iniparser-4.2.6-1.fc43

List of Findings

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1]
iniparser-v4.2.6/src/dictionary.c:161:13: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
iniparser-v4.2.6/src/dictionary.c:152:8: branch_true: following ‘true’ branch (when ‘d’ is non-NULL)...
iniparser-v4.2.6/src/dictionary.c:153:9: branch_true: ...to here
iniparser-v4.2.6/src/dictionary.c:155:28: acquire_memory: allocated here
iniparser-v4.2.6/src/dictionary.c:157:13: branch_true: following ‘true’ branch...
iniparser-v4.2.6/src/dictionary.c:158:13: branch_true: ...to here
iniparser-v4.2.6/src/dictionary.c:161:13: danger: ‘<unknown>’ leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#  159|               free((void *) d->val);
#  160|               free((void *) d->hash);
#  161|->             free(d);
#  162|               d = NULL;
#  163|           }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def2]
iniparser-v4.2.6/src/iniparser.c:710:5: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘value’
iniparser-v4.2.6/src/iniparser.c:676:13: enter_function: entry to ‘parse_quoted_value’
iniparser-v4.2.6/src/iniparser.c:685:14: call_function: calling ‘xstrdup’ from ‘parse_quoted_value’
iniparser-v4.2.6/src/iniparser.c:685:14: return_function: returning to ‘parse_quoted_value’ from ‘xstrdup’
iniparser-v4.2.6/src/iniparser.c:687:7: branch_true: following ‘true’ branch...
iniparser-v4.2.6/src/iniparser.c:688:9: branch_true: ...to here
iniparser-v4.2.6/src/iniparser.c:710:5: danger: dereference of NULL ‘value + (sizetype)v’
#  708|       }
#  709|   end_of_value:
#  710|->     value[v] = '\0';
#  711|       free(quoted);
#  712|   }

Scan Properties