:141:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:147:18: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:147:18: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:148:18: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:148:18: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:150:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:150:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:153:3: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:155:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-import.c:155:3: danger: ‘make_filename("cert_dfn_pca15.der")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/8)
#  153|     fail_if_err (err);
#  154|   
#  155|->   gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS);
#  156|   
#  157|     err = gpgme_data_new_from_file (&in, cert_1, 1);

Error: GCC_ANALYZER_WARNING (CWE-465): [#def89]
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:214:10: warning[-Wanalyzer-deref-before-check]: check of ‘*key.subkeys’ for NULL after already dereferencing it
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:84:1: enter_function: entry to ‘main’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:92:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:92:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:95:3: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:96:3: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:99:3: branch_false: following ‘false’ branch...
 branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:101:10: branch_true: following ‘true’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:103:12: branch_true: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:103:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:109:22: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:120:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:125:11: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:125:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:130:11: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:130:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:135:11: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:135:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:140:11: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:140:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:146:11: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:146:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:152:11: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:152:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:157:11: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:157:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:163:11: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:163:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:169:12: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:169:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:174:11: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:174:10: branch_false: following ‘false’ branch (when the strings are equal)...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:180:12: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:180:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:185:11: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:185:10: branch_false: following ‘false’ branch (when the strings are equal)...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:191:11: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:197:11: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:202:10: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:208:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:214:12: branch_false: ...to here
gpgme-1.24.2/build-qt6/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:214:10: danger: pointer ‘*key.subkeys’ is checked for NULL here but it was already dereferenced at [(15)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/14)
#  212|   	  exit (1);
#  213|   	}
#  214|->       if (!key->subkeys || key->subkeys->next)
#  215|   	{
#  216|   	  fprintf (stderr, "Key has unexpected number of subkeys\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def90]
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:199:23: warning[-Wanalyzer-malloc-leak]: leak of ‘opt_date’
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:142:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:155:10: branch_true: following ‘true’ branch...
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:158:10: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:163:17: branch_false: ...to here
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:163:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:174:17: branch_false: ...to here
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:198:26: call_function: calling ‘xstrdup’ from ‘main’
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:198:26: return_function: returning to ‘main’ from ‘xstrdup’
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:155:10: branch_true: following ‘true’ branch...
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:158:10: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:163:17: branch_false: ...to here
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:163:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:174:17: branch_false: ...to here
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:198:26: call_function: calling ‘xstrdup’ from ‘main’
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:198:26: return_function: returning to ‘main’ from ‘xstrdup’
gpgme-1.24.2/build/doc/../../doc/mkdefsinc.c:199:23: danger: ‘opt_date’ leaks here; was allocated at [(12)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/11)
#  197|               {
#  198|                 opt_date = xstrdup (*argv);
#  199|->               argc--; argv++;
#  200|               }
#  201|           }

Error: CPPCHECK_WARNING (CWE-457): [#def91]
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:785: warning[uninitvar]: Uninitialized variable: buff
#  783|       *r = 0;
#  784|     }
#  785|->   return buff;
#  786|   }
#  787|   

Error: CPPCHECK_WARNING (CWE-476): [#def92]
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:1681: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: data
# 1679|       SwigPyClientData *data = (SwigPyClientData *)malloc(sizeof(SwigPyClientData));
# 1680|       /* the klass element */
# 1681|->     data->klass = obj;
# 1682|       SWIG_Py_INCREF(data->klass);
# 1683|       /* the newraw method and newargs arguments used to create a new raw instance */

Error: CPPCHECK_WARNING (CWE-476): [#def93]
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:1682: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: data
# 1680|       /* the klass element */
# 1681|       data->klass = obj;
# 1682|->     SWIG_Py_INCREF(data->klass);
# 1683|       /* the newraw method and newargs arguments used to create a new raw instance */
# 1684|       if (PyClass_Check(obj)) {

Error: COMPILER_WARNING (CWE-457): [#def94]
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:3960:10: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
# 3960 |     *obj = value;
#      |     ~~~~~^~~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_error_t_p_assign’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:49010:17: note: ‘arg2’ was declared here
#49010 |   gpgme_error_t arg2 ;
#      |                 ^~~~
# 3958|   
# 3959|     static void gpgme_error_t_p_assign(gpgme_error_t *obj, gpgme_error_t value) {
# 3960|->     *obj = value;
# 3961|     }
# 3962|   

Error: COMPILER_WARNING (CWE-457): [#def95]
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_data_seek’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:4158:14: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
# 4158 |     result = gpgme_data_seek(arg1,arg2,arg3);
#      |              ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:4119:9: note: ‘arg2’ was declared here
# 4119 |   off_t arg2 ;
#      |         ^~~~
# 4156|     {
# 4157|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
# 4158|->     result = gpgme_data_seek(arg1,arg2,arg3);
# 4159|       SWIG_PYTHON_THREAD_END_ALLOW;
# 4160|     }

Error: COMPILER_WARNING (CWE-457): [#def96]
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_strerror’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:4718:22: warning[-Wmaybe-uninitialized]: ‘arg1’ may be used uninitialized
# 4718 |     result = (char *)gpgme_strerror(arg1);
#      |                      ^~~~~~~~~~~~~~~~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:4699:17: note: ‘arg1’ was declared here
# 4699 |   gpgme_error_t arg1 ;
#      |                 ^~~~
# 4716|     {
# 4717|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
# 4718|->     result = (char *)gpgme_strerror(arg1);
# 4719|       SWIG_PYTHON_THREAD_END_ALLOW;
# 4720|     }

Error: COMPILER_WARNING (CWE-457): [#def97]
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_strerror_r’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:4773:14: warning[-Wmaybe-uninitialized]: ‘arg1’ may be used uninitialized
# 4773 |     result = (int)gpgme_strerror_r(arg1,arg2,arg3);
#      |              ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:4730:15: note: ‘arg1’ was declared here
# 4730 |   gpg_error_t arg1 ;
#      |               ^~~~
# 4771|     {
# 4772|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
# 4773|->     result = (int)gpgme_strerror_r(arg1,arg2,arg3);
# 4774|       SWIG_PYTHON_THREAD_END_ALLOW;
# 4775|     }

Error: COMPILER_WARNING (CWE-457): [#def98]
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_strsource’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:4814:22: warning[-Wmaybe-uninitialized]: ‘arg1’ may be used uninitialized
# 4814 |     result = (char *)gpgme_strsource(arg1);
#      |                      ^~~~~~~~~~~~~~~~~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:4795:17: note: ‘arg1’ was declared here
# 4795 |   gpgme_error_t arg1 ;
#      |                 ^~~~
# 4812|     {
# 4813|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
# 4814|->     result = (char *)gpgme_strsource(arg1);
# 4815|       SWIG_PYTHON_THREAD_END_ALLOW;
# 4816|     }

Error: COMPILER_WARNING (CWE-457): [#def99]
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_err_code_to_errno’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:4875:14: warning[-Wmaybe-uninitialized]: ‘arg1’ may be used uninitialized
# 4875 |     result = (int)gpgme_err_code_to_errno(arg1);
#      |              ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:4856:20: note: ‘arg1’ was declared here
# 4856 |   gpgme_err_code_t arg1 ;
#      |                    ^~~~
# 4873|     {
# 4874|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
# 4875|->     result = (int)gpgme_err_code_to_errno(arg1);
# 4876|       SWIG_PYTHON_THREAD_END_ALLOW;
# 4877|     }

Error: COMPILER_WARNING (CWE-457): [#def100]
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_err_make_from_errno’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:4960:14: warning[-Wmaybe-uninitialized]: ‘arg1’ may be used uninitialized
# 4960 |     result = gpgme_err_make_from_errno(arg1,arg2);
#      |              ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:4934:22: note: ‘arg1’ was declared here
# 4934 |   gpgme_err_source_t arg1 ;
#      |                      ^~~~
# 4958|     {
# 4959|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
# 4960|->     result = gpgme_err_make_from_errno(arg1,arg2);
# 4961|       SWIG_PYTHON_THREAD_END_ALLOW;
# 4962|     }

Error: COMPILER_WARNING (CWE-457): [#def101]
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap__gpgme_key_sig_status_set’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:8764:30: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
# 8764 |     if (arg1) (arg1)->status = arg2;
#      |               ~~~~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:8740:17: note: ‘arg2’ was declared here
# 8740 |   gpgme_error_t arg2 ;
#      |                 ^~~~
# 8762|     {
# 8763|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
# 8764|->     if (arg1) (arg1)->status = arg2;
# 8765|       SWIG_PYTHON_THREAD_END_ALLOW;
# 8766|     }

Error: COMPILER_WARNING (CWE-457): [#def102]
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap__gpgme_invalid_key_reason_set’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:13036:30: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#13036 |     if (arg1) (arg1)->reason = arg2;
#      |               ~~~~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:13012:17: note: ‘arg2’ was declared here
#13012 |   gpgme_error_t arg2 ;
#      |                 ^~~~
#13034|     {
#13035|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#13036|->     if (arg1) (arg1)->reason = arg2;
#13037|       SWIG_PYTHON_THREAD_END_ALLOW;
#13038|     }

Error: COMPILER_WARNING (CWE-457): [#def103]
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_io_event_done_data_err_set’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:14712:27: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#14712 |     if (arg1) (arg1)->err = arg2;
#      |               ~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:14688:17: note: ‘arg2’ was declared here
#14688 |   gpgme_error_t arg2 ;
#      |                 ^~~~
#14710|     {
#14711|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#14712|->     if (arg1) (arg1)->err = arg2;
#14713|       SWIG_PYTHON_THREAD_END_ALLOW;
#14714|     }

Error: COMPILER_WARNING (CWE-457): [#def104]
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_io_event_done_data_op_err_set’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:14779:30: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#14779 |     if (arg1) (arg1)->op_err = arg2;
#      |               ~~~~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:14755:17: note: ‘arg2’ was declared here
#14755 |   gpgme_error_t arg2 ;
#      |                 ^~~~
#14777|     {
#14778|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#14779|->     if (arg1) (arg1)->op_err = arg2;
#14780|       SWIG_PYTHON_THREAD_END_ALLOW;
#14781|     }

Error: CPPCHECK_WARNING (CWE-457): [#def105]
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:16356: error[legacyUninitvar]: Uninitialized variable: arg2
#16354|     {
#16355|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#16356|->     result = gpgme_data_new_from_estream(arg1,arg2);
#16357|       SWIG_PYTHON_THREAD_END_ALLOW;
#16358|     }

Error: COMPILER_WARNING (CWE-457): [#def106]
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_data_new_from_filepart’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:16768:14: warning[-Wmaybe-uninitialized]: ‘arg4’ may be used uninitialized
#16768 |     result = gpgme_data_new_from_filepart(arg1,(char const *)arg2,arg3,arg4,arg5);
#      |              ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:16704:9: note: ‘arg4’ was declared here
#16704 |   off_t arg4 ;
#      |         ^~~~
#16766|     {
#16767|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#16768|->     result = gpgme_data_new_from_filepart(arg1,(char const *)arg2,arg3,arg4,arg5);
#16769|       SWIG_PYTHON_THREAD_END_ALLOW;
#16770|     }

Error: COMPILER_WARNING (CWE-457): [#def107]
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap__gpgme_recipient_status_set’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:21694:30: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#21694 |     if (arg1) (arg1)->status = arg2;
#      |               ~~~~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:21670:17: note: ‘arg2’ was declared here
#21670 |   gpgme_error_t arg2 ;
#      |                 ^~~~
#21692|     {
#21693|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#21694|->     if (arg1) (arg1)->status = arg2;
#21695|       SWIG_PYTHON_THREAD_END_ALLOW;
#21696|     }

Error: COMPILER_WARNING (CWE-457): [#def108]
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap__gpgme_signature_status_set’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:27385:30: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#27385 |     if (arg1) (arg1)->status = arg2;
#      |               ~~~~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:27361:17: note: ‘arg2’ was declared here
#27361 |   gpgme_error_t arg2 ;
#      |                 ^~~~
#27383|     {
#27384|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#27385|->     if (arg1) (arg1)->status = arg2;
#27386|       SWIG_PYTHON_THREAD_END_ALLOW;
#27387|     }

Error: COMPILER_WARNING (CWE-457): [#def109]
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap__gpgme_signature_validity_reason_set’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:28084:39: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#28084 |     if (arg1) (arg1)->validity_reason = arg2;
#      |               ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:28060:17: note: ‘arg2’ was declared here
#28060 |   gpgme_error_t arg2 ;
#      |                 ^~~~
#28082|     {
#28083|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#28084|->     if (arg1) (arg1)->validity_reason = arg2;
#28085|       SWIG_PYTHON_THREAD_END_ALLOW;
#28086|     }

Error: COMPILER_WARNING (CWE-457): [#def110]
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap__gpgme_import_status_result_set’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:31690:30: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#31690 |     if (arg1) (arg1)->result = arg2;
#      |               ~~~~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:31666:17: note: ‘arg2’ was declared here
#31666 |   gpgme_error_t arg2 ;
#      |                 ^~~~
#31688|     {
#31689|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#31690|->     if (arg1) (arg1)->result = arg2;
#31691|       SWIG_PYTHON_THREAD_END_ALLOW;
#31692|     }

Error: COMPILER_WARNING (CWE-457): [#def111]
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_op_receive_keys_start’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:33661:19: warning[-Wmaybe-uninitialized]: ‘size2’ may be used uninitialized
#33661 |     for (i = 0; i < size2; i++)
#      |                 ~~^~~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:33589:10: note: ‘size2’ was declared here
#33589 |   size_t size2 ;
#      |          ^~~~~
#33659|       size_t i;
#33660|       free(vector2);
#33661|->     for (i = 0; i < size2; i++)
#33662|       Py_XDECREF(pyVector2[i]);
#33663|     }

Error: COMPILER_WARNING (CWE-457): [#def112]
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_op_receive_keys’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:33747:19: warning[-Wmaybe-uninitialized]: ‘size2’ may be used uninitialized
#33747 |     for (i = 0; i < size2; i++)
#      |                 ~~^~~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:33675:10: note: ‘size2’ was declared here
#33675 |   size_t size2 ;
#      |          ^~~~~
#33745|       size_t i;
#33746|       free(vector2);
#33747|->     for (i = 0; i < size2; i++)
#33748|       Py_XDECREF(pyVector2[i]);
#33749|     }

Error: COMPILER_WARNING (CWE-457): [#def113]
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_op_export_ext_start’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:34540:19: warning[-Wmaybe-uninitialized]: ‘size2’ may be used uninitialized
#34540 |     for (i = 0; i < size2; i++)
#      |                 ~~^~~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:34335:10: note: ‘size2’ was declared here
#34335 |   size_t size2 ;
#      |          ^~~~~
#34538|       size_t i;
#34539|       free(vector2);
#34540|->     for (i = 0; i < size2; i++)
#34541|       Py_XDECREF(pyVector2[i]);
#34542|     }

Error: COMPILER_WARNING (CWE-457): [#def114]
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_op_export_ext’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:34856:19: warning[-Wmaybe-uninitialized]: ‘size2’ may be used uninitialized
#34856 |     for (i = 0; i < size2; i++)
#      |                 ~~^~~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:34651:10: note: ‘size2’ was declared here
#34651 |   size_t size2 ;
#      |          ^~~~~
#34854|       size_t i;
#34855|       free(vector2);
#34856|->     for (i = 0; i < size2; i++)
#34857|       Py_XDECREF(pyVector2[i]);
#34858|     }

Error: COMPILER_WARNING (CWE-457): [#def115]
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_op_keylist_ext_start’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:40192:19: warning[-Wmaybe-uninitialized]: ‘size2’ may be used uninitialized
#40192 |     for (i = 0; i < size2; i++)
#      |                 ~~^~~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:40106:10: note: ‘size2’ was declared here
#40106 |   size_t size2 ;
#      |          ^~~~~
#40190|       size_t i;
#40191|       free(vector2);
#40192|->     for (i = 0; i < size2; i++)
#40193|       Py_XDECREF(pyVector2[i]);
#40194|     }

Error: COMPILER_WARNING (CWE-457): [#def116]
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_op_spawn_start’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:41761:19: warning[-Wmaybe-uninitialized]: ‘size3’ may be used uninitialized
#41761 |     for (i = 0; i < size3; i++)
#      |                 ~~^~~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:41636:10: note: ‘size3’ was declared here
#41636 |   size_t size3 ;
#      |          ^~~~~
#41759|       size_t i;
#41760|       free(vector3);
#41761|->     for (i = 0; i < size3; i++)
#41762|       Py_XDECREF(pyVector3[i]);
#41763|     }

Error: COMPILER_WARNING (CWE-457): [#def117]
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap_gpgme_op_spawn’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:41906:19: warning[-Wmaybe-uninitialized]: ‘size3’ may be used uninitialized
#41906 |     for (i = 0; i < size3; i++)
#      |                 ~~^~~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:41781:10: note: ‘size3’ was declared here
#41781 |   size_t size3 ;
#      |          ^~~~~
#41904|       size_t i;
#41905|       free(vector3);
#41906|->     for (i = 0; i < size3; i++)
#41907|       Py_XDECREF(pyVector3[i]);
#41908|     }

Error: COMPILER_WARNING (CWE-457): [#def118]
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c: scope_hint: In function ‘_wrap__gpgme_op_assuan_result_err_set’
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:48297:27: warning[-Wmaybe-uninitialized]: ‘arg2’ may be used uninitialized
#48297 |     if (arg1) (arg1)->err = arg2;
#      |               ~~~~~~~~~~~~^~~~~~
gpgme-1.24.2/build/lang/python/python3.13-gpg/gpgme_wrap.c:48273:17: note: ‘arg2’ was declared here
#48273 |   gpgme_error_t arg2 ;
#      |                 ^~~~
#48295|     {
#48296|       SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#48297|->     if (arg1) (arg1)->err = arg2;
#48298|       SWIG_PYTHON_THREAD_END_ALLOW;
#48299|     }

Error: COMPILER_WARNING (CWE-477): [#def119]
gpgme-1.24.2/build/lang/python/python3.13-gpg/helpers.c: scope_hint: In function ‘_gpg_stash_callback_exception’
gpgme-1.24.2/build/lang/python/python3.13-gpg/helpers.c:119:3: warning[-Wdeprecated-declarations]: ‘PyWeakref_GetObject’ is deprecated
#  119 |   self = PyWeakref_GetObject(weak_self);
#      |   ^~~~
/usr/include/python3.13/Python.h:113: included_from: Included from here.
gpgme-1.24.2/build/lang/python/python3.13-gpg/helpers.c:30: included_from: Included from here.
/usr/include/python3.13/weakrefobject.h:30:44: note: declared here
#   30 | Py_DEPRECATED(3.13) PyAPI_FUNC(PyObject *) PyWeakref_GetObject(PyObject *ref);
#      |                                            ^~~~~~~~~~~~~~~~~~~
#  117|     }
#  118|   
#  119|->   self = PyWeakref_GetObject(weak_self);
#  120|     /* self only has a borrowed reference.  */
#  121|     if (self == Py_None) {

Error: COMPILER_WARNING (CWE-477): [#def120]
gpgme-1.24.2/build/lang/python/python3.13-gpg/helpers.c:119:3: warning[-Wdeprecated-declarations]: ‘PyWeakref_GetObject’ is deprecated
#  117|     }
#  118|   
#  119|->   self = PyWeakref_GetObject(weak_self);
#  120|     /* self only has a borrowed reference.  */
#  121|     if (self == Py_None) {

Error: GCC_ANALYZER_WARNING (CWE-465): [#def121]
gpgme-1.24.2/build/src/../../src/data-identify.c:453:18: warning[-Wanalyzer-deref-before-check]: check of 'data' for NULL after already dereferencing it
gpgme-1.24.2/build/src/../../src/data-identify.c:316:6: branch_false: following 'false' branch (when 'datalen > 23')...
gpgme-1.24.2/build/src/../../src/data-identify.c:346:3: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/data-identify.c:441:6: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/data-identify.c:453:8: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/data-identify.c:453:18: danger: pointer 'data' is checked for NULL here but it was already dereferenced at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#  451|   
#  452|     /* Now check whether there are armor lines.  */
#  453|->   for (s = data; s && *s; s = (*s=='\n')?(s+1):((s=strchr (s,'\n'))?(s+1):s))
#  454|       {
#  455|         if (!strncmp (s, "-----BEGIN ", 11))

Error: GCC_ANALYZER_WARNING (CWE-401): [#def122]
gpgme-1.24.2/build/src/../../src/data.c:624:14: warning[-Wanalyzer-malloc-leak]: leak of 'malloc((long unsigned int)*dh.io_buffer_size)'
gpgme-1.24.2/build/src/../../src/data.c:619:6: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/data.c:621:12: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/data.c:621:10: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/data.c:623:32: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/data.c:623:32: acquire_memory: allocated here
gpgme-1.24.2/build/src/../../src/data.c:624:14: danger: 'malloc((long unsigned int)*dh.io_buffer_size)' leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  622|           {
#  623|             dh->inbound_buffer = malloc (dh->io_buffer_size);
#  624|->           if (!dh->inbound_buffer)
#  625|               return TRACE_ERR (gpg_error_from_syserror ());
#  626|           }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def123]
gpgme-1.24.2/build/src/../../src/data.c:684:14: warning[-Wanalyzer-malloc-leak]: leak of 'malloc((long unsigned int)*dh.io_buffer_size)'
gpgme-1.24.2/build/src/../../src/data.c:679:6: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/data.c:681:12: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/data.c:681:10: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/data.c:683:33: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/data.c:683:33: acquire_memory: allocated here
gpgme-1.24.2/build/src/../../src/data.c:684:14: danger: 'malloc((long unsigned int)*dh.io_buffer_size)' leaks here; was allocated at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
#  682|           {
#  683|             dh->outbound_buffer = malloc (dh->io_buffer_size);
#  684|->           if (!dh->outbound_buffer)
#  685|               return TRACE_ERR (gpg_error_from_syserror ());
#  686|             dh->outbound_pending = 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def124]
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1628:12: warning[-Wanalyzer-malloc-leak]: leak of 'cmd'
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1590:1: enter_function: entry to 'gpgsm_export'
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1609:9: acquire_memory: allocated here
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1610:6: branch_false: following 'false' branch (when 'cmd' is non-NULL)...
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1613:3: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1625:9: call_function: calling 'gpgsm_set_fd' from 'gpgsm_export'
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1625:9: return_function: returning to 'gpgsm_export' from 'gpgsm_set_fd'
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1627:6: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1628:12: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1628:12: danger: 'cmd' leaks here; was allocated at [(2)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/1)
# 1626|   		      : map_data_enc (gpgsm->output_cb.data));
# 1627|     if (err)
# 1628|->     return err;
# 1629|     gpgsm_clear_fd (gpgsm, INPUT_FD);
# 1630|     gpgsm_clear_fd (gpgsm, MESSAGE_FD);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def125]
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1735:12: warning[-Wanalyzer-malloc-leak]: leak of 'line'
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1640:1: enter_function: entry to 'gpgsm_export_ext'
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1678:10: acquire_memory: allocated here
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1679:6: branch_false: following 'false' branch (when 'line' is non-NULL)...
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1682:3: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1732:9: call_function: calling 'gpgsm_set_fd' from 'gpgsm_export_ext'
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1732:9: return_function: returning to 'gpgsm_export_ext' from 'gpgsm_set_fd'
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1734:6: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1735:12: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/engine-gpgsm.c:1735:12: danger: 'line' leaks here; was allocated at [(2)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/1)
# 1733|   		      : map_data_enc (gpgsm->output_cb.data));
# 1734|     if (err)
# 1735|->     return err;
# 1736|     gpgsm_clear_fd (gpgsm, INPUT_FD);
# 1737|     gpgsm_clear_fd (gpgsm, MESSAGE_FD);

Error: GCC_ANALYZER_WARNING (CWE-457): [#def126]
gpgme-1.24.2/build/src/../../src/key.c:470:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'key'
gpgme-1.24.2/build/src/../../src/key.c:459:1: enter_function: entry to 'gpgme_key_from_uid'
gpgme-1.24.2/build/src/../../src/key.c:465:9: call_function: calling '_gpgme_key_new' from 'gpgme_key_from_uid'
gpgme-1.24.2/build/src/../../src/key.c:465:9: return_function: returning to 'gpgme_key_from_uid' from '_gpgme_key_new'
gpgme-1.24.2/build/src/../../src/key.c:466:6: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/key.c:470:9: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/key.c:470:9: danger: use of uninitialized value 'key' here
#  468|   
#  469|     /* Note: protocol doesn't matter if only email is provided.  */
#  470|->   err = _gpgme_key_append_name (key, name, 0);
#  471|     if (err)
#  472|       gpgme_key_unref (key);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def127]
gpgme-1.24.2/build/src/../../src/posix-io.c:648:35: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open("/dev/null", 2)'
gpgme-1.24.2/build/src/../../src/posix-io.c:549:6: branch_false: following 'false' branch (when 'pid != -1')...
gpgme-1.24.2/build/src/../../src/posix-io.c:552:6: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:552:6: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build/src/../../src/posix-io.c:555:18: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:555:10: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build/src/../../src/posix-io.c:564:14: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:640:20: acquire_resource: opened here
gpgme-1.24.2/build/src/../../src/posix-io.c:641:18: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:648:35: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:653:18: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:655:23: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:648:35: danger: 'open("/dev/null", 2)' leaks here; was opened at [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6)
#  646|   		}
#  647|   	      /* Make sure that the process has connected stdin.  */
#  648|-> 	      if (! seen_stdin && fd != 0)
#  649|   		{
#  650|   		  if (dup2 (fd, 0) == -1)

Error: GCC_ANALYZER_WARNING (CWE-775): [#def128]
gpgme-1.24.2/build/src/../../src/posix-io.c:650:22: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'dup2(open("/dev/null", 2), 0)'
gpgme-1.24.2/build/src/../../src/posix-io.c:549:6: branch_false: following 'false' branch (when 'pid != -1')...
gpgme-1.24.2/build/src/../../src/posix-io.c:552:6: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:552:6: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build/src/../../src/posix-io.c:555:18: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:555:10: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build/src/../../src/posix-io.c:564:14: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:641:18: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:648:35: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:648:18: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:650:23: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:650:23: acquire_resource: opened here
gpgme-1.24.2/build/src/../../src/posix-io.c:650:22: danger: 'dup2(open("/dev/null", 2), 0)' leaks here; was opened at [(11)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/10)
#  648|   	      if (! seen_stdin && fd != 0)
#  649|   		{
#  650|-> 		  if (dup2 (fd, 0) == -1)
#  651|                       _exit (8);
#  652|   		}

Error: GCC_ANALYZER_WARNING: [#def129]
gpgme-1.24.2/build/src/../../src/posix-io.c:650:23: warning[-Wanalyzer-fd-use-without-check]: 'dup2' on possibly invalid file descriptor '0'
gpgme-1.24.2/build/src/../../src/posix-io.c:549:6: branch_false: following 'false' branch (when 'pid != -1')...
gpgme-1.24.2/build/src/../../src/posix-io.c:552:6: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:552:6: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build/src/../../src/posix-io.c:555:18: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:555:10: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build/src/../../src/posix-io.c:564:14: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:593:24: branch_true: following 'true' branch (when 'max_fds > fd')...
 branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:598:18: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:599:17: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:599:17: release_resource: closed here
gpgme-1.24.2/build/src/../../src/posix-io.c:641:18: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:648:35: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:648:18: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:650:23: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:650:23: danger: '0' could be invalid
#  648|   	      if (! seen_stdin && fd != 0)
#  649|   		{
#  650|-> 		  if (dup2 (fd, 0) == -1)
#  651|                       _exit (8);
#  652|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def130]
gpgme-1.24.2/build/src/../../src/posix-io.c:655:22: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'dup2(open("/dev/null", 2), 1)'
gpgme-1.24.2/build/src/../../src/posix-io.c:549:6: branch_false: following 'false' branch (when 'pid != -1')...
gpgme-1.24.2/build/src/../../src/posix-io.c:552:6: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:552:6: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build/src/../../src/posix-io.c:555:18: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:555:10: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build/src/../../src/posix-io.c:564:14: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:641:18: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:648:35: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:653:18: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:655:23: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:655:23: acquire_resource: opened here
gpgme-1.24.2/build/src/../../src/posix-io.c:655:22: danger: 'dup2(open("/dev/null", 2), 1)' leaks here; was opened at [(11)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/10)
#  653|   	      if (! seen_stdout && fd != 1)
#  654|                   {
#  655|->                   if (dup2 (fd, 1) == -1)
#  656|                       _exit (8);
#  657|                   }

Error: GCC_ANALYZER_WARNING: [#def131]
gpgme-1.24.2/build/src/../../src/posix-io.c:655:23: warning[-Wanalyzer-fd-use-without-check]: 'dup2' on possibly invalid file descriptor '1'
gpgme-1.24.2/build/src/../../src/posix-io.c:549:6: branch_false: following 'false' branch (when 'pid != -1')...
gpgme-1.24.2/build/src/../../src/posix-io.c:552:6: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:552:6: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build/src/../../src/posix-io.c:555:18: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:555:10: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build/src/../../src/posix-io.c:564:14: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:593:24: branch_true: following 'true' branch (when 'max_fds > fd')...
 branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:598:18: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:599:17: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:593:24: branch_true: following 'true' branch (when 'max_fds > fd')...
 branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:598:18: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:599:17: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:599:17: release_resource: closed here
gpgme-1.24.2/build/src/../../src/posix-io.c:603:23: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:638:15: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:638:14: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:640:20: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:641:18: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:648:35: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:653:18: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:655:23: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:655:23: danger: '1' could be invalid
#  653|   	      if (! seen_stdout && fd != 1)
#  654|                   {
#  655|->                   if (dup2 (fd, 1) == -1)
#  656|                       _exit (8);
#  657|                   }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def132]
gpgme-1.24.2/build/src/../../src/posix-io.c:660:22: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'dup2(open("/dev/null", 2), 2)'
gpgme-1.24.2/build/src/../../src/posix-io.c:549:6: branch_false: following 'false' branch (when 'pid != -1')...
gpgme-1.24.2/build/src/../../src/posix-io.c:552:6: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:552:6: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build/src/../../src/posix-io.c:555:18: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:555:10: branch_true: following 'true' branch (when 'pid == 0')...
gpgme-1.24.2/build/src/../../src/posix-io.c:564:14: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:641:18: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:648:35: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:655:22: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:658:19: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:658:18: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/posix-io.c:660:23: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/posix-io.c:660:23: acquire_resource: opened here
gpgme-1.24.2/build/src/../../src/posix-io.c:660:22: danger: 'dup2(open("/dev/null", 2), 2)' leaks here; was opened at [(13)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/12)
#  658|   	      if (! seen_stderr && fd != 2)
#  659|                   {
#  660|->                   if (dup2 (fd, 2) == -1)
#  661|                       _exit (8);
#  662|                   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def133]
gpgme-1.24.2/build/src/../../src/sign.c:207:12: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
gpgme-1.24.2/build/src/../../src/sign.c:310:1: enter_function: entry to '_gpgme_sign_status_handler'
gpgme-1.24.2/build/src/../../src/sign.c:323:6: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/sign.c:326:3: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/sign.c:330:13: call_function: calling 'parse_sig_created' from '_gpgme_sign_status_handler'
#  205|     sig = malloc (sizeof (*sig));
#  206|     if (!sig)
#  207|->     return gpg_error_from_syserror ();
#  208|   
#  209|     sig->next = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def134]
gpgme-1.24.2/build/src/../../src/sign.c:207:12: warning[-Wanalyzer-malloc-leak]: leak of 'sig'
gpgme-1.24.2/build/src/../../src/sign.c:310:1: enter_function: entry to '_gpgme_sign_status_handler'
gpgme-1.24.2/build/src/../../src/sign.c:323:6: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/sign.c:326:3: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/sign.c:330:13: call_function: calling 'parse_sig_created' from '_gpgme_sign_status_handler'
#  205|     sig = malloc (sizeof (*sig));
#  206|     if (!sig)
#  207|->     return gpg_error_from_syserror ();
#  208|   
#  209|     sig->next = NULL;

Error: GCC_ANALYZER_WARNING (CWE-787): [#def135]
gpgme-1.24.2/build/src/../../src/signers.c:85:9: warning[-Wanalyzer-out-of-bounds]: buffer overflow
gpgme-1.24.2/build/src/../../src/signers.c:72:6: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/signers.c:75:7: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/signers.c:75:6: branch_true: following 'true' branch...
gpgme-1.24.2/build/src/../../src/signers.c:78:15: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/signers.c:82:10: branch_false: following 'false' branch (when 'newarr' is non-NULL)...
gpgme-1.24.2/build/src/../../src/signers.c:84:16: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/signers.c:84:35: branch_true: following 'true' branch (when 'j < n')...
gpgme-1.24.2/build/src/../../src/signers.c:85:15: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/signers.c:84:35: branch_true: following 'true' branch (when 'j < n')...
gpgme-1.24.2/build/src/../../src/signers.c:85:15: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/signers.c:84:35: branch_true: following 'true' branch (when 'j < n')...
gpgme-1.24.2/build/src/../../src/signers.c:85:15: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/signers.c:84:35: branch_true: following 'true' branch (when 'j < n')...
gpgme-1.24.2/build/src/../../src/signers.c:85:15: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/signers.c:84:35: branch_true: following 'true' branch (when 'j < n')...
gpgme-1.24.2/build/src/../../src/signers.c:85:15: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/signers.c:84:35: branch_true: following 'true' branch (when 'j < n')...
gpgme-1.24.2/build/src/../../src/signers.c:85:15: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/signers.c:85:9: danger: write of 8 bytes at offset '(long unsigned int)j * 8' exceeds '*newarr'
#   83|   	return TRACE_ERR (gpg_error_from_syserror ());
#   84|         for (j = ctx->signers_size; j < n; j++)
#   85|-> 	newarr[j] = NULL;
#   86|         ctx->signers = newarr;
#   87|         ctx->signers_size = n;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def136]
gpgme-1.24.2/build/src/../../src/verify.c:429:6: warning[-Wanalyzer-malloc-leak]: leak of '*sig.fpr'
gpgme-1.24.2/build/src/../../src/verify.c:930:1: enter_function: entry to '_gpgme_verify_status_handler'
gpgme-1.24.2/build/src/../../src/verify.c:941:6: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/verify.c:944:3: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/verify.c:969:14: branch_true: following 'true' branch (when 'sig' is non-NULL)...
gpgme-1.24.2/build/src/../../src/verify.c:969:20: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/verify.c:969:20: call_function: calling 'parse_valid_sig' from '_gpgme_verify_status_handler'
#  427|       free (sig->fpr);
#  428|     sig->fpr = strdup (args);
#  429|->   if (!sig->fpr)
#  430|       return gpg_error_from_syserror ();
#  431|   

Error: GCC_ANALYZER_WARNING (CWE-688): [#def137]
gpgme-1.24.2/build/src/../../src/verify.c:433:9: warning[-Wanalyzer-null-argument]: use of NULL 'end' where non-null expected
gpgme-1.24.2/build/src/../../src/verify.c:930:1: enter_function: entry to '_gpgme_verify_status_handler'
gpgme-1.24.2/build/src/../../src/verify.c:941:6: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/verify.c:944:3: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/verify.c:969:14: branch_true: following 'true' branch (when 'sig' is non-NULL)...
gpgme-1.24.2/build/src/../../src/verify.c:969:20: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/verify.c:969:20: call_function: calling 'parse_valid_sig' from '_gpgme_verify_status_handler'
#argument 1 of '__builtin_strchr' must be non-null
#  431|   
#  432|     /* Skip the creation date.  */
#  433|->   end = strchr (end, ' ');
#  434|     if (end)
#  435|       {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def138]
gpgme-1.24.2/build/src/../../src/verify.c:757:10: warning[-Wanalyzer-malloc-leak]: leak of 'fpr'
gpgme-1.24.2/build/src/../../src/verify.c:930:1: enter_function: entry to '_gpgme_verify_status_handler'
gpgme-1.24.2/build/src/../../src/verify.c:941:6: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/verify.c:944:3: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/verify.c:1019:10: branch_false: following 'false' branch (when 'sig' is non-NULL)...
gpgme-1.24.2/build/src/../../src/verify.c:1021:13: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/verify.c:1021:13: call_function: calling 'parse_tofu_user' from '_gpgme_verify_status_handler'
#  755|     free (fpr);
#  756|     free (address);
#  757|->   return err;
#  758|   }
#  759|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def139]
gpgme-1.24.2/build/src/../../src/verify.c:1014:7: warning[-Wanalyzer-malloc-leak]: leak of '*sig.pka_address'
gpgme-1.24.2/build/src/../../src/verify.c:941:6: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/verify.c:944:3: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/verify.c:1008:10: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/verify.c:1012:10: branch_false: following 'false' branch (when 'end' is NULL)...
gpgme-1.24.2/build/src/../../src/verify.c:1014:26: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/verify.c:1014:26: acquire_memory: allocated here
gpgme-1.24.2/build/src/../../src/verify.c:1014:7: danger: '*sig.pka_address' leaks here; was allocated at [(10)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/9)
# 1012|         if (end)
# 1013|           *end = 0;
# 1014|->       sig->pka_address = strdup (args);
# 1015|         break;
# 1016|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def140]
gpgme-1.24.2/build/src/../../src/verify.c:1239:3: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
gpgme-1.24.2/build/src/../../src/verify.c:1230:1: enter_function: entry to 'gpgme_get_sig_key'
gpgme-1.24.2/build/src/../../src/verify.c:1235:6: branch_false: following 'false' branch (when 'ctx' is non-NULL)...
gpgme-1.24.2/build/src/../../src/verify.c:1238:12: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/verify.c:1238:12: call_function: calling 'gpgme_op_verify_result' from 'gpgme_get_sig_key'
gpgme-1.24.2/build/src/../../src/verify.c:1238:12: return_function: returning to 'gpgme_get_sig_key' from 'gpgme_op_verify_result'
gpgme-1.24.2/build/src/../../src/verify.c:1239:3: danger: dereference of NULL 'gpgme_op_verify_result(ctx)'
# 1237|   
# 1238|     result = gpgme_op_verify_result (ctx);
# 1239|->   sig = result->signatures;
# 1240|   
# 1241|     while (sig && idx)

Error: GCC_ANALYZER_WARNING (CWE-476): [#def141]
gpgme-1.24.2/build/src/../../src/verify.c:1265:3: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
gpgme-1.24.2/build/src/../../src/verify.c:1258:1: enter_function: entry to 'gpgme_get_sig_status'
gpgme-1.24.2/build/src/../../src/verify.c:1264:12: call_function: calling 'gpgme_op_verify_result' from 'gpgme_get_sig_status'
gpgme-1.24.2/build/src/../../src/verify.c:1264:12: return_function: returning to 'gpgme_get_sig_status' from 'gpgme_op_verify_result'
gpgme-1.24.2/build/src/../../src/verify.c:1265:3: danger: dereference of NULL 'gpgme_op_verify_result(ctx)'
# 1263|   
# 1264|     result = gpgme_op_verify_result (ctx);
# 1265|->   sig = result->signatures;
# 1266|   
# 1267|     while (sig && idx)

Error: GCC_ANALYZER_WARNING (CWE-476): [#def142]
gpgme-1.24.2/build/src/../../src/verify.c:1328:3: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
gpgme-1.24.2/build/src/../../src/verify.c:1319:1: enter_function: entry to 'gpgme_get_sig_ulong_attr'
gpgme-1.24.2/build/src/../../src/verify.c:1327:12: call_function: calling 'gpgme_op_verify_result' from 'gpgme_get_sig_ulong_attr'
gpgme-1.24.2/build/src/../../src/verify.c:1327:12: return_function: returning to 'gpgme_get_sig_ulong_attr' from 'gpgme_op_verify_result'
gpgme-1.24.2/build/src/../../src/verify.c:1328:3: danger: dereference of NULL 'gpgme_op_verify_result(ctx)'
# 1326|   
# 1327|     result = gpgme_op_verify_result (ctx);
# 1328|->   sig = result->signatures;
# 1329|   
# 1330|     while (sig && idx)

Error: GCC_ANALYZER_WARNING (CWE-476): [#def143]
gpgme-1.24.2/build/src/../../src/verify.c:1392:3: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
gpgme-1.24.2/build/src/../../src/verify.c:1385:1: enter_function: entry to 'gpgme_get_sig_string_attr'
gpgme-1.24.2/build/src/../../src/verify.c:1391:12: call_function: calling 'gpgme_op_verify_result' from 'gpgme_get_sig_string_attr'
gpgme-1.24.2/build/src/../../src/verify.c:1391:12: return_function: returning to 'gpgme_get_sig_string_attr' from 'gpgme_op_verify_result'
gpgme-1.24.2/build/src/../../src/verify.c:1392:3: danger: dereference of NULL 'gpgme_op_verify_result(ctx)'
# 1390|   
# 1391|     result = gpgme_op_verify_result (ctx);
# 1392|->   sig = result->signatures;
# 1393|   
# 1394|     while (sig && idx)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def144]
gpgme-1.24.2/build/src/../../src/wait.c:142:3: warning[-Wanalyzer-malloc-leak]: leak of 'item'
gpgme-1.24.2/build/src/../../src/wait.c:99:1: enter_function: entry to '_gpgme_add_io_cb'
gpgme-1.24.2/build/src/../../src/wait.c:108:3: branch_true: following 'true' branch (when 'fnc' is non-NULL)...
gpgme-1.24.2/build/src/../../src/wait.c:109:3: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/wait.c:109:3: branch_true: following 'true' branch (when 'data' is non-NULL)...
gpgme-1.24.2/build/src/../../src/wait.c:111:3: branch_true: ...to here
gpgme-1.24.2/build/src/../../src/wait.c:115:6: branch_false: following 'false' branch (when 'tag' is non-NULL)...
gpgme-1.24.2/build/src/../../src/wait.c:117:3: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/wait.c:120:10: acquire_memory: allocated here
gpgme-1.24.2/build/src/../../src/wait.c:121:6: branch_false: following 'false' branch (when 'item' is non-NULL)...
gpgme-1.24.2/build/src/../../src/wait.c:126:3: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/wait.c:131:9: call_function: calling 'fd_table_put' from '_gpgme_add_io_cb'
gpgme-1.24.2/build/src/../../src/wait.c:131:9: return_function: returning to '_gpgme_add_io_cb' from 'fd_table_put'
gpgme-1.24.2/build/src/../../src/wait.c:132:6: branch_false: following 'false' branch...
gpgme-1.24.2/build/src/../../src/wait.c:139:3: branch_false: ...to here
gpgme-1.24.2/build/src/../../src/wait.c:142:3: danger: 'item' leaks here; was allocated at [(8)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/7)
#  140|   	  "fd=%d, dir=%d -> tag=%p", fd, dir, tag);
#  141|   
#  142|->   *r_tag = tag;
#  143|     return 0;
#  144|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def145]
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:254:19: warning[-Wanalyzer-malloc-leak]: leak of ‘trust_model’
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:131:6: branch_true: following ‘true’ branch (when ‘argc != 0’)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:132:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:134:10: branch_true: following ‘true’ branch...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:137:12: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:137:10: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:142:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:142:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:144:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:251:14: branch_false: following ‘false’ branch (when ‘argc != 1’)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:253:25: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:253:25: acquire_memory: allocated here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:134:10: branch_true: following ‘true’ branch...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:137:12: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:137:10: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:142:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:142:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:144:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:144:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:149:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:149:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:154:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:154:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:159:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:159:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:164:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:164:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:169:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:169:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:174:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:174:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:179:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:179:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:184:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:184:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:189:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:189:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:194:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:194:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:199:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:199:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:204:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:204:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:209:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:209:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:214:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:214:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:219:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:219:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:224:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:224:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:229:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:229:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:234:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:234:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:242:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:242:15: branch_false: following ‘false’ branch (when the strings are non-equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:248:17: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:248:15: branch_true: following ‘true’ branch (when the strings are equal)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:251:14: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:251:14: branch_false: following ‘false’ branch (when ‘argc != 1’)...
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:253:25: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-keylist.c:254:19: danger: ‘trust_model’ leaks here; was allocated at [(11)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/10)
#  252|               show_usage (1);
#  253|             trust_model = strdup (*argv);
#  254|->           argc--; argv++;
#  255|           }
#  256|         else if (!strncmp (*argv, "--", 2))

Error: GCC_ANALYZER_WARNING (CWE-476): [#def146]
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:288:3: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘ret’
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:558:1: enter_function: entry to ‘do_data_op’
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:565:6: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:571:3: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:571:3: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:573:10: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:587:11: call_function: calling ‘verify’ from ‘do_data_op’
#  286|     int data_rand;
#  287|   
#  288|->   ret->fd = -1;
#  289|   
#  290|     if (data_type)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def147]
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:290:7: warning[-Wanalyzer-malloc-leak]: leak of ‘random_data_new(fname)’
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:558:1: enter_function: entry to ‘do_data_op’
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:565:6: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:571:3: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:571:3: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:573:10: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:607:11: call_function: calling ‘import’ from ‘do_data_op’
#  288|     ret->fd = -1;
#  289|   
#  290|->   if (data_type)
#  291|       {
#  292|         data_rand = data_type;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def148]
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:762:7: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘msg_it’
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:665:6: branch_true: following ‘true’ branch (when ‘argc != 0’)...
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:666:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:750:10: branch_true: following ‘true’ branch (when ‘argc != 0’)...
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:752:10: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:752:10: branch_true: following ‘true’ branch (when ‘msgs’ is NULL)...
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:754:18: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:754:18: acquire_memory: this call could return NULL
gpgme-1.24.2/build/tests/../../tests/run-threaded.c:762:7: danger: ‘msg_it’ could be NULL: unchecked value from [(7)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/6)
#  760|             msg_it = msg_it->next;
#  761|           }
#  762|->       msg_it->file_name = *argv;
#  763|         argc--; argv++;
#  764|       }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def149]
gpgme-1.24.2/build/tests/../../tests/run-verify.c:418:24: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(*argv, "rb")’
gpgme-1.24.2/build/tests/../../tests/run-verify.c:252:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/../../tests/run-verify.c:272:6: branch_true: following ‘true’ branch (when ‘argc != 0’)...
gpgme-1.24.2/build/tests/../../tests/run-verify.c:273:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/run-verify.c:385:6: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/run-verify.c:388:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/run-verify.c:388:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build/tests/../../tests/run-verify.c:390:15: branch_true: following ‘true’ branch (when ‘i < repeats’)...
gpgme-1.24.2/build/tests/../../tests/run-verify.c:395:20: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/run-verify.c:401:10: branch_false: following ‘false’ branch (when ‘repeats == 1’)...
gpgme-1.24.2/build/tests/../../tests/run-verify.c:406:10: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-verify.c:406:10: branch_true: following ‘true’ branch (when ‘direct_file_io == 0’)...
gpgme-1.24.2/build/tests/../../tests/run-verify.c:408:20: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/run-verify.c:408:20: acquire_resource: opened here
gpgme-1.24.2/build/tests/../../tests/run-verify.c:409:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/run-verify.c:416:14: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-verify.c:416:14: branch_true: following ‘true’ branch (when ‘argc == 2’)...
gpgme-1.24.2/build/tests/../../tests/run-verify.c:418:24: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/run-verify.c:418:24: danger: ‘fopen(*argv, "rb")’ leaks here; was opened at [(17)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/16)
#  416|             if (argc > 1)
#  417|               {
#  418|->               fp_msg = fopen (argv[1], "rb");
#  419|                 if (!fp_msg)
#  420|                   {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def150]
gpgme-1.24.2/build/tests/../../tests/run-verify.c:418:24: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(*argv, "rb")’
gpgme-1.24.2/build/tests/../../tests/run-verify.c:252:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/../../tests/run-verify.c:272:6: branch_true: following ‘true’ branch (when ‘argc != 0’)...
gpgme-1.24.2/build/tests/../../tests/run-verify.c:273:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/run-verify.c:385:6: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/run-verify.c:388:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/run-verify.c:388:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build/tests/../../tests/run-verify.c:390:15: branch_true: following ‘true’ branch (when ‘i < repeats’)...
gpgme-1.24.2/build/tests/../../tests/run-verify.c:395:20: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/run-verify.c:401:10: branch_false: following ‘false’ branch (when ‘repeats == 1’)...
gpgme-1.24.2/build/tests/../../tests/run-verify.c:406:10: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-verify.c:406:10: branch_true: following ‘true’ branch (when ‘direct_file_io == 0’)...
gpgme-1.24.2/build/tests/../../tests/run-verify.c:408:20: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/run-verify.c:408:20: acquire_memory: allocated here
gpgme-1.24.2/build/tests/../../tests/run-verify.c:409:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/run-verify.c:416:14: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/run-verify.c:416:14: branch_true: following ‘true’ branch (when ‘argc == 2’)...
gpgme-1.24.2/build/tests/../../tests/run-verify.c:418:24: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/run-verify.c:418:24: danger: ‘fopen(*argv, "rb")’ leaks here; was allocated at [(17)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/16)
#  416|             if (argc > 1)
#  417|               {
#  418|->               fp_msg = fopen (argv[1], "rb");
#  419|                 if (!fp_msg)
#  420|                   {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def151]
gpgme-1.24.2/build/tests/../../tests/t-data.c:195:14: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-1.txt")’
gpgme-1.24.2/build/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:195:14: danger: ‘make_filename("t-data-1.txt")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/3)
#  193|   	case TEST_INVALID_ARGUMENT:
#  194|   	  err = gpgme_data_new (NULL);
#  195|-> 	  if (!err)
#  196|   	    {
#  197|   	      fprintf (stderr, "%s:%d: gpgme_data_new on NULL pointer succeeded "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def152]
gpgme-1.24.2/build/tests/../../tests/t-data.c:195:14: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-2.txt")’
gpgme-1.24.2/build/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:195:14: danger: ‘make_filename("t-data-2.txt")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/8)
#  193|   	case TEST_INVALID_ARGUMENT:
#  194|   	  err = gpgme_data_new (NULL);
#  195|-> 	  if (!err)
#  196|   	    {
#  197|   	      fprintf (stderr, "%s:%d: gpgme_data_new on NULL pointer succeeded "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def153]
gpgme-1.24.2/build/tests/../../tests/t-data.c:216:14: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-1.txt")’
gpgme-1.24.2/build/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:216:14: danger: ‘make_filename("t-data-1.txt")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/3)
#  214|   	case TEST_INOUT_MEM_FROM_INEXISTANT_FILE:
#  215|   	  err = gpgme_data_new_from_file (&data, missing_filename, 1);
#  216|-> 	  if (!err)
#  217|   	    {
#  218|   	      fprintf (stderr, "%s:%d: gpgme_data_new_from_file on inexistant "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def154]
gpgme-1.24.2/build/tests/../../tests/t-data.c:216:14: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-2.txt")’
gpgme-1.24.2/build/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:216:14: danger: ‘make_filename("t-data-2.txt")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/8)
#  214|   	case TEST_INOUT_MEM_FROM_INEXISTANT_FILE:
#  215|   	  err = gpgme_data_new_from_file (&data, missing_filename, 1);
#  216|-> 	  if (!err)
#  217|   	    {
#  218|   	      fprintf (stderr, "%s:%d: gpgme_data_new_from_file on inexistant "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def155]
gpgme-1.24.2/build/tests/../../tests/t-data.c:237:14: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-1.txt")’
gpgme-1.24.2/build/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:237:14: danger: ‘make_filename("t-data-1.txt")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/3)
#  235|   	  err = gpgme_data_new_from_filepart (&data, missing_filename, 0,
#  236|   					      strlen (text), strlen (text));
#  237|-> 	  if (!err)
#  238|   	    {
#  239|   	      fprintf (stderr, "%s:%d: gpgme_data_new_from_file on inexistant "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def156]
gpgme-1.24.2/build/tests/../../tests/t-data.c:237:14: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-2.txt")’
gpgme-1.24.2/build/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:237:14: danger: ‘make_filename("t-data-2.txt")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/8)
#  235|   	  err = gpgme_data_new_from_filepart (&data, missing_filename, 0,
#  236|   					      strlen (text), strlen (text));
#  237|-> 	  if (!err)
#  238|   	    {
#  239|   	      fprintf (stderr, "%s:%d: gpgme_data_new_from_file on inexistant "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def157]
gpgme-1.24.2/build/tests/../../tests/t-data.c:247:16: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-1.txt")’
gpgme-1.24.2/build/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:247:16: danger: ‘make_filename("t-data-1.txt")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/3)
#  245|   	  {
#  246|   	    FILE *fp = fopen (longer_text_filename, "rb");
#  247|-> 	    if (! fp)
#  248|   	      {
#  249|   		fprintf (stderr, "%s:%d: fopen: %s\n", __FILE__, __LINE__,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def158]
gpgme-1.24.2/build/tests/../../tests/t-data.c:247:16: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-2.txt")’
gpgme-1.24.2/build/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:247:16: danger: ‘make_filename("t-data-2.txt")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/8)
#  245|   	  {
#  246|   	    FILE *fp = fopen (longer_text_filename, "rb");
#  247|-> 	    if (! fp)
#  248|   	      {
#  249|   		fprintf (stderr, "%s:%d: fopen: %s\n", __FILE__, __LINE__,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def159]
gpgme-1.24.2/build/tests/../../tests/t-data.c:264:7: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-1.txt")’
gpgme-1.24.2/build/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:264:7: danger: ‘make_filename("t-data-1.txt")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/3)
#  262|   	  exit (1);
#  263|   	}
#  264|->       fail_if_err (err);
#  265|   
#  266|         read_test (round, data);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def160]
gpgme-1.24.2/build/tests/../../tests/t-data.c:264:7: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-2.txt")’
gpgme-1.24.2/build/tests/../../tests/t-data.c:178:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:181:25: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/../../tests/t-data.c:182:32: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:195:14: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_false: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:189:10: branch_true: following ‘true’ branch (when ‘round != 0’)...
gpgme-1.24.2/build/tests/../../tests/t-data.c:191:7: branch_true: ...to here
gpgme-1.24.2/build/tests/../../tests/t-data.c:264:7: danger: ‘make_filename("t-data-2.txt")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/8)
#  262|   	  exit (1);
#  263|   	}
#  264|->       fail_if_err (err);
#  265|   
#  266|         read_test (round, data);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def161]
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-decrypt-verify.c:125:3: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cipher-2.asc")’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-decrypt-verify.c:109:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-decrypt-verify.c:116:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-decrypt-verify.c:116:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-decrypt-verify.c:122:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-decrypt-verify.c:122:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-decrypt-verify.c:125:3: danger: ‘make_filename("cipher-2.asc")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/3)
#  123|   
#  124|     err = gpgme_new (&ctx);
#  125|->   fail_if_err (err);
#  126|   
#  127|     agent_info = getenv("GPG_AGENT_INFO");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def162]
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-decrypt.c:55:3: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cipher-1.asc")’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-decrypt.c:40:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-decrypt.c:46:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-decrypt.c:46:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-decrypt.c:52:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-decrypt.c:52:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-decrypt.c:55:3: danger: ‘make_filename("cipher-1.asc")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/3)
#   53|   
#   54|     err = gpgme_new (&ctx);
#   55|->   fail_if_err (err);
#   56|   
#   57|     agent_info = getenv("GPG_AGENT_INFO");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def163]
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:228:3: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("pubkey-1.asc")’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:212:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:219:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:219:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:220:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:220:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:225:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:225:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:228:3: danger: ‘make_filename("pubkey-1.asc")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/3)
#  226|   
#  227|     err = gpgme_new (&ctx);
#  228|->   fail_if_err (err);
#  229|   
#  230|     err = gpgme_set_ctx_flag (ctx, "key-origin", "wkd,https://openpgpkey.gnupg.org");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def164]
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:228:3: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("seckey-1.asc")’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:212:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:219:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:219:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:220:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:220:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:225:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:225:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:228:3: danger: ‘make_filename("seckey-1.asc")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/8)
#  226|   
#  227|     err = gpgme_new (&ctx);
#  228|->   fail_if_err (err);
#  229|   
#  230|     err = gpgme_set_ctx_flag (ctx, "key-origin", "wkd,https://openpgpkey.gnupg.org");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def165]
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:230:9: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("pubkey-1.asc")’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:212:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:219:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:219:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:220:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:220:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:225:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:225:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:228:3: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:230:9: branch_false: ...to here
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:230:9: danger: ‘make_filename("pubkey-1.asc")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/3)
#  228|     fail_if_err (err);
#  229|   
#  230|->   err = gpgme_set_ctx_flag (ctx, "key-origin", "wkd,https://openpgpkey.gnupg.org");
#  231|     fail_if_err (err);
#  232|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def166]
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:230:9: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("seckey-1.asc")’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:212:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:219:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:219:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:220:24: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:220:24: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:225:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:225:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:228:3: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:230:9: branch_false: ...to here
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-import.c:230:9: danger: ‘make_filename("seckey-1.asc")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/8)
#  228|     fail_if_err (err);
#  229|   
#  230|->   err = gpgme_set_ctx_flag (ctx, "key-origin", "wkd,https://openpgpkey.gnupg.org");
#  231|     fail_if_err (err);
#  232|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def167]
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:112:7: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cipher-1.asc")’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:94:1: enter_function: entry to ‘thread_two’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:97:24: call_function: calling ‘make_filename’ from ‘thread_two’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:97:24: return_function: returning to ‘thread_two’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:102:15: branch_true: following ‘true’ branch (when ‘i != 20’)...
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:109:7: branch_true: ...to here
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:109:7: call_function: calling ‘init_gpgme’ from ‘thread_two’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:109:7: return_function: returning to ‘thread_two’ from ‘init_gpgme’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:112:7: danger: ‘make_filename("cipher-1.asc")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/3)
#  110|   
#  111|         err = gpgme_new (&ctx);
#  112|->       fail_if_err (err);
#  113|   
#  114|         if (!(agent_info && strchr (agent_info, ':')))

Error: GCC_ANALYZER_WARNING (CWE-401): [#def168]
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:115:9: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cipher-1.asc")’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:94:1: enter_function: entry to ‘thread_two’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:97:24: call_function: calling ‘make_filename’ from ‘thread_two’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:97:24: return_function: returning to ‘thread_two’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:102:15: branch_true: following ‘true’ branch (when ‘i != 20’)...
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:109:7: branch_true: ...to here
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:109:7: call_function: calling ‘init_gpgme’ from ‘thread_two’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:109:7: return_function: returning to ‘thread_two’ from ‘init_gpgme’
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:112:7: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:114:10: branch_false: ...to here
gpgme-1.24.2/build/tests/gpg/../../../tests/gpg/t-thread1.c:115:9: danger: ‘make_filename("cipher-1.asc")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/3)
#  113|   
#  114|         if (!(agent_info && strchr (agent_info, ':')))
#  115|-> 	gpgme_set_passphrase_cb (ctx, passphrase_cb, NULL);
#  116|   
#  117|         err = gpgme_data_new_from_file (&in, cipher_1_asc, 1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def169]
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:153:3: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cert_dfn_pca01.der")’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:141:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:147:18: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:147:18: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:148:18: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:148:18: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:150:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:150:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:153:3: danger: ‘make_filename("cert_dfn_pca01.der")’ leaks here; was allocated at [(4)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/3)
#  151|   
#  152|     err = gpgme_new (&ctx);
#  153|->   fail_if_err (err);
#  154|   
#  155|     gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def170]
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:153:3: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cert_dfn_pca15.der")’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:141:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:147:18: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:147:18: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:148:18: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:148:18: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:150:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:150:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:153:3: danger: ‘make_filename("cert_dfn_pca15.der")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/8)
#  151|   
#  152|     err = gpgme_new (&ctx);
#  153|->   fail_if_err (err);
#  154|   
#  155|     gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def171]
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:155:3: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cert_dfn_pca15.der")’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:141:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:147:18: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:147:18: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:148:18: call_function: calling ‘make_filename’ from ‘main’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:148:18: return_function: returning to ‘main’ from ‘make_filename’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:150:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:150:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:153:3: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:155:3: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-import.c:155:3: danger: ‘make_filename("cert_dfn_pca15.der")’ leaks here; was allocated at [(9)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/8)
#  153|     fail_if_err (err);
#  154|   
#  155|->   gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS);
#  156|   
#  157|     err = gpgme_data_new_from_file (&in, cert_1, 1);

Error: GCC_ANALYZER_WARNING (CWE-465): [#def172]
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:214:10: warning[-Wanalyzer-deref-before-check]: check of ‘*key.subkeys’ for NULL after already dereferencing it
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:84:1: enter_function: entry to ‘main’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:92:3: call_function: calling ‘init_gpgme’ from ‘main’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:92:3: return_function: returning to ‘main’ from ‘init_gpgme’
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:95:3: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:96:3: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:99:3: branch_false: following ‘false’ branch...
 branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:101:10: branch_true: following ‘true’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:103:12: branch_true: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:103:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:109:22: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:120:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:125:11: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:125:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:130:11: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:130:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:135:11: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:135:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:140:11: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:140:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:146:11: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:146:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:152:11: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:152:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:157:11: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:157:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:163:11: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:163:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:169:12: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:169:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:174:11: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:174:10: branch_false: following ‘false’ branch (when the strings are equal)...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:180:12: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:180:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:185:11: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:185:10: branch_false: following ‘false’ branch (when the strings are equal)...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:191:11: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:197:11: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:202:10: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:208:10: branch_false: following ‘false’ branch...
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:214:12: branch_false: ...to here
gpgme-1.24.2/build/tests/gpgsm/../../../tests/gpgsm/t-keylist.c:214:10: danger: pointer ‘*key.subkeys’ is checked for NULL here but it was already dereferenced at [(15)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/14)
#  212|   	  exit (1);
#  213|   	}
#  214|->       if (!key->subkeys || key->subkeys->next)
#  215|   	{
#  216|   	  fprintf (stderr, "Key has unexpected number of subkeys\n");

Error: CPPCHECK_WARNING (CWE-457): [#def173]
gpgme-1.24.2/doc/mkdefsinc.c:289: warning[uninitvar]: Uninitialized variable: monthoff
#  287|   
#  288|     printf ("@set UPDATED %s\n", opt_date);
#  289|->   printf ("@set UPDATED-MONTH %s\n", opt_date + monthoff);
#  290|     printf ("@set EDITION %s\n", PACKAGE_VERSION);
#  291|     printf ("@set VERSION %s\n", PACKAGE_VERSION);

Error: COMPILER_WARNING (CWE-477): [#def174]
gpgme-1.24.2/lang/qt/src/qgpgmeaddexistingsubkeyjob.cpp: scope_hint: In function 'QGpgME::_detail::ThreadedJobMixin<QGpgME::AddExistingSubkeyJob>::result_type add_subkey(GpgME::Context*, const GpgME::Key&, const GpgME::Subkey&)'
gpgme-1.24.2/lang/qt/src/qgpgmeaddexistingsubkeyjob.cpp:67:58: warning[-Wdeprecated-declarations]: 'static QDateTime QDateTime::fromSecsSinceEpoch(qint64, Qt::TimeSpec, int)' is deprecated: Pass QTimeZone instead of time-spec, offset
#   67 |         const auto expiry = QDateTime::fromSecsSinceEpoch(uint_least32_t(subkey.expirationTime()),
#      |                             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#   68 |                                                           Qt::UTC).toString(u"yyyyMMdd'T'hhmmss").toStdString();
#      |                                                           ~~~~~~~~
/usr/include/qt6/QtCore/QDateTime:1: included_from: Included from here.
gpgme-1.24.2/lang/qt/src/qgpgmeaddexistingsubkeyjob.cpp:42: included_from: Included from here.
/usr/include/qt6/QtCore/qdatetime.h:491:22: note: declared here
#  491 |     static QDateTime fromSecsSinceEpoch(qint64 secs, Qt::TimeSpec spec, int offsetFromUtc = 0);
#      |                      ^~~~~~~~~~~~~~~~~~
#   65|   
#   66|       if (!subkey.neverExpires()) {
#   67|->         const auto expiry = QDateTime::fromSecsSinceEpoch(uint_least32_t(subkey.expirationTime()),
#   68|                                                             Qt::UTC).toString(u"yyyyMMdd'T'hhmmss").toStdString();
#   69|           interactor->setExpiry(expiry);

Error: COMPILER_WARNING (CWE-477): [#def175]
gpgme-1.24.2/lang/qt/src/qgpgmenewcryptoconfig.cpp: scope_hint: In member function 'virtual void QGpgMENewCryptoConfig::sync(bool)'
gpgme-1.24.2/lang/qt/src/qgpgmenewcryptoconfig.cpp:130:77: warning[-Wdeprecated-declarations]: 'constexpr typename std::add_const<_Tp>::type& qAsConst(T&) [with T = QHash<QString, std::shared_ptr<QGpgMENewCryptoConfigComponent> >; typename std::add_const<_Tp>::type = const QHash<QString, std::shared_ptr<QGpgMENewCryptoConfigComponent> >]' is deprecated: Use std::as_const() instead.
#  130 |     for (const std::shared_ptr<QGpgMENewCryptoConfigComponent> &c : qAsConst(m_componentsByName)) {
#      |                                                                     ~~~~~~~~^~~~~~~~~~~~~~~~~~~~
/usr/include/qt6/QtCore/qforeach.h:11: included_from: Included from here.
/usr/include/qt6/QtCore/qglobal.h:55: included_from: Included from here.
/usr/include/qt6/QtCore/qnamespace.h:12: included_from: Included from here.
/usr/include/qt6/QtCore/qbytearray.h:9: included_from: Included from here.
/usr/include/qt6/QtCore/qurl.h:8: included_from: Included from here.
/usr/include/qt6/QtCore/QUrl:1: included_from: Included from here.
gpgme-1.24.2/lang/qt/src/cryptoconfig.h:43: included_from: Included from here.
gpgme-1.24.2/lang/qt/src/qgpgmenewcryptoconfig.h:39: included_from: Included from here.
gpgme-1.24.2/lang/qt/src/qgpgmenewcryptoconfig.cpp:39: included_from: Included from here.
/usr/include/qt6/QtCore/qttypetraits.h:40:45: note: declared here
#   40 | constexpr typename std::add_const<T>::type &qAsConst(T &t) noexcept { return t; }
#      |                                             ^~~~~~~~
#  128|   void QGpgMENewCryptoConfig::sync(bool runtime)
#  129|   {
#  130|->     for (const std::shared_ptr<QGpgMENewCryptoConfigComponent> &c : qAsConst(m_componentsByName)) {
#  131|           c->sync(runtime);
#  132|       }

Error: CPPCHECK_WARNING (CWE-457): [#def176]
gpgme-1.24.2/src/decrypt-verify.c:48: warning[uninitvar]: Uninitialized variable: err2
#   46|         || (code == GPGME_STATUS_EOF && gpg_err_code (err) == GPG_ERR_NO_DATA))
#   47|       err2 = _gpgme_verify_status_handler (priv, code, args);
#   48|->   return err ? err : err2;
#   49|   }
#   50|   

Error: CPPCHECK_WARNING (CWE-562): [#def177]
gpgme-1.24.2/src/gpgme-tool.c:3314: error[autoVariables]: Address of local auto-variable assigned to a function parameter.
# 3312|     server.gt = gt;
# 3313|     gt->write_status = server_write_status;
# 3314|->   gt->write_status_hook = &server;
# 3315|     gt->write_data = server_write_data;
# 3316|     gt->write_data_hook = &server;

Error: CPPCHECK_WARNING (CWE-562): [#def178]
gpgme-1.24.2/src/gpgme-tool.c:3316: error[autoVariables]: Address of local auto-variable assigned to a function parameter.
# 3314|     gt->write_status_hook = &server;
# 3315|     gt->write_data = server_write_data;
# 3316|->   gt->write_data_hook = &server;
# 3317|   
# 3318|     /* We use a pipe based server so that we can work from scripts.

Error: CPPCHECK_WARNING (CWE-476): [#def179]
gpgme-1.24.2/tests/run-threaded.c:288: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: ret
#  286|     int data_rand;
#  287|   
#  288|->   ret->fd = -1;
#  289|   
#  290|     if (data_type)

Error: CPPCHECK_WARNING (CWE-476): [#def180]
gpgme-1.24.2/tests/run-threaded.c:762: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: msg_it
#  760|             msg_it = msg_it->next;
#  761|           }
#  762|->       msg_it->file_name = *argv;
#  763|         argc--; argv++;
#  764|       }

Scan Properties