sudo-1.9.15-7.p5.fc43

List of Findings

Error: GCC_ANALYZER_WARNING (CWE-775): [#def1]
sudo-1.9.15p5/lib/eventlog/./eventlog.c:303:8: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'dup3(pipein, 0, 0)'
sudo-1.9.15p5/lib/eventlog/./eventlog.c:1393:1: enter_function: entry to 'eventlog_mail'
sudo-1.9.15p5/lib/eventlog/./eventlog.c:1407:8: branch_true: following 'true' branch...
sudo-1.9.15p5/lib/eventlog/./eventlog.c:1410:8: branch_true: ...to here
sudo-1.9.15p5/lib/eventlog/./eventlog.c:1425:11: call_function: calling 'send_mail' from 'eventlog_mail'
#  301|   
#  302|       /* Set stdin to read side of the pipe. */
#  303|->     if (dup3(pipein, STDIN_FILENO, 0) == -1) {
#  304|   	syslog(LOG_ERR, _("unable to dup stdin: %m")); // -V618
#  305|   	sudo_debug_printf(SUDO_DEBUG_ERROR,

Error: GCC_ANALYZER_WARNING (CWE-416): [#def2]
sudo-1.9.15p5/lib/eventlog/./parse_json.c:594:17: warning[-Wanalyzer-use-after-free]: use after 'free' of 'item'
sudo-1.9.15p5/lib/eventlog/./parse_json.c:801:1: enter_function: entry to 'eventlog_json_read'
sudo-1.9.15p5/lib/eventlog/./parse_json.c:816:8: branch_false: following 'false' branch (when 'root' is non-NULL)...
sudo-1.9.15p5/lib/eventlog/./parse_json.c:819:5: branch_false: ...to here
sudo-1.9.15p5/lib/eventlog/./parse_json.c:823:12: branch_true: following 'true' branch...
sudo-1.9.15p5/lib/eventlog/./parse_json.c:824:20: branch_true: ...to here
sudo-1.9.15p5/lib/eventlog/./parse_json.c:850:16: branch_false: following 'false' branch...
sudo-1.9.15p5/lib/eventlog/./parse_json.c:853:13: branch_false: ...to here
sudo-1.9.15p5/lib/eventlog/./parse_json.c:885:20: branch_false: following 'false' branch...
sudo-1.9.15p5/lib/eventlog/./parse_json.c:891:20: branch_false: ...to here
sudo-1.9.15p5/lib/eventlog/./parse_json.c:891:21: branch_false: following 'false' branch...
sudo-1.9.15p5/lib/eventlog/./parse_json.c:896:17: branch_false: ...to here
sudo-1.9.15p5/lib/eventlog/./parse_json.c:898:25: call_function: calling 'json_stack_push' from 'eventlog_json_read'
sudo-1.9.15p5/lib/eventlog/./parse_json.c:898:25: return_function: returning to 'eventlog_json_read' from 'json_stack_push'
sudo-1.9.15p5/lib/eventlog/./parse_json.c:900:20: branch_false: following 'false' branch...
sudo-1.9.15p5/lib/eventlog/./parse_json.c:834:18: branch_false: ...to here
sudo-1.9.15p5/lib/eventlog/./parse_json.c:850:16: branch_false: following 'false' branch...
sudo-1.9.15p5/lib/eventlog/./parse_json.c:853:13: branch_false: ...to here
sudo-1.9.15p5/lib/eventlog/./parse_json.c:905:20: branch_false: following 'false' branch...
sudo-1.9.15p5/lib/eventlog/./parse_json.c:855:20: branch_true: following 'true' branch (when 'name' is NULL)...
sudo-1.9.15p5/lib/eventlog/./parse_json.c:855:37: branch_true: ...to here
sudo-1.9.15p5/lib/eventlog/./parse_json.c:855:21: branch_false: following 'false' branch...
sudo-1.9.15p5/lib/eventlog/./parse_json.c:860:20: branch_false: ...to here
sudo-1.9.15p5/lib/eventlog/./parse_json.c:1064:5: call_function: calling 'eventlog_json_free' from 'eventlog_json_read'
#  592|       while ((item = TAILQ_FIRST(items)) != NULL) {
#  593|   	TAILQ_REMOVE(items, item, entries);
#  594|-> 	switch (item->type) {
#  595|   	case JSON_STRING:
#  596|   	    free(item->u.string);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def3]
sudo-1.9.15p5/logsrvd/./iolog_writer.c:594:5: warning[-Wanalyzer-malloc-leak]: leak of ‘*evlog.iolog_path’
sudo-1.9.15p5/logsrvd/./iolog_writer.c:546:1: enter_function: entry to ‘create_iolog_path’
sudo-1.9.15p5/logsrvd/./iolog_writer.c:557:8: branch_true: following ‘true’ branch...
sudo-1.9.15p5/logsrvd/./iolog_writer.c:564:10: branch_true: ...to here
sudo-1.9.15p5/logsrvd/./iolog_writer.c:564:8: branch_true: following ‘true’ branch...
sudo-1.9.15p5/logsrvd/./iolog_writer.c:571:11: call_function: inlined call to ‘snprintf’ from ‘create_iolog_path’
sudo-1.9.15p5/logsrvd/./iolog_writer.c:573:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/logsrvd/./iolog_writer.c:583:10: branch_false: ...to here
sudo-1.9.15p5/logsrvd/./iolog_writer.c:583:8: branch_true: following ‘true’ branch...
sudo-1.9.15p5/logsrvd/./iolog_writer.c:587:30: branch_true: ...to here
sudo-1.9.15p5/logsrvd/./iolog_writer.c:587:30: acquire_memory: allocated here
sudo-1.9.15p5/logsrvd/./iolog_writer.c:587:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/logsrvd/./iolog_writer.c:591:45: branch_false: ...to here
sudo-1.9.15p5/logsrvd/./iolog_writer.c:594:5: danger: ‘*evlog.iolog_path’ leaks here; was allocated at [(11)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/10)
#  592|   
#  593|       /* We use iolog_dir_fd in calls to openat(2) */
#  594|->     closure->iolog_dir_fd =
#  595|   	iolog_openat(AT_FDCWD, evlog->iolog_path, O_RDONLY);
#  596|       if (closure->iolog_dir_fd == -1) {

Error: GCC_ANALYZER_WARNING (CWE-415): [#def4]
sudo-1.9.15p5/logsrvd/./logsrvd.c:152:13: warning[-Wanalyzer-double-free]: double-‘free’ of ‘*buf.data’
sudo-1.9.15p5/logsrvd/./logsrvd.c:1413:1: enter_function: entry to ‘new_connection’
sudo-1.9.15p5/logsrvd/./logsrvd.c:1419:20: call_function: calling ‘connection_closure_alloc’ from ‘new_connection’
#  150|   	while ((buf = TAILQ_FIRST(&closure->free_bufs)) != NULL) {
#  151|   	    TAILQ_REMOVE(&closure->free_bufs, buf, entries);
#  152|-> 	    free(buf->data);
#  153|   	    free(buf);
#  154|   	}

Error: GCC_ANALYZER_WARNING (CWE-416): [#def5]
sudo-1.9.15p5/logsrvd/./logsrvd.c:152:18: warning[-Wanalyzer-use-after-free]: use after ‘free’ of ‘buf’
sudo-1.9.15p5/logsrvd/./logsrvd.c:1413:1: enter_function: entry to ‘new_connection’
sudo-1.9.15p5/logsrvd/./logsrvd.c:1419:20: call_function: calling ‘connection_closure_alloc’ from ‘new_connection’
#  150|   	while ((buf = TAILQ_FIRST(&closure->free_bufs)) != NULL) {
#  151|   	    TAILQ_REMOVE(&closure->free_bufs, buf, entries);
#  152|-> 	    free(buf->data);
#  153|   	    free(buf);
#  154|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def6]
sudo-1.9.15p5/logsrvd/./logsrvd.c:313:12: warning[-Wanalyzer-malloc-leak]: leak of ‘*buf.data’
sudo-1.9.15p5/logsrvd/./logsrvd.c:1413:1: enter_function: entry to ‘new_connection’
sudo-1.9.15p5/logsrvd/./logsrvd.c:1419:20: call_function: calling ‘connection_closure_alloc’ from ‘new_connection’
sudo-1.9.15p5/logsrvd/./logsrvd.c:1419:20: return_function: returning to ‘new_connection’ from ‘connection_closure_alloc’
sudo-1.9.15p5/logsrvd/./logsrvd.c:1419:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/logsrvd/./logsrvd.c:1423:9: branch_false: ...to here
sudo-1.9.15p5/logsrvd/./logsrvd.c:1441:8: branch_false: following ‘false’ branch (when ‘tls == 0’)...
sudo-1.9.15p5/logsrvd/./logsrvd.c:1479:14: branch_false: ...to here
sudo-1.9.15p5/logsrvd/./logsrvd.c:1483:18: call_function: calling ‘start_protocol’ from ‘new_connection’
#  311|   	}
#  312|   	free(buf->data);
#  313|-> 	if ((buf->data = malloc(new_size)) == NULL)
#  314|   	    goto oom;
#  315|   	buf->size = new_size;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def7]
sudo-1.9.15p5/logsrvd/./logsrvd_local.c:416:12: warning[-Wanalyzer-malloc-leak]: leak of ‘*evlog.signal_name’
sudo-1.9.15p5/logsrvd/./logsrvd_local.c:411:8: branch_true: following ‘true’ branch...
sudo-1.9.15p5/logsrvd/./logsrvd_local.c:415:30: acquire_memory: allocated here
sudo-1.9.15p5/logsrvd/./logsrvd_local.c:416:12: danger: ‘*evlog.signal_name’ leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#  414|   	    msg->dumped_core ? " (core dumped)" : "");
#  415|   	evlog->signal_name = strdup(msg->signal);
#  416|-> 	if (evlog->signal_name == NULL) {
#  417|   	    closure->errstr = _("unable to allocate memory");
#  418|   	    debug_return_bool(false);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def8]
sudo-1.9.15p5/logsrvd/./sendlog.c:264:13: warning[-Wanalyzer-malloc-leak]: leak of ‘*buf.data’
sudo-1.9.15p5/logsrvd/./sendlog.c:1612:1: enter_function: entry to ‘client_closure_alloc’
sudo-1.9.15p5/logsrvd/./sendlog.c:1620:8: branch_false: following ‘false’ branch (when ‘closure’ is non-NULL)...
sudo-1.9.15p5/logsrvd/./sendlog.c:1623:5: branch_false: ...to here
sudo-1.9.15p5/logsrvd/./sendlog.c:1644:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/logsrvd/./sendlog.c:1647:24: branch_false: ...to here
sudo-1.9.15p5/logsrvd/./sendlog.c:1649:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/logsrvd/./sendlog.c:1652:11: branch_false: ...to here
sudo-1.9.15p5/logsrvd/./sendlog.c:1652:11: call_function: calling ‘get_free_buf’ from ‘client_closure_alloc’
#  262|   	free(buf->data);
#  263|   	buf->size = sudo_pow2_roundup(len);
#  264|-> 	if (buf->size < len || (buf->data = malloc(buf->size)) == NULL) {
#  265|   	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  266|   	    free(buf);

Error: GCC_ANALYZER_WARNING (CWE-415): [#def9]
sudo-1.9.15p5/logsrvd/./sendlog.c:1597:13: warning[-Wanalyzer-double-free]: double-‘free’ of ‘*buf.data’
sudo-1.9.15p5/logsrvd/./sendlog.c:1612:1: enter_function: entry to ‘client_closure_alloc’
sudo-1.9.15p5/logsrvd/./sendlog.c:1620:8: branch_false: following ‘false’ branch (when ‘closure’ is non-NULL)...
sudo-1.9.15p5/logsrvd/./sendlog.c:1623:5: branch_false: ...to here
sudo-1.9.15p5/logsrvd/./sendlog.c:1644:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/logsrvd/./sendlog.c:1647:24: branch_false: ...to here
sudo-1.9.15p5/logsrvd/./sendlog.c:1678:5: call_function: calling ‘client_closure_free’ from ‘client_closure_alloc’
# 1595|   	while ((buf = TAILQ_FIRST(&closure->free_bufs)) != NULL) {
# 1596|   	    TAILQ_REMOVE(&closure->free_bufs, buf, entries);
# 1597|-> 	    free(buf->data);
# 1598|   	    free(buf);
# 1599|   	}

Error: GCC_ANALYZER_WARNING (CWE-416): [#def10]
sudo-1.9.15p5/logsrvd/./sendlog.c:1597:18: warning[-Wanalyzer-use-after-free]: use after ‘free’ of ‘buf’
sudo-1.9.15p5/logsrvd/./sendlog.c:1612:1: enter_function: entry to ‘client_closure_alloc’
sudo-1.9.15p5/logsrvd/./sendlog.c:1620:8: branch_false: following ‘false’ branch (when ‘closure’ is non-NULL)...
sudo-1.9.15p5/logsrvd/./sendlog.c:1623:5: branch_false: ...to here
sudo-1.9.15p5/logsrvd/./sendlog.c:1644:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/logsrvd/./sendlog.c:1647:24: branch_false: ...to here
sudo-1.9.15p5/logsrvd/./sendlog.c:1678:5: call_function: calling ‘client_closure_free’ from ‘client_closure_alloc’
# 1595|   	while ((buf = TAILQ_FIRST(&closure->free_bufs)) != NULL) {
# 1596|   	    TAILQ_REMOVE(&closure->free_bufs, buf, entries);
# 1597|-> 	    free(buf->data);
# 1598|   	    free(buf);
# 1599|   	}

Error: GCC_ANALYZER_WARNING (CWE-688): [#def11]
sudo-1.9.15p5/plugins/group_file/./getgrent.c:171:9: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
sudo-1.9.15p5/plugins/group_file/./getgrent.c:160:1: enter_function: entry to 'mygetgrnam'
sudo-1.9.15p5/plugins/group_file/./getgrent.c:164:10: call_function: calling 'open_group' from 'mygetgrnam'
sudo-1.9.15p5/plugins/group_file/./getgrent.c:164:10: return_function: returning to 'mygetgrnam' from 'open_group'
sudo-1.9.15p5/plugins/group_file/./getgrent.c:164:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.15p5/plugins/group_file/./getgrent.c:166:18: call_function: calling 'mygetgrent' from 'mygetgrnam'
sudo-1.9.15p5/plugins/group_file/./getgrent.c:166:18: return_function: returning to 'mygetgrnam' from 'mygetgrent'
sudo-1.9.15p5/plugins/group_file/./getgrent.c:166:12: branch_true: following 'true' branch...
sudo-1.9.15p5/plugins/group_file/./getgrent.c:167:20: branch_true: ...to here
sudo-1.9.15p5/plugins/group_file/./getgrent.c:167:12: branch_false: following 'false' branch (when the strings are non-equal)...
 branch_false: ...to here
sudo-1.9.15p5/plugins/group_file/./getgrent.c:166:18: call_function: calling 'mygetgrent' from 'mygetgrnam'
sudo-1.9.15p5/plugins/group_file/./getgrent.c:166:18: return_function: returning to 'mygetgrnam' from 'mygetgrent'
sudo-1.9.15p5/plugins/group_file/./getgrent.c:166:12: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/group_file/./getgrent.c:170:9: branch_false: ...to here
sudo-1.9.15p5/plugins/group_file/./getgrent.c:170:8: branch_true: following 'true' branch...
sudo-1.9.15p5/plugins/group_file/./getgrent.c:171:9: branch_true: ...to here
sudo-1.9.15p5/plugins/group_file/./getgrent.c:171:9: release_memory: '0' is NULL
sudo-1.9.15p5/plugins/group_file/./getgrent.c:171:9: danger: argument 1 ('grf') NULL where non-null expected
#  169|       }
#  170|       if (!gr_stayopen) {
#  171|-> 	fclose(grf);
#  172|   	grf = NULL;
#  173|       }

Error: GCC_ANALYZER_WARNING (CWE-688): [#def12]
sudo-1.9.15p5/plugins/group_file/./getgrent.c:189:9: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
sudo-1.9.15p5/plugins/group_file/./getgrent.c:178:1: enter_function: entry to 'mygetgrgid'
sudo-1.9.15p5/plugins/group_file/./getgrent.c:182:10: call_function: calling 'open_group' from 'mygetgrgid'
sudo-1.9.15p5/plugins/group_file/./getgrent.c:182:10: return_function: returning to 'mygetgrgid' from 'open_group'
sudo-1.9.15p5/plugins/group_file/./getgrent.c:182:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.15p5/plugins/group_file/./getgrent.c:184:18: call_function: calling 'mygetgrent' from 'mygetgrgid'
sudo-1.9.15p5/plugins/group_file/./getgrent.c:184:18: return_function: returning to 'mygetgrgid' from 'mygetgrent'
sudo-1.9.15p5/plugins/group_file/./getgrent.c:184:12: branch_true: following 'true' branch...
sudo-1.9.15p5/plugins/group_file/./getgrent.c:185:13: branch_true: ...to here
sudo-1.9.15p5/plugins/group_file/./getgrent.c:185:12: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.15p5/plugins/group_file/./getgrent.c:184:18: call_function: calling 'mygetgrent' from 'mygetgrgid'
sudo-1.9.15p5/plugins/group_file/./getgrent.c:184:18: return_function: returning to 'mygetgrgid' from 'mygetgrent'
sudo-1.9.15p5/plugins/group_file/./getgrent.c:184:12: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/group_file/./getgrent.c:188:9: branch_false: ...to here
sudo-1.9.15p5/plugins/group_file/./getgrent.c:188:8: branch_true: following 'true' branch...
sudo-1.9.15p5/plugins/group_file/./getgrent.c:189:9: branch_true: ...to here
sudo-1.9.15p5/plugins/group_file/./getgrent.c:189:9: release_memory: '0' is NULL
sudo-1.9.15p5/plugins/group_file/./getgrent.c:189:9: danger: argument 1 ('grf') NULL where non-null expected
#  187|       }
#  188|       if (!gr_stayopen) {
#  189|-> 	fclose(grf);
#  190|   	grf = NULL;
#  191|       }

Error: GCC_ANALYZER_WARNING (CWE-688): [#def13]
sudo-1.9.15p5/plugins/sample/./sample_plugin.c:162:19: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 'path' where non-null expected
sudo-1.9.15p5/plugins/sample/./sample_plugin.c:160:20: acquire_memory: this call could return NULL
sudo-1.9.15p5/plugins/sample/./sample_plugin.c:162:19: danger: argument 1 ('path') from [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0) could be NULL where non-null expected
#argument 1 of '__builtin_strchr' must be non-null
#  160|       path = path0 = strdup(path ? path : _PATH_DEFPATH);
#  161|       do {
#  162|-> 	if ((cp = strchr(path, ':')))
#  163|   	    *cp = '\0';
#  164|   	snprintf(pathbuf, sizeof(pathbuf), "%s/%s", *path ? path : ".",

Error: CPPCHECK_WARNING (CWE-476): [#def14]
sudo-1.9.15p5/plugins/sample/sample_plugin.c:162: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: path
#  160|       path = path0 = strdup(path ? path : _PATH_DEFPATH);
#  161|       do {
#  162|-> 	if ((cp = strchr(path, ':')))
#  163|   	    *cp = '\0';
#  164|   	snprintf(pathbuf, sizeof(pathbuf), "%s/%s", *path ? path : ".",

Error: CPPCHECK_WARNING (CWE-476): [#def15]
sudo-1.9.15p5/plugins/sample/sample_plugin.c:164: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: path
#  162|   	if ((cp = strchr(path, ':')))
#  163|   	    *cp = '\0';
#  164|-> 	snprintf(pathbuf, sizeof(pathbuf), "%s/%s", *path ? path : ".",
#  165|   	    command);
#  166|   	if (stat(pathbuf, &sb) == 0) {

Error: GCC_ANALYZER_WARNING (CWE-124): [#def16]
sudo-1.9.15p5/plugins/sudoers/./ldap.c:169:9: warning[-Wanalyzer-out-of-bounds]: heap-based buffer underwrite
sudo-1.9.15p5/plugins/sudoers/./ldap.c:1553:1: enter_function: entry to 'sudo_ldap_open'
sudo-1.9.15p5/plugins/sudoers/./ldap.c:1567:8: branch_true: following 'true' branch...
sudo-1.9.15p5/plugins/sudoers/./ldap.c:1571:9: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/./ldap.c:1577:8: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/sudoers/./ldap.c:1582:10: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./ldap.c:1582:8: branch_true: following 'true' branch...
sudo-1.9.15p5/plugins/sudoers/./ldap.c:1583:21: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/./ldap.c:1583:21: call_function: calling 'sudo_ldap_join_uri' from 'sudo_ldap_open'
#  167|   	    *cp++ = ' ';
#  168|   	}
#  169|-> 	cp[-1] = '\0';
#  170|       }
#  171|       debug_return_str(buf);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def17]
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:82:14: warning[-Wanalyzer-null-dereference]: dereference of NULL 'cp'
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:355:1: enter_function: entry to 'sudo_ldap_role_to_priv'
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:401:24: call_function: calling 'sudo_ldap_is_negated' from 'sudo_ldap_role_to_priv'
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:401:24: return_function: returning to 'sudo_ldap_role_to_priv' from 'sudo_ldap_is_negated'
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:421:12: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:424:13: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:455:16: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:455:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:463:16: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:463:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:471:16: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:477:16: branch_true: following 'true' branch...
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:480:20: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:480:20: branch_false: following 'false' branch (when 'store_options == 0')...
 branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:492:24: branch_true: following 'true' branch...
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:496:26: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/./ldap_util.c:496:26: call_function: calling 'sudo_ldap_parse_option' from 'sudo_ldap_role_to_priv'
#   80|       if (cp != NULL && cp > var) {
#   81|   	val = cp + 1;
#   82|-> 	op = cp[-1];	/* peek for += or -= cases */
#   83|   	if (op == '+' || op == '-') {
#   84|   	    /* case var+=val or var-=val */

Error: GCC_ANALYZER_WARNING (CWE-415): [#def18]
sudo-1.9.15p5/plugins/sudoers/./log_client.c:667:9: warning[-Wanalyzer-double-free]: double-'free' of '*buf.data'
sudo-1.9.15p5/plugins/sudoers/./log_client.c:2013:1: enter_function: entry to 'log_server_open'
sudo-1.9.15p5/plugins/sudoers/./log_client.c:2020:15: call_function: calling 'client_closure_alloc' from 'log_server_open'
sudo-1.9.15p5/plugins/sudoers/./log_client.c:2020:15: return_function: returning to 'log_server_open' from 'client_closure_alloc'
sudo-1.9.15p5/plugins/sudoers/./log_client.c:2022:8: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/sudoers/./log_client.c:2026:10: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./log_client.c:2026:10: call_function: calling 'log_server_connect' from 'log_server_open'
sudo-1.9.15p5/plugins/sudoers/./log_client.c:2026:10: return_function: returning to 'log_server_open' from 'log_server_connect'
sudo-1.9.15p5/plugins/sudoers/./log_client.c:2026:8: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/sudoers/./log_client.c:2028:13: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./log_client.c:2028:12: branch_true: following 'true' branch...
sudo-1.9.15p5/plugins/sudoers/./log_client.c:2032:9: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/./log_client.c:2040:5: call_function: calling 'client_closure_free' from 'log_server_open'
#  665|       while ((buf = TAILQ_FIRST(&closure->write_bufs)) != NULL) {
#  666|   	TAILQ_REMOVE(&closure->write_bufs, buf, entries);
#  667|-> 	free(buf->data);
#  668|   	free(buf);
#  669|       }

Error: GCC_ANALYZER_WARNING (CWE-416): [#def19]
sudo-1.9.15p5/plugins/sudoers/./log_client.c:667:14: warning[-Wanalyzer-use-after-free]: use after 'free' of 'buf'
sudo-1.9.15p5/plugins/sudoers/./log_client.c:2013:1: enter_function: entry to 'log_server_open'
sudo-1.9.15p5/plugins/sudoers/./log_client.c:2020:15: call_function: calling 'client_closure_alloc' from 'log_server_open'
sudo-1.9.15p5/plugins/sudoers/./log_client.c:2020:15: return_function: returning to 'log_server_open' from 'client_closure_alloc'
sudo-1.9.15p5/plugins/sudoers/./log_client.c:2022:8: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/sudoers/./log_client.c:2026:10: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./log_client.c:2026:10: call_function: calling 'log_server_connect' from 'log_server_open'
sudo-1.9.15p5/plugins/sudoers/./log_client.c:2026:10: return_function: returning to 'log_server_open' from 'log_server_connect'
sudo-1.9.15p5/plugins/sudoers/./log_client.c:2026:8: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/sudoers/./log_client.c:2028:13: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./log_client.c:2028:12: branch_true: following 'true' branch...
sudo-1.9.15p5/plugins/sudoers/./log_client.c:2032:9: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/./log_client.c:2040:5: call_function: calling 'client_closure_free' from 'log_server_open'
#  665|       while ((buf = TAILQ_FIRST(&closure->write_bufs)) != NULL) {
#  666|   	TAILQ_REMOVE(&closure->write_bufs, buf, entries);
#  667|-> 	free(buf->data);
#  668|   	free(buf);
#  669|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def20]
sudo-1.9.15p5/plugins/sudoers/./sudoreplay.c:1503:8: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(dir)’
sudo-1.9.15p5/plugins/sudoers/./sudoreplay.c:1575:1: enter_function: entry to ‘list_sessions’
sudo-1.9.15p5/plugins/sudoers/./sudoreplay.c:1583:5: call_function: calling ‘parse_expr’ from ‘list_sessions’
sudo-1.9.15p5/plugins/sudoers/./sudoreplay.c:1583:5: return_function: returning to ‘list_sessions’ from ‘parse_expr’
sudo-1.9.15p5/plugins/sudoers/./sudoreplay.c:1586:8: branch_true: following ‘true’ branch (when ‘pattern’ is non-NULL)...
sudo-1.9.15p5/plugins/sudoers/./sudoreplay.c:1588:14: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/./sudoreplay.c:1588:12: branch_true: following ‘true’ branch...
sudo-1.9.15p5/plugins/sudoers/./sudoreplay.c:1594:5: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/./sudoreplay.c:1594:5: call_function: calling ‘find_sessions’ from ‘list_sessions’
# 1501|       /* XXX - would be faster to use openat() and relative names */
# 1502|       sdlen = strlcpy(pathbuf, dir, sizeof(pathbuf));
# 1503|->     if (sdlen + 1 >= sizeof(pathbuf)) {
# 1504|   	errno = ENAMETOOLONG;
# 1505|   	sudo_fatal("%s/", dir);

Error: GCC_ANALYZER_WARNING (CWE-124): [#def21]
sudo-1.9.15p5/plugins/sudoers/./testsudoers.c:310:9: warning[-Wanalyzer-out-of-bounds]: heap-based buffer underwrite
sudo-1.9.15p5/plugins/sudoers/./testsudoers.c:119:8: branch_true: following ‘true’ branch...
sudo-1.9.15p5/plugins/sudoers/./testsudoers.c:121:5: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/./testsudoers.c:127:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/plugins/sudoers/./testsudoers.c:129:10: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./testsudoers.c:129:8: branch_true: following ‘true’ branch...
sudo-1.9.15p5/plugins/sudoers/./testsudoers.c:134:5: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/./testsudoers.c:231:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/plugins/sudoers/./testsudoers.c:263:12: branch_false: following ‘false’ branch...
sudo-1.9.15p5/plugins/sudoers/./testsudoers.c:267:9: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./testsudoers.c:274:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/plugins/sudoers/./testsudoers.c:276:31: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./testsudoers.c:281:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/plugins/sudoers/./testsudoers.c:284:43: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./testsudoers.c:284:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/plugins/sudoers/./testsudoers.c:286:25: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./testsudoers.c:289:8: branch_true: following ‘true’ branch...
sudo-1.9.15p5/plugins/sudoers/./testsudoers.c:293:8: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/./testsudoers.c:293:8: branch_true: following ‘true’ branch (when ‘argc != 0’)...
 branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/./testsudoers.c:301:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./testsudoers.c:303:51: branch_false: following ‘false’ branch (when ‘argc <= i’)...
sudo-1.9.15p5/plugins/sudoers/./testsudoers.c:310:9: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./testsudoers.c:310:9: danger: out-of-bounds write at byte -1 but region starts at byte 0
#  308|   	    *cp++ = ' ';
#  309|   	}
#  310|-> 	*--cp = '\0';
#  311|       }
#  312|   

Error: GCC_ANALYZER_WARNING (CWE-688): [#def22]
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:321:9: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:310:1: enter_function: entry to ‘testsudoers_getgrnam’
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:314:10: call_function: calling ‘open_group’ from ‘testsudoers_getgrnam’
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:314:10: return_function: returning to ‘testsudoers_getgrnam’ from ‘open_group’
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:314:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:316:18: call_function: calling ‘testsudoers_getgrent’ from ‘testsudoers_getgrnam’
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:316:18: return_function: returning to ‘testsudoers_getgrnam’ from ‘testsudoers_getgrent’
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:316:12: branch_true: following ‘true’ branch...
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:317:20: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:317:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
 branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:316:18: call_function: calling ‘testsudoers_getgrent’ from ‘testsudoers_getgrnam’
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:316:18: return_function: returning to ‘testsudoers_getgrnam’ from ‘testsudoers_getgrent’
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:316:12: branch_false: following ‘false’ branch...
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:320:9: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:320:8: branch_true: following ‘true’ branch...
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:321:9: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:321:9: release_memory: ‘0’ is NULL
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:321:9: danger: argument 1 (‘grf’) NULL where non-null expected
#  319|       }
#  320|       if (!gr_stayopen) {
#  321|-> 	fclose(grf);
#  322|   	grf = NULL;
#  323|       }

Error: GCC_ANALYZER_WARNING (CWE-688): [#def23]
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:339:9: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:328:1: enter_function: entry to ‘testsudoers_getgrgid’
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:332:10: call_function: calling ‘open_group’ from ‘testsudoers_getgrgid’
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:332:10: return_function: returning to ‘testsudoers_getgrgid’ from ‘open_group’
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:332:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:334:18: call_function: calling ‘testsudoers_getgrent’ from ‘testsudoers_getgrgid’
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:334:18: return_function: returning to ‘testsudoers_getgrgid’ from ‘testsudoers_getgrent’
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:334:12: branch_true: following ‘true’ branch...
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:335:13: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:335:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:334:18: call_function: calling ‘testsudoers_getgrent’ from ‘testsudoers_getgrgid’
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:334:18: return_function: returning to ‘testsudoers_getgrgid’ from ‘testsudoers_getgrent’
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:334:12: branch_false: following ‘false’ branch...
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:338:9: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:338:8: branch_true: following ‘true’ branch...
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:339:9: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:339:9: release_memory: ‘0’ is NULL
sudo-1.9.15p5/plugins/sudoers/./tsgetgrpw.c:339:9: danger: argument 1 (‘grf’) NULL where non-null expected
#  337|       }
#  338|       if (!gr_stayopen) {
#  339|-> 	fclose(grf);
#  340|   	grf = NULL;
#  341|       }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def24]
sudo-1.9.15p5/plugins/sudoers/./visudo.c:665:12: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(*sp.tpath, "r+")’
sudo-1.9.15p5/plugins/sudoers/./visudo.c:657:12: branch_true: following ‘true’ branch (when ‘sp’ is non-NULL)...
sudo-1.9.15p5/plugins/sudoers/./visudo.c:658:16: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/./visudo.c:659:14: acquire_resource: opened here
sudo-1.9.15p5/plugins/sudoers/./visudo.c:660:12: branch_false: following ‘false’ branch...
sudo-1.9.15p5/plugins/sudoers/./visudo.c:665:14: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./visudo.c:665:12: danger: ‘fopen(*sp.tpath, "r+")’ leaks here; was opened at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#  663|   
#  664|   	/* Clean slate for each parse */
#  665|-> 	if (!init_defaults())
#  666|   	    sudo_fatalx("%s", U_("unable to initialize sudoers default values"));
#  667|   	init_parser(ctx, sp->opath);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def25]
sudo-1.9.15p5/plugins/sudoers/./visudo.c:665:12: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(*sp.tpath, "r+")’
sudo-1.9.15p5/plugins/sudoers/./visudo.c:657:12: branch_true: following ‘true’ branch (when ‘sp’ is non-NULL)...
sudo-1.9.15p5/plugins/sudoers/./visudo.c:658:16: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/./visudo.c:659:14: acquire_memory: allocated here
sudo-1.9.15p5/plugins/sudoers/./visudo.c:660:12: branch_false: following ‘false’ branch...
sudo-1.9.15p5/plugins/sudoers/./visudo.c:665:14: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/./visudo.c:665:12: danger: ‘fopen(*sp.tpath, "r+")’ leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#  663|   
#  664|   	/* Clean slate for each parse */
#  665|-> 	if (!init_defaults())
#  666|   	    sudo_fatalx("%s", U_("unable to initialize sudoers default values"));
#  667|   	init_parser(ctx, sp->opath);

Error: GCC_ANALYZER_WARNING (CWE-457): [#def26]
sudo-1.9.15p5/plugins/sudoers/getdate.c:1151:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyss’
sudo-1.9.15p5/plugins/sudoers/getdate.c:1109:6: branch_true: following ‘true’ branch...
sudo-1.9.15p5/plugins/sudoers/getdate.c:1115:28: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/getdate.c:1138:10: branch_false: following ‘false’ branch (when ‘yystacksize <= 9999’)...
sudo-1.9.15p5/plugins/sudoers/getdate.c:1140:7: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/getdate.c:1149:12: branch_false: following ‘false’ branch (when ‘yyptr’ is non-NULL)...
sudo-1.9.15p5/plugins/sudoers/getdate.c:1151:9: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/getdate.c:1151:9: danger: use of uninitialized value ‘yyss’ here
# 1149|   
# 1150|         {
# 1151|->         yy_state_t *yyss1 = yyss;
# 1152|           union yyalloc *yyptr =
# 1153|             YY_CAST (union yyalloc *,

Error: GCC_ANALYZER_WARNING (CWE-457): [#def27]
sudo-1.9.15p5/plugins/sudoers/getdate.c:1278:3: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*<unknown>’
sudo-1.9.15p5/plugins/sudoers/getdate.c:1109:6: branch_false: following ‘false’ branch...
sudo-1.9.15p5/plugins/sudoers/getdate.c:1173:6: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/getdate.c:1173:6: branch_false: following ‘false’ branch (when ‘yystate != 2’)...
sudo-1.9.15p5/plugins/sudoers/getdate.c:1176:3: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/getdate.c:1188:6: branch_true: following ‘true’ branch (when ‘yyn == -12’)...
sudo-1.9.15p5/plugins/sudoers/getdate.c:1189:5: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/getdate.c:1258:6: branch_false: following ‘false’ branch (when ‘yyn != 0’)...
sudo-1.9.15p5/plugins/sudoers/getdate.c:1260:3: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/getdate.c:1278:3: danger: use of uninitialized value ‘*<unknown>’ here
# 1276|     /* If YYLEN is nonzero, implement the default value of the action:
# 1277|        '$$ = $1'.
# 1278|-> 
# 1279|        Otherwise, the following line sets YYVAL to garbage.
# 1280|        This behavior is undocumented and Bison

Error: CPPCHECK_WARNING (CWE-457): [#def28]
sudo-1.9.15p5/plugins/sudoers/match.c:320: error[uninitvar]: Uninitialized variable: &m_user.entries
#  318|   	m_user.type = WORD;
#  319|   	m_user.negated = false;
#  320|-> 	TAILQ_INSERT_HEAD(&_user_list, &m_user, entries);
#  321|   	user_list = &_user_list;
#  322|   	matching_user = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def29]
sudo-1.9.15p5/plugins/sudoers/toke.c:4918:5: warning[-Wanalyzer-malloc-leak]: leak of '*b.yy_ch_buf'
sudo-1.9.15p5/plugins/sudoers/toke.c:4851:12: enter_function: entry to 'yy_get_next_buffer'
sudo-1.9.15p5/plugins/sudoers/toke.c:4858:5: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/sudoers/toke.c:4862:14: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.c:4862:12: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/sudoers/toke.c:4884:47: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.c:4889:12: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/sudoers/toke.c:4898:18: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.c:4900:11: branch_true: following 'true' branch (when 'num_to_read <= 0')...
sudo-1.9.15p5/plugins/sudoers/toke.c:4904:41: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.c:4920:41: call_function: inlined call to 'sudoersrealloc' from 'yy_get_next_buffer'
sudo-1.9.15p5/plugins/sudoers/toke.c:4927:56: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/sudoers/toke.c:4931:47: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.c:4900:11: branch_true: following 'true' branch (when 'num_to_read <= 0')...
sudo-1.9.15p5/plugins/sudoers/toke.c:4904:41: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.c:4909:28: branch_true: following 'true' branch...
sudo-1.9.15p5/plugins/sudoers/toke.c:4911:20: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.c:4920:41: call_function: inlined call to 'sudoersrealloc' from 'yy_get_next_buffer'
sudo-1.9.15p5/plugins/sudoers/toke.c:4918:5: danger: '*b.yy_ch_buf' leaks here; was allocated at [(11)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/10)
# 4916|   				{
# 4917|   				int new_size = b->yy_buf_size * 2;
# 4918|-> 
# 4919|   				if ( new_size <= 0 )
# 4920|   					b->yy_buf_size += b->yy_buf_size / 8;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def30]
sudo-1.9.15p5/plugins/sudoers/toke.c:5156:12: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.15p5/plugins/sudoers/toke.l:1447:1: enter_function: entry to 'pop_include'
sudo-1.9.15p5/plugins/sudoers/toke.l:1453:8: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/sudoers/toke.l:1456:8: branch_true: following 'true' branch...
sudo-1.9.15p5/plugins/sudoers/toke.l:1458:27: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:1458:5: branch_true: following 'true' branch...
sudo-1.9.15p5/plugins/sudoers/toke.l:1458:27: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:1458:5: call_function: calling 'sudoers_delete_buffer' from 'pop_include'
sudo-1.9.15p5/plugins/sudoers/toke.l:1458:5: return_function: returning to 'pop_include' from 'sudoers_delete_buffer'
sudo-1.9.15p5/plugins/sudoers/toke.l:1460:12: branch_true: following 'true' branch (when 'pl' is non-NULL)...
sudo-1.9.15p5/plugins/sudoers/toke.l:1461:9: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:1463:12: branch_true: following 'true' branch...
sudo-1.9.15p5/plugins/sudoers/toke.l:1464:31: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:1472:13: call_function: calling 'sudoers_create_buffer' from 'pop_include'
sudo-1.9.15p5/plugins/sudoers/toke.l:1472:13: return_function: returning to 'pop_include' from 'sudoers_create_buffer'
sudo-1.9.15p5/plugins/sudoers/toke.l:1472:13: call_function: calling 'sudoers_switch_to_buffer' from 'pop_include'
# 5154|   {
# 5155|       
# 5156|-> 	/* TODO. We should be able to replace this entire function body
# 5157|   	 * with
# 5158|   	 *		yypop_buffer_state();

Error: GCC_ANALYZER_WARNING (CWE-476): [#def31]
sudo-1.9.15p5/plugins/sudoers/toke.c:5167:16: warning[-Wanalyzer-null-dereference]: dereference of NULL 'yy_buffer_stack'
sudo-1.9.15p5/plugins/sudoers/toke.l:1292:1: enter_function: entry to 'push_include_int'
sudo-1.9.15p5/plugins/sudoers/toke.l:1300:17: call_function: calling 'expand_include' from 'push_include_int'
sudo-1.9.15p5/plugins/sudoers/toke.l:1300:17: return_function: returning to 'push_include_int' from 'expand_include'
sudo-1.9.15p5/plugins/sudoers/toke.l:1300:8: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/sudoers/toke.l:1304:9: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:1400:12: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/sudoers/toke.l:1411:11: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:1414:25: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/sudoers/toke.l:1414:5: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:1421:5: call_function: calling 'sudoers_create_buffer' from 'push_include_int'
sudo-1.9.15p5/plugins/sudoers/toke.l:1421:5: return_function: returning to 'push_include_int' from 'sudoers_create_buffer'
sudo-1.9.15p5/plugins/sudoers/toke.l:1421:5: call_function: calling 'sudoers_switch_to_buffer' from 'push_include_int'
# 5165|   	if ( YY_CURRENT_BUFFER )
# 5166|   		{
# 5167|-> 		/* Flush out information for old buffer. */
# 5168|   		*(yy_c_buf_p) = (yy_hold_char);
# 5169|   		YY_CURRENT_BUFFER_LVALUE->yy_buf_pos = (yy_c_buf_p);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def32]
sudo-1.9.15p5/plugins/sudoers/toke.c:5206:12: warning[-Wanalyzer-malloc-leak]: leak of 'malloc(64)'
sudo-1.9.15p5/plugins/sudoers/toke.c:5192:21: enter_function: entry to 'sudoers_create_buffer'
sudo-1.9.15p5/plugins/sudoers/toke.c:5196:24: call_function: inlined call to 'sudoersalloc' from 'sudoers_create_buffer'
sudo-1.9.15p5/plugins/sudoers/toke.c:5197:5: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/sudoers/toke.c:5200:9: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.c:5206:12: danger: 'malloc(64)' leaks here; was allocated at [(3)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/2)
# 5204|   		YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" );
# 5205|   
# 5206|-> 	b->yy_buf_size = size;
# 5207|   
# 5208|   	/* yy_ch_buf has to be 2 characters longer than the size given because

Error: CPPCHECK_WARNING (CWE-476): [#def33]
sudo-1.9.15p5/plugins/sudoers/toke.c:5246: warning[nullPointer]: Possible null pointer dereference: b
# 5244|    */
# 5245|       static void yy_init_buffer  (YY_BUFFER_STATE  b, FILE * file )
# 5246|-> 
# 5247|   {
# 5248|   	int oerrno = errno;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def34]
sudo-1.9.15p5/plugins/sudoers/toke.c:5246:2: warning[-Wanalyzer-null-dereference]: dereference of NULL 'b'
sudo-1.9.15p5/plugins/sudoers/toke.c:5130:10: enter_function: entry to 'sudoersrestart'
sudo-1.9.15p5/plugins/sudoers/toke.c:5134:9: call_function: calling 'sudoersensure_buffer_stack' from 'sudoersrestart'
sudo-1.9.15p5/plugins/sudoers/toke.c:5134:9: return_function: returning to 'sudoersrestart' from 'sudoersensure_buffer_stack'
sudo-1.9.15p5/plugins/sudoers/toke.c:5136:13: call_function: calling 'sudoers_create_buffer' from 'sudoersrestart'
sudo-1.9.15p5/plugins/sudoers/toke.c:5136:13: return_function: returning to 'sudoersrestart' from 'sudoers_create_buffer'
sudo-1.9.15p5/plugins/sudoers/toke.c:5139:9: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/sudoers/toke.c:5139:9: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.c:5139:9: call_function: calling 'sudoers_init_buffer' from 'sudoersrestart'
# 5244|    */
# 5245|       static void yy_init_buffer  (YY_BUFFER_STATE  b, FILE * file )
# 5246|-> 
# 5247|   {
# 5248|   	int oerrno = errno;

Error: CPPCHECK_WARNING (CWE-476): [#def35]
sudo-1.9.15p5/plugins/sudoers/toke.c:5247: warning[nullPointer]: Possible null pointer dereference: b
# 5245|       static void yy_init_buffer  (YY_BUFFER_STATE  b, FILE * file )
# 5246|   
# 5247|-> {
# 5248|   	int oerrno = errno;
# 5249|       

Error: GCC_ANALYZER_WARNING (CWE-401): [#def36]
sudo-1.9.15p5/plugins/sudoers/toke.c:5286:12: warning[-Wanalyzer-malloc-leak]: leak of 'sudoers_create_buffer(open_sudoers(*pl.path, 0, 0, & keepopen), 16384)'
sudo-1.9.15p5/plugins/sudoers/toke.l:1447:1: enter_function: entry to 'pop_include'
sudo-1.9.15p5/plugins/sudoers/toke.l:1453:8: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/sudoers/toke.l:1456:8: branch_true: following 'true' branch...
sudo-1.9.15p5/plugins/sudoers/toke.l:1458:27: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:1458:5: branch_true: following 'true' branch...
sudo-1.9.15p5/plugins/sudoers/toke.l:1458:27: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:1458:5: call_function: calling 'sudoers_delete_buffer' from 'pop_include'
sudo-1.9.15p5/plugins/sudoers/toke.l:1458:5: return_function: returning to 'pop_include' from 'sudoers_delete_buffer'
sudo-1.9.15p5/plugins/sudoers/toke.l:1460:12: branch_true: following 'true' branch (when 'pl' is non-NULL)...
sudo-1.9.15p5/plugins/sudoers/toke.l:1461:9: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:1463:12: branch_true: following 'true' branch...
sudo-1.9.15p5/plugins/sudoers/toke.l:1464:31: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:1472:13: call_function: calling 'sudoers_create_buffer' from 'pop_include'
sudo-1.9.15p5/plugins/sudoers/toke.l:1472:13: return_function: returning to 'pop_include' from 'sudoers_create_buffer'
sudo-1.9.15p5/plugins/sudoers/toke.l:1472:13: call_function: calling 'sudoers_switch_to_buffer' from 'pop_include'
# 5284|   	b->yy_ch_buf[0] = YY_END_OF_BUFFER_CHAR;
# 5285|   	b->yy_ch_buf[1] = YY_END_OF_BUFFER_CHAR;
# 5286|-> 
# 5287|   	b->yy_buf_pos = &b->yy_ch_buf[0];
# 5288|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def37]
sudo-1.9.15p5/plugins/sudoers/toke.c:5349:6: warning[-Wanalyzer-malloc-leak]: leak of 'sudoers_create_buffer(fp, 16384)'
sudo-1.9.15p5/plugins/sudoers/toke.l:1292:1: enter_function: entry to 'push_include_int'
sudo-1.9.15p5/plugins/sudoers/toke.l:1300:17: call_function: calling 'expand_include' from 'push_include_int'
sudo-1.9.15p5/plugins/sudoers/toke.l:1300:17: return_function: returning to 'push_include_int' from 'expand_include'
sudo-1.9.15p5/plugins/sudoers/toke.l:1300:8: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/sudoers/toke.l:1304:9: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:1400:12: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/sudoers/toke.l:1411:11: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:1414:25: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/sudoers/toke.l:1414:5: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:1421:5: call_function: calling 'sudoers_create_buffer' from 'push_include_int'
sudo-1.9.15p5/plugins/sudoers/toke.l:1421:5: return_function: returning to 'push_include_int' from 'sudoers_create_buffer'
sudo-1.9.15p5/plugins/sudoers/toke.l:1421:5: call_function: calling 'sudoers_switch_to_buffer' from 'push_include_int'
# 5347|   
# 5348|   /* Allocates the stack if it does not exist.
# 5349|->  *  Guarantees space for at least one push.
# 5350|    */
# 5351|   static void yyensure_buffer_stack (void)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def38]
sudo-1.9.15p5/plugins/sudoers/toke.c:5460:32: warning[-Wanalyzer-malloc-leak]: leak of 'malloc(n)'
sudo-1.9.15p5/plugins/sudoers/toke.c:5444:17: enter_function: entry to 'sudoers_scan_bytes'
sudo-1.9.15p5/plugins/sudoers/toke.c:5453:24: call_function: inlined call to 'sudoersalloc' from 'sudoers_scan_bytes'
sudo-1.9.15p5/plugins/sudoers/toke.c:5454:12: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.c:5462:6: call_function: calling 'sudoers_scan_buffer' from 'sudoers_scan_bytes'
# 5458|   	n = (yy_size_t) (_yybytes_len + 2);
# 5459|   	buf = (char *) yyalloc( n  );
# 5460|-> 	if ( ! buf )
# 5461|   		YY_FATAL_ERROR( "out of dynamic memory in yy_scan_bytes()" );
# 5462|   

Error: GCC_ANALYZER_WARNING (CWE-416): [#def39]
sudo-1.9.15p5/plugins/sudoers/toke.l:1037:27: warning[-Wanalyzer-use-after-free]: use after 'reallocarray' of 'paths'
sudo-1.9.15p5/plugins/sudoers/toke.l:958:8: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/sudoers/toke.l:964:13: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:964:13: acquire_memory: allocated here
sudo-1.9.15p5/plugins/sudoers/toke.l:965:8: branch_false: following 'false' branch (when 'paths' is non-NULL)...
 branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:967:12: branch_true: following 'true' branch...
sudo-1.9.15p5/plugins/sudoers/toke.l:968:32: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:976:13: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/sudoers/toke.l:991:15: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:992:12: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/sudoers/toke.l:994:36: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:994:12: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/sudoers/toke.l:999:13: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:1004:12: branch_false: following 'false' branch (when 'pl' is non-NULL)...
sudo-1.9.15p5/plugins/sudoers/toke.l:1008:9: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:1009:12: branch_false: following 'false' branch (when 'count < max_paths')...
sudo-1.9.15p5/plugins/sudoers/toke.l:1020:15: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:967:12: branch_true: following 'true' branch...
sudo-1.9.15p5/plugins/sudoers/toke.l:968:32: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:976:13: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/sudoers/toke.l:991:15: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:992:12: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/sudoers/toke.l:994:36: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:994:12: branch_false: following 'false' branch...
sudo-1.9.15p5/plugins/sudoers/toke.l:999:13: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:1004:12: branch_false: following 'false' branch (when 'pl' is non-NULL)...
sudo-1.9.15p5/plugins/sudoers/toke.l:1008:9: branch_false: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:1012:19: release_memory: deallocated here
sudo-1.9.15p5/plugins/sudoers/toke.l:1013:16: branch_true: following 'true' branch (when 'tmp' is NULL)...
sudo-1.9.15p5/plugins/sudoers/toke.l:1014:17: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:1034:8: branch_true: following 'true' branch...
sudo-1.9.15p5/plugins/sudoers/toke.l:1035:9: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:1036:17: branch_true: following 'true' branch (when 'i < count')...
sudo-1.9.15p5/plugins/sudoers/toke.l:1037:32: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:1037:27: danger: use after 'reallocarray' of 'paths + i * 8'; deallocated at [(31)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/30)
# 1035|   	closedir(dir);
# 1036|       for (i = 0; i < count; i++) {
# 1037|-> 	sudo_rcstr_delref(paths[i]->path);
# 1038|   	free(paths[i]);
# 1039|       }

Error: GCC_ANALYZER_WARNING (CWE-688): [#def40]
sudo-1.9.15p5/plugins/sudoers/toke.l:1058:9: warning[-Wanalyzer-null-argument]: use of NULL 'paths' where non-null expected
sudo-1.9.15p5/plugins/sudoers/toke.l:1049:1: enter_function: entry to 'switch_dir'
sudo-1.9.15p5/plugins/sudoers/toke.l:1051:24: release_memory: 'paths' is NULL
sudo-1.9.15p5/plugins/sudoers/toke.l:1055:13: call_function: calling 'read_dir_files' from 'switch_dir'
sudo-1.9.15p5/plugins/sudoers/toke.l:1055:13: return_function: returning to 'switch_dir' from 'read_dir_files'
sudo-1.9.15p5/plugins/sudoers/toke.l:1056:8: branch_true: following 'true' branch...
sudo-1.9.15p5/plugins/sudoers/toke.l:1058:9: branch_true: ...to here
sudo-1.9.15p5/plugins/sudoers/toke.l:1058:9: release_memory: 'paths' is NULL
sudo-1.9.15p5/plugins/sudoers/toke.l:1058:9: danger: argument 1 ('paths') NULL where non-null expected
# 1056|       if (count > 0) {
# 1057|   	/* Sort the list as an array in reverse order. */
# 1058|-> 	qsort(paths, count, sizeof(*paths), pl_compare);
# 1059|   
# 1060|   	/* Build up the list in sorted order. */

Error: CPPCHECK_WARNING (CWE-562): [#def41]
sudo-1.9.15p5/plugins/sudoers/visudo.c:542: error[autoVariables]: Address of local auto-variable assigned to a function parameter.
#  540|       if (lineno > 0) {
#  541|   	(void)snprintf(linestr, sizeof(linestr), "+%d", lineno);
#  542|-> 	editor_argv[ac++] = linestr; // -V507
#  543|       }
#  544|       editor_argv[ac++] = (char *)"--";

Error: GCC_ANALYZER_WARNING (CWE-775): [#def42]
sudo-1.9.15p5/src/./exec_monitor.c:362:8: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup3(io_fds[0], 0, 0)’
sudo-1.9.15p5/src/./exec_monitor.c:362:9: acquire_resource: opened here
sudo-1.9.15p5/src/./exec_monitor.c:362:8: danger: ‘dup3(io_fds[0], 0, 0)’ leaks here; was opened at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  360|   
#  361|       /* Wire up standard fds, note that stdout/stderr may be pipes. */
#  362|->     if (dup3(io_fds[SFD_STDIN], STDIN_FILENO, 0) == -1)
#  363|   	sudo_fatal("dup3");
#  364|       if (io_fds[SFD_STDIN] != io_fds[SFD_FOLLOWER])

Error: GCC_ANALYZER_WARNING (CWE-775): [#def43]
sudo-1.9.15p5/src/./exec_monitor.c:366:8: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup3(io_fds[1], 1, 0)’
sudo-1.9.15p5/src/./exec_monitor.c:362:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./exec_monitor.c:364:9: branch_false: ...to here
sudo-1.9.15p5/src/./exec_monitor.c:366:9: acquire_resource: opened here
sudo-1.9.15p5/src/./exec_monitor.c:366:8: danger: ‘dup3(io_fds[1], 1, 0)’ leaks here; was opened at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#  364|       if (io_fds[SFD_STDIN] != io_fds[SFD_FOLLOWER])
#  365|   	close(io_fds[SFD_STDIN]);
#  366|->     if (dup3(io_fds[SFD_STDOUT], STDOUT_FILENO, 0) == -1)
#  367|   	sudo_fatal("dup3");
#  368|       if (io_fds[SFD_STDOUT] != io_fds[SFD_FOLLOWER])

Error: GCC_ANALYZER_WARNING (CWE-775): [#def44]
sudo-1.9.15p5/src/./exec_monitor.c:370:8: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup3(io_fds[2], 2, 0)’
sudo-1.9.15p5/src/./exec_monitor.c:362:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./exec_monitor.c:364:9: branch_false: ...to here
sudo-1.9.15p5/src/./exec_monitor.c:366:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./exec_monitor.c:368:9: branch_false: ...to here
sudo-1.9.15p5/src/./exec_monitor.c:370:9: acquire_resource: opened here
sudo-1.9.15p5/src/./exec_monitor.c:370:8: danger: ‘dup3(io_fds[2], 2, 0)’ leaks here; was opened at [(5)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/4)
#  368|       if (io_fds[SFD_STDOUT] != io_fds[SFD_FOLLOWER])
#  369|   	close(io_fds[SFD_STDOUT]);
#  370|->     if (dup3(io_fds[SFD_STDERR], STDERR_FILENO, 0) == -1)
#  371|   	sudo_fatal("dup3");
#  372|       if (io_fds[SFD_STDERR] != io_fds[SFD_FOLLOWER])

Error: GCC_ANALYZER_WARNING (CWE-775): [#def45]
sudo-1.9.15p5/src/./exec_nopty.c:589:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘errpipe[0]’
sudo-1.9.15p5/src/./exec_nopty.c:556:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./exec_nopty.c:562:9: branch_false: ...to here
sudo-1.9.15p5/src/./exec_nopty.c:562:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./exec_nopty.c:565:9: branch_false: ...to here
sudo-1.9.15p5/src/./exec_nopty.c:589:9: danger: ‘errpipe[0]’ leaks here
#  587|       if (sudo_terminated(cstat)) {
#  588|   	sigprocmask(SIG_SETMASK, &oset, NULL);
#  589|-> 	debug_return;
#  590|       }
#  591|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def46]
sudo-1.9.15p5/src/./exec_nopty.c:589:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘errpipe[1]’
sudo-1.9.15p5/src/./exec_nopty.c:556:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./exec_nopty.c:562:9: branch_false: ...to here
sudo-1.9.15p5/src/./exec_nopty.c:562:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./exec_nopty.c:565:9: branch_false: ...to here
sudo-1.9.15p5/src/./exec_nopty.c:589:9: danger: ‘errpipe[1]’ leaks here
#  587|       if (sudo_terminated(cstat)) {
#  588|   	sigprocmask(SIG_SETMASK, &oset, NULL);
#  589|-> 	debug_return;
#  590|       }
#  591|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def47]
sudo-1.9.15p5/src/./exec_nopty.c:589:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘io_pipe[0][0]’
sudo-1.9.15p5/src/./exec_nopty.c:542:1: enter_function: entry to ‘exec_nopty’
sudo-1.9.15p5/src/./exec_nopty.c:556:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./exec_nopty.c:562:9: branch_false: ...to here
sudo-1.9.15p5/src/./exec_nopty.c:562:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./exec_nopty.c:565:9: branch_false: ...to here
sudo-1.9.15p5/src/./exec_nopty.c:577:5: call_function: calling ‘interpose_pipes’ from ‘exec_nopty’
sudo-1.9.15p5/src/./exec_nopty.c:577:5: return_function: returning to ‘exec_nopty’ from ‘interpose_pipes’
sudo-1.9.15p5/src/./exec_nopty.c:589:9: danger: ‘io_pipe[0][0]’ leaks here
#  587|       if (sudo_terminated(cstat)) {
#  588|   	sigprocmask(SIG_SETMASK, &oset, NULL);
#  589|-> 	debug_return;
#  590|       }
#  591|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def48]
sudo-1.9.15p5/src/./exec_nopty.c:589:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘io_pipe[1][1]’
sudo-1.9.15p5/src/./exec_nopty.c:542:1: enter_function: entry to ‘exec_nopty’
sudo-1.9.15p5/src/./exec_nopty.c:556:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./exec_nopty.c:562:9: branch_false: ...to here
sudo-1.9.15p5/src/./exec_nopty.c:562:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./exec_nopty.c:565:9: branch_false: ...to here
sudo-1.9.15p5/src/./exec_nopty.c:577:5: call_function: calling ‘interpose_pipes’ from ‘exec_nopty’
sudo-1.9.15p5/src/./exec_nopty.c:577:5: return_function: returning to ‘exec_nopty’ from ‘interpose_pipes’
sudo-1.9.15p5/src/./exec_nopty.c:589:9: danger: ‘io_pipe[1][1]’ leaks here
#  587|       if (sudo_terminated(cstat)) {
#  588|   	sigprocmask(SIG_SETMASK, &oset, NULL);
#  589|-> 	debug_return;
#  590|       }
#  591|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def49]
sudo-1.9.15p5/src/./exec_nopty.c:589:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘io_pipe[2][1]’
sudo-1.9.15p5/src/./exec_nopty.c:542:1: enter_function: entry to ‘exec_nopty’
sudo-1.9.15p5/src/./exec_nopty.c:556:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./exec_nopty.c:562:9: branch_false: ...to here
sudo-1.9.15p5/src/./exec_nopty.c:562:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./exec_nopty.c:565:9: branch_false: ...to here
sudo-1.9.15p5/src/./exec_nopty.c:577:5: call_function: calling ‘interpose_pipes’ from ‘exec_nopty’
sudo-1.9.15p5/src/./exec_nopty.c:577:5: return_function: returning to ‘exec_nopty’ from ‘interpose_pipes’
sudo-1.9.15p5/src/./exec_nopty.c:589:9: danger: ‘io_pipe[2][1]’ leaks here
#  587|       if (sudo_terminated(cstat)) {
#  588|   	sigprocmask(SIG_SETMASK, &oset, NULL);
#  589|-> 	debug_return;
#  590|       }
#  591|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def50]
sudo-1.9.15p5/src/./exec_nopty.c:615:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup3(io_pipe[0][0], 0, 0)’
sudo-1.9.15p5/src/./exec_nopty.c:542:1: enter_function: entry to ‘exec_nopty’
sudo-1.9.15p5/src/./exec_nopty.c:556:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./exec_nopty.c:562:9: branch_false: ...to here
sudo-1.9.15p5/src/./exec_nopty.c:562:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./exec_nopty.c:565:9: branch_false: ...to here
sudo-1.9.15p5/src/./exec_nopty.c:577:5: call_function: calling ‘interpose_pipes’ from ‘exec_nopty’
sudo-1.9.15p5/src/./exec_nopty.c:577:5: return_function: returning to ‘exec_nopty’ from ‘interpose_pipes’
sudo-1.9.15p5/src/./exec_nopty.c:587:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./exec_nopty.c:593:9: branch_false: ...to here
sudo-1.9.15p5/src/./exec_nopty.c:611:12: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./exec_nopty.c:614:13: branch_false: ...to here
sudo-1.9.15p5/src/./exec_nopty.c:614:12: branch_true: following ‘true’ branch...
sudo-1.9.15p5/src/./exec_nopty.c:615:17: branch_true: ...to here
sudo-1.9.15p5/src/./exec_nopty.c:615:17: acquire_resource: opened here
sudo-1.9.15p5/src/./exec_nopty.c:615:16: danger: ‘dup3(io_pipe[0][0], 0, 0)’ leaks here; was opened at [(25)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/24)
#  613|   	/* Replace stdin/stdout/stderr with pipes as needed and exec. */
#  614|   	if (io_pipe[STDIN_FILENO][0] != -1) {
#  615|-> 	    if (dup3(io_pipe[STDIN_FILENO][0], STDIN_FILENO, 0) == -1)
#  616|   		sudo_fatal("dup3");
#  617|   	    close(io_pipe[STDIN_FILENO][0]);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def51]
sudo-1.9.15p5/src/./exec_nopty.c:621:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup3(io_pipe[1][1], 1, 0)’
sudo-1.9.15p5/src/./exec_nopty.c:542:1: enter_function: entry to ‘exec_nopty’
sudo-1.9.15p5/src/./exec_nopty.c:556:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./exec_nopty.c:562:9: branch_false: ...to here
sudo-1.9.15p5/src/./exec_nopty.c:562:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./exec_nopty.c:565:9: branch_false: ...to here
sudo-1.9.15p5/src/./exec_nopty.c:577:5: call_function: calling ‘interpose_pipes’ from ‘exec_nopty’
sudo-1.9.15p5/src/./exec_nopty.c:577:5: return_function: returning to ‘exec_nopty’ from ‘interpose_pipes’
sudo-1.9.15p5/src/./exec_nopty.c:587:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./exec_nopty.c:593:9: branch_false: ...to here
sudo-1.9.15p5/src/./exec_nopty.c:611:12: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./exec_nopty.c:614:13: branch_false: ...to here
sudo-1.9.15p5/src/./exec_nopty.c:614:12: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./exec_nopty.c:620:13: branch_false: ...to here
sudo-1.9.15p5/src/./exec_nopty.c:620:12: branch_true: following ‘true’ branch...
sudo-1.9.15p5/src/./exec_nopty.c:621:17: branch_true: ...to here
sudo-1.9.15p5/src/./exec_nopty.c:621:17: acquire_resource: opened here
sudo-1.9.15p5/src/./exec_nopty.c:621:16: danger: ‘dup3(io_pipe[1][1], 1, 0)’ leaks here; was opened at [(34)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/33)
#  619|   	}
#  620|   	if (io_pipe[STDOUT_FILENO][0] != -1) {
#  621|-> 	    if (dup3(io_pipe[STDOUT_FILENO][1], STDOUT_FILENO, 0) == -1)
#  622|   		sudo_fatal("dup3");
#  623|   	    close(io_pipe[STDOUT_FILENO][0]);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def52]
sudo-1.9.15p5/src/./exec_nopty.c:627:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup3(io_pipe[2][1], 2, 0)’
sudo-1.9.15p5/src/./exec_nopty.c:542:1: enter_function: entry to ‘exec_nopty’
sudo-1.9.15p5/src/./exec_nopty.c:556:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./exec_nopty.c:562:9: branch_false: ...to here
sudo-1.9.15p5/src/./exec_nopty.c:562:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./exec_nopty.c:565:9: branch_false: ...to here
sudo-1.9.15p5/src/./exec_nopty.c:577:5: call_function: calling ‘interpose_pipes’ from ‘exec_nopty’
sudo-1.9.15p5/src/./exec_nopty.c:577:5: return_function: returning to ‘exec_nopty’ from ‘interpose_pipes’
sudo-1.9.15p5/src/./exec_nopty.c:587:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./exec_nopty.c:593:9: branch_false: ...to here
sudo-1.9.15p5/src/./exec_nopty.c:611:12: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./exec_nopty.c:614:13: branch_false: ...to here
sudo-1.9.15p5/src/./exec_nopty.c:614:12: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./exec_nopty.c:620:13: branch_false: ...to here
sudo-1.9.15p5/src/./exec_nopty.c:620:12: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./exec_nopty.c:626:13: branch_false: ...to here
sudo-1.9.15p5/src/./exec_nopty.c:626:12: branch_true: following ‘true’ branch...
sudo-1.9.15p5/src/./exec_nopty.c:627:17: branch_true: ...to here
sudo-1.9.15p5/src/./exec_nopty.c:627:17: acquire_resource: opened here
sudo-1.9.15p5/src/./exec_nopty.c:627:16: danger: ‘dup3(io_pipe[2][1], 2, 0)’ leaks here; was opened at [(36)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/35)
#  625|   	}
#  626|   	if (io_pipe[STDERR_FILENO][0] != -1) {
#  627|-> 	    if (dup3(io_pipe[STDERR_FILENO][1], STDERR_FILENO, 0) == -1)
#  628|   		sudo_fatal("dup3");
#  629|   	    close(io_pipe[STDERR_FILENO][0]);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def53]
sudo-1.9.15p5/src/./preserve_fds.c:163:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(*pfd.lowfd, *pfd.highfd)’
sudo-1.9.15p5/src/./preserve_fds.c:113:12: branch_false: following ‘false’ branch (when ‘fd == -1’)...
sudo-1.9.15p5/src/./preserve_fds.c:116:13: branch_false: ...to here
sudo-1.9.15p5/src/./preserve_fds.c:120:8: branch_false: following ‘false’ branch (when ‘lastfd != -1’)...
sudo-1.9.15p5/src/./preserve_fds.c:129:29: branch_false: ...to here
sudo-1.9.15p5/src/./preserve_fds.c:130:8: branch_false: following ‘false’ branch (when ‘fdbits’ is non-NULL)...
sudo-1.9.15p5/src/./preserve_fds.c:132:5: branch_false: ...to here
sudo-1.9.15p5/src/./preserve_fds.c:161:5: branch_true: following ‘true’ branch (when ‘pfd’ is non-NULL)...
sudo-1.9.15p5/src/./preserve_fds.c:162:13: branch_true: ...to here
sudo-1.9.15p5/src/./preserve_fds.c:162:12: branch_true: following ‘true’ branch...
sudo-1.9.15p5/src/./preserve_fds.c:163:17: branch_true: ...to here
sudo-1.9.15p5/src/./preserve_fds.c:163:17: acquire_resource: opened here
sudo-1.9.15p5/src/./preserve_fds.c:163:16: danger: ‘dup2(*pfd.lowfd, *pfd.highfd)’ leaks here; was opened at [(11)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/10)
#  161|       TAILQ_FOREACH_REVERSE(pfd, pfds, preserved_fd_list, entries) {
#  162|   	if (pfd->lowfd != pfd->highfd) {
#  163|-> 	    if (dup2(pfd->lowfd, pfd->highfd) == -1) {
#  164|   		sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
#  165|   		    "dup2(%d, %d): %s", pfd->lowfd, pfd->highfd,

Error: GCC_ANALYZER_WARNING (CWE-775): [#def54]
sudo-1.9.15p5/src/./selinux.c:256:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup3(se_state.ttyfd,  ptyfd,  flags)’
sudo-1.9.15p5/src/./selinux.c:168:1: enter_function: entry to ‘selinux_relabel_tty’
sudo-1.9.15p5/src/./selinux.c:179:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./selinux.c:184:5: branch_false: ...to here
sudo-1.9.15p5/src/./selinux.c:202:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./selinux.c:207:9: branch_false: ...to here
sudo-1.9.15p5/src/./selinux.c:207:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./selinux.c:220:9: branch_false: ...to here
sudo-1.9.15p5/src/./selinux.c:220:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./selinux.c:229:8: branch_false: ...to here
sudo-1.9.15p5/src/./selinux.c:229:8: branch_true: following ‘true’ branch (when ‘ptyfd != -1’)...
sudo-1.9.15p5/src/./selinux.c:233:26: call_function: inlined call to ‘open’ from ‘selinux_relabel_tty’
sudo-1.9.15p5/src/./selinux.c:234:12: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./selinux.c:238:12: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./selinux.c:244:23: branch_false: ...to here
sudo-1.9.15p5/src/./selinux.c:244:12: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./selinux.c:248:13: branch_false: ...to here
sudo-1.9.15p5/src/./selinux.c:250:12: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./selinux.c:254:13: branch_false: ...to here
sudo-1.9.15p5/src/./selinux.c:256:13: acquire_resource: opened here
sudo-1.9.15p5/src/./selinux.c:256:12: danger: ‘dup3(se_state.ttyfd,  ptyfd,  flags)’ leaks here; was opened at [(21)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/20)
#  254|   	if (ISSET(oflags, FD_CLOEXEC))
#  255|   	    flags |= O_CLOEXEC;
#  256|-> 	if (dup3(se_state.ttyfd, ptyfd, flags) == -1) {
#  257|   	    sudo_warn("dup3");
#  258|   	    goto bad;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def55]
sudo-1.9.15p5/src/./selinux.c:276:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(se_state.ttyfd,  fd)’
sudo-1.9.15p5/src/./selinux.c:179:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./selinux.c:184:5: branch_false: ...to here
sudo-1.9.15p5/src/./selinux.c:189:12: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./selinux.c:193:12: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./selinux.c:199:13: branch_false: ...to here
sudo-1.9.15p5/src/./selinux.c:202:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./selinux.c:207:9: branch_false: ...to here
sudo-1.9.15p5/src/./selinux.c:207:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./selinux.c:220:9: branch_false: ...to here
sudo-1.9.15p5/src/./selinux.c:220:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./selinux.c:229:8: branch_false: ...to here
sudo-1.9.15p5/src/./selinux.c:229:8: branch_false: following ‘false’ branch (when ‘ptyfd == -1’)...
sudo-1.9.15p5/src/./selinux.c:262:9: branch_false: ...to here
sudo-1.9.15p5/src/./selinux.c:264:12: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./selinux.c:268:12: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./selinux.c:274:13: branch_false: ...to here
sudo-1.9.15p5/src/./selinux.c:275:33: branch_true: following ‘true’ branch (when ‘fd != 3’)...
sudo-1.9.15p5/src/./selinux.c:276:17: branch_true: ...to here
sudo-1.9.15p5/src/./selinux.c:276:16: branch_true: following ‘true’ branch...
sudo-1.9.15p5/src/./selinux.c:276:41: branch_true: ...to here
sudo-1.9.15p5/src/./selinux.c:276:41: acquire_resource: opened here
sudo-1.9.15p5/src/./selinux.c:276:17: danger: ‘dup2(se_state.ttyfd,  fd)’ leaks here; was opened at [(23)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/22)
#  274|   	    fcntl(se_state.ttyfd, F_GETFL, 0) & ~O_NONBLOCK);
#  275|   	for (fd = STDIN_FILENO; fd <= STDERR_FILENO; fd++) {
#  276|-> 	    if (sudo_isatty(fd, &sb) && dup2(se_state.ttyfd, fd) == -1) {
#  277|   		sudo_warn("dup2");
#  278|   		goto bad;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def56]
sudo-1.9.15p5/src/./selinux.c:497:13: warning[-Wanalyzer-malloc-leak]: leak of ‘nargv’
sudo-1.9.15p5/src/./selinux.c:451:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./selinux.c:458:9: branch_false: ...to here
sudo-1.9.15p5/src/./selinux.c:458:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
sudo-1.9.15p5/src/./selinux.c:466:8: branch_false: following ‘false’ branch (when ‘argc != 0’)...
sudo-1.9.15p5/src/./selinux.c:470:32: branch_false: ...to here
sudo-1.9.15p5/src/./selinux.c:470:13: acquire_memory: allocated here
sudo-1.9.15p5/src/./selinux.c:471:8: branch_false: following ‘false’ branch (when ‘nargv’ is non-NULL)...
sudo-1.9.15p5/src/./selinux.c:475:10: branch_false: ...to here
sudo-1.9.15p5/src/./selinux.c:493:8: branch_true: following ‘true’ branch (when ‘fd != -1’)...
sudo-1.9.15p5/src/./selinux.c:494:31: branch_true: ...to here
sudo-1.9.15p5/src/./selinux.c:495:12: branch_true: following ‘true’ branch...
sudo-1.9.15p5/src/./selinux.c:496:13: branch_true: ...to here
sudo-1.9.15p5/src/./selinux.c:497:13: danger: ‘nargv’ leaks here; was allocated at [(7)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/6)
#  495|   	if (len == -1) {
#  496|   	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  497|-> 	    debug_return;
#  498|   	}
#  499|       }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def57]
sudo-1.9.15p5/src/./sudo.c:376:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(__open_alias("/dev/null", 2, 420), 0)’
sudo-1.9.15p5/src/./sudo.c:374:12: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./sudo.c:376:12: branch_false: ...to here
sudo-1.9.15p5/src/./sudo.c:376:12: branch_true: following ‘true’ branch...
sudo-1.9.15p5/src/./sudo.c:376:35: branch_true: ...to here
sudo-1.9.15p5/src/./sudo.c:376:35: acquire_resource: opened here
sudo-1.9.15p5/src/./sudo.c:376:13: danger: ‘dup2(__open_alias("/dev/null", 2, 420), 0)’ leaks here; was opened at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  374|   	if (devnull == -1)
#  375|   	    sudo_fatal(U_("unable to open %s"), _PATH_DEVNULL);
#  376|-> 	if (miss[STDIN_FILENO] && dup2(devnull, STDIN_FILENO) == -1)
#  377|   	    sudo_fatal("dup2");
#  378|   	if (miss[STDOUT_FILENO] && dup2(devnull, STDOUT_FILENO) == -1)

Error: GCC_ANALYZER_WARNING (CWE-775): [#def58]
sudo-1.9.15p5/src/./sudo.c:378:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(__open_alias("/dev/null", 2, 420), 1)’
sudo-1.9.15p5/src/./sudo.c:374:12: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./sudo.c:376:12: branch_false: ...to here
sudo-1.9.15p5/src/./sudo.c:378:12: branch_true: following ‘true’ branch...
sudo-1.9.15p5/src/./sudo.c:378:36: branch_true: ...to here
sudo-1.9.15p5/src/./sudo.c:378:36: acquire_resource: opened here
sudo-1.9.15p5/src/./sudo.c:378:13: danger: ‘dup2(__open_alias("/dev/null", 2, 420), 1)’ leaks here; was opened at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
#  376|   	if (miss[STDIN_FILENO] && dup2(devnull, STDIN_FILENO) == -1)
#  377|   	    sudo_fatal("dup2");
#  378|-> 	if (miss[STDOUT_FILENO] && dup2(devnull, STDOUT_FILENO) == -1)
#  379|   	    sudo_fatal("dup2");
#  380|   	if (miss[STDERR_FILENO] && dup2(devnull, STDERR_FILENO) == -1)

Error: GCC_ANALYZER_WARNING (CWE-775): [#def59]
sudo-1.9.15p5/src/./sudo.c:380:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(__open_alias("/dev/null", 2, 420), 2)’
sudo-1.9.15p5/src/./sudo.c:374:12: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./sudo.c:376:12: branch_false: ...to here
sudo-1.9.15p5/src/./sudo.c:376:13: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./sudo.c:378:12: branch_false: ...to here
sudo-1.9.15p5/src/./sudo.c:380:12: branch_true: following ‘true’ branch...
sudo-1.9.15p5/src/./sudo.c:380:36: branch_true: ...to here
sudo-1.9.15p5/src/./sudo.c:380:36: acquire_resource: opened here
sudo-1.9.15p5/src/./sudo.c:380:13: danger: ‘dup2(__open_alias("/dev/null", 2, 420), 2)’ leaks here; was opened at [(7)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/6)
#  378|   	if (miss[STDOUT_FILENO] && dup2(devnull, STDOUT_FILENO) == -1)
#  379|   	    sudo_fatal("dup2");
#  380|-> 	if (miss[STDERR_FILENO] && dup2(devnull, STDERR_FILENO) == -1)
#  381|   	    sudo_fatal("dup2");
#  382|   	if (devnull > STDERR_FILENO)

Error: GCC_ANALYZER_WARNING (CWE-775): [#def60]
sudo-1.9.15p5/src/./tgetpass.c:314:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup3(pfd[1], 1, 0)’
sudo-1.9.15p5/src/./tgetpass.c:305:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./tgetpass.c:308:13: branch_false: ...to here
sudo-1.9.15p5/src/./tgetpass.c:309:8: branch_false: following ‘false’ branch...
sudo-1.9.15p5/src/./tgetpass.c:312:8: branch_false: ...to here
sudo-1.9.15p5/src/./tgetpass.c:312:8: branch_true: following ‘true’ branch...
sudo-1.9.15p5/src/./tgetpass.c:314:13: branch_true: ...to here
sudo-1.9.15p5/src/./tgetpass.c:314:13: acquire_resource: opened here
sudo-1.9.15p5/src/./tgetpass.c:314:12: danger: ‘dup3(pfd[1], 1, 0)’ leaks here; was opened at [(8)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/7)
#  312|       if (child == 0) {
#  313|   	/* child, set stdout to write side of the pipe */
#  314|-> 	if (dup3(pfd[1], STDOUT_FILENO, 0) == -1) {
#  315|   	    sudo_warn("dup3");
#  316|   	    _exit(255);
Scan Properties

analyzer-version-clippy	1.86.0
analyzer-version-cppcheck	2.17.1
analyzer-version-gcc	15.0.1
analyzer-version-gcc-analyzer	15.0.1
analyzer-version-shellcheck	0.10.0
analyzer-version-unicontrol	0.0.2
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-156.us-west-2.compute.internal
known-false-positives	/usr/share/csmock/known-false-positives.js
known-false-positives-rpm	known-false-positives-0.0.0.20250425.124705.g1c7c448.main-1.el9.noarch
mock-config	fedora-rawhide-x86_64
project-name	sudo-1.9.15-7.p5.fc43
store-results-to	/tmp/tmpk0pvy52a/sudo-1.9.15-7.p5.fc43.tar.xz
time-created	2025-04-25 15:47:36
time-finished	2025-04-25 15:51:44
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'unicontrol,cppcheck,gcc,clippy,shellcheck' '-o' '/tmp/tmpk0pvy52a/sudo-1.9.15-7.p5.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpk0pvy52a/sudo-1.9.15-7.p5.fc43.src.rpm'
tool-version	csmock-3.8.1.20250422.172604.g26bc3d6-1.el9