Error: GCC_ANALYZER_WARNING (CWE-775): [#def1] xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:414:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(dirname, 2621440)’ xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:1206:1: enter_function: entry to ‘portal_lookup’ xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:1218:6: branch_false: following ‘false’ branch... xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:1226:3: branch_false: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:1229:6: branch_false: following ‘false’ branch... xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:1238:8: branch_false: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:1238:8: call_function: calling ‘validate_fd’ from ‘portal_lookup’ # 412| goto errout; # 413| # 414|-> dir_fd = open (dirname, O_CLOEXEC | O_PATH); # 415| if (dir_fd < 0 || fstat (dir_fd, real_dir_st_buf) != 0) # 416| goto errout; Error: GCC_ANALYZER_WARNING (CWE-688): [#def2] xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:847:19: warning[-Wanalyzer-null-argument]: use of NULL ‘dirname’ where non-null expected xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:763:1: enter_function: entry to ‘document_add_full’ xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:786:15: branch_true: following ‘true’ branch (when ‘i < n_args’)... xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:789:24: branch_true: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:789:24: release_memory: ‘path’ is NULL xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:797:12: call_function: calling ‘validate_fd’ from ‘document_add_full’ xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:797:12: return_function: returning to ‘document_add_full’ from ‘validate_fd’ xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:797:10: branch_false: following ‘false’ branch... xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:800:11: branch_false: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:820:10: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:822:28: branch_true: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:822:28: release_memory: ‘real_path’ is NULL xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:826:16: call_function: calling ‘verify_existing_document’ from ‘document_add_full’ xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:826:16: return_function: returning to ‘document_add_full’ from ‘verify_existing_document’ xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:827:14: branch_false: following ‘false’ branch... xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:836:15: branch_false: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:836:14: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:840:15: branch_true: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:843:18: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:844:27: call_function: inlined call to ‘g_strdup_inline’ from ‘document_add_full’ xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:847:19: danger: argument 1 (‘dirname’) NULL where non-null expected # 845| else # 846| dirname = g_path_get_dirname (path); # 847|-> if (lstat (dirname, &real_dir_st_bufs[i]) != 0) # 848| { # 849| g_set_error (error, Error: GCC_ANALYZER_WARNING (CWE-775): [#def3] xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:1228:8: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(filename, 2621440)’ xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:1218:6: branch_false: following ‘false’ branch... xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:1226:3: branch_false: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:1228:8: acquire_resource: opened here xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:1228:8: danger: ‘open(filename, 2621440)’ leaks here; was opened at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2) # 1226| g_variant_get (parameters, "(^&ay)", &filename); # 1227| # 1228|-> fd = open (filename, O_PATH | O_CLOEXEC); # 1229| if (fd == -1) # 1230| { Error: GCC_ANALYZER_WARNING (CWE-476): [#def4] xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:1484:11: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘error’ xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:1464:1: enter_function: entry to ‘portal_get_host_paths’ xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:1476:22: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:1478:25: branch_true: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:1478:25: release_memory: ‘error’ is NULL xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:1481:14: call_function: calling ‘get_host_path_internal’ from ‘portal_get_host_paths’ xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:1481:14: return_function: returning to ‘portal_get_host_paths’ from ‘get_host_path_internal’ xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:1482:10: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:1484:11: branch_true: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:1484:11: release_memory: ‘error’ is NULL xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/document-portal.c:1484:11: danger: dereference of NULL ‘error’ # 1482| if (path == NULL) # 1483| { # 1484|-> g_warning ("Failed to get host path for %s: %s", id_list[i], error->message); # 1485| continue; # 1486| } Error: GCC_ANALYZER_WARNING (CWE-775): [#def5] xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/file-transfer.c:298:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(*file.path, 2621440)’ xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/file-transfer.c:269:6: branch_false: following ‘false’ branch... xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/file-transfer.c:284:7: branch_false: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/file-transfer.c:294:15: branch_true: following ‘true’ branch (when ‘i < n_fds’)... xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/file-transfer.c:296:43: branch_true: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/file-transfer.c:298:16: acquire_resource: opened here xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/file-transfer.c:298:16: danger: ‘open(*file.path, 2621440)’ leaks here; was opened at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4) # 296| ExportedFile *file = (ExportedFile*)g_ptr_array_index (transfer->files, i); # 297| # 298|-> fds[i] = open (file->path, O_PATH | O_CLOEXEC); # 299| if (fds[i] == -1) # 300| { Error: GCC_ANALYZER_WARNING (CWE-476): [#def6] xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/gvdb/gvdb-builder.c:332:3: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/gvdb/gvdb-builder.c:504:1: enter_function: entry to ‘gvdb_table_get_content’ xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/gvdb/gvdb-builder.c:514:3: call_function: calling ‘file_builder_add_hash’ from ‘gvdb_table_get_content’ # 330| # 331| #define chunk(s) (size -= (s), data += (s), data - (s)) # 332|-> memcpy (chunk (sizeof bloom_hdr), &bloom_hdr, sizeof bloom_hdr); # 333| memcpy (chunk (sizeof table_hdr), &table_hdr, sizeof table_hdr); # 334| *bloom_filter = (guint32_le *) chunk (n_bloom_words * sizeof (guint32_le)); Error: GCC_ANALYZER_WARNING (CWE-688): [#def7] xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/permission-db.c:88:3: warning[-Wanalyzer-null-argument]: use of NULL ‘strv’ where non-null expected xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/permission-db.c:894:1: enter_function: entry to ‘permission_db_print_string’ xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/permission-db.c:901:3: branch_false: following ‘false’ branch (when ‘self’ is non-NULL)... xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/permission-db.c:901:3: branch_false: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/permission-db.c:908:9: call_function: calling ‘permission_db_list_ids’ from ‘permission_db_print_string’ xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/permission-db.c:908:9: return_function: returning to ‘permission_db_print_string’ from ‘permission_db_list_ids’ xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/permission-db.c:909:3: call_function: calling ‘sort_strv’ from ‘permission_db_print_string’ # 86| sort_strv (const char **strv) # 87| { # 88|-> qsort (strv, g_strv_length ((char **) strv), sizeof (const char *), cmpstringp); # 89| } # 90| Error: GCC_ANALYZER_WARNING (CWE-476): [#def8] xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/permission-db.c:747:15: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/permission-db.c:727:1: enter_function: entry to ‘permission_db_update’ xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/permission-db.c:738:3: branch_false: following ‘false’ branch (when ‘self’ is non-NULL)... xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/permission-db.c:738:3: branch_false: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/permission-db.c:746:9: call_function: calling ‘permission_db_list_ids’ from ‘permission_db_update’ xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/permission-db.c:746:9: return_function: returning to ‘permission_db_update’ from ‘permission_db_list_ids’ xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/permission-db.c:747:18: release_memory: ‘0’ is NULL xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/permission-db.c:747:15: danger: dereference of NULL ‘permission_db_list_ids(self) + (long unsigned int)i * 8’ # 745| # 746| ids = permission_db_list_ids (self); # 747|-> for (i = 0; ids[i] != 0; i++) # 748| { # 749| g_autoptr(PermissionDbEntry) entry = permission_db_lookup (self, ids[i]); Error: GCC_ANALYZER_WARNING (CWE-476): [#def9] xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/permission-db.c:760:15: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/permission-db.c:727:1: enter_function: entry to ‘permission_db_update’ xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/permission-db.c:738:3: branch_false: following ‘false’ branch (when ‘self’ is non-NULL)... xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/permission-db.c:738:3: branch_false: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/permission-db.c:746:9: call_function: calling ‘permission_db_list_ids’ from ‘permission_db_update’ xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/permission-db.c:746:9: return_function: returning to ‘permission_db_update’ from ‘permission_db_list_ids’ xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/permission-db.c:759:10: call_function: calling ‘permission_db_list_apps’ from ‘permission_db_update’ xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/permission-db.c:759:10: return_function: returning to ‘permission_db_update’ from ‘permission_db_list_apps’ xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/permission-db.c:760:19: release_memory: ‘0’ is NULL xdg-desktop-portal-1.20.0/redhat-linux-build/../document-portal/permission-db.c:760:15: danger: dereference of NULL ‘permission_db_list_apps(self) + (long unsigned int)i * 8’ # 758| # 759| apps = permission_db_list_apps (self); # 760|-> for (i = 0; apps[i] != 0; i++) # 761| { # 762| g_auto(GStrv) app_ids = permission_db_list_ids_by_app (self, apps[i]); Error: GCC_ANALYZER_WARNING (CWE-476): [#def10] xdg-desktop-portal-1.20.0/redhat-linux-build/../src/account.c:106:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘error’ xdg-desktop-portal-1.20.0/redhat-linux-build/../src/account.c:67:1: enter_function: entry to ‘send_response_in_thread_func’ xdg-desktop-portal-1.20.0/redhat-linux-build/../src/account.c:86:6: branch_false: following ‘false’ branch (when ‘response == 0’)... xdg-desktop-portal-1.20.0/redhat-linux-build/../src/account.c:89:9: branch_false: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../src/account.c:95:6: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.0/redhat-linux-build/../src/account.c:98:25: branch_true: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../src/account.c:98:25: release_memory: ‘error’ is NULL xdg-desktop-portal-1.20.0/redhat-linux-build/../src/account.c:100:10: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.0/redhat-linux-build/../src/account.c:101:16: branch_true: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../src/account.c:106:9: release_memory: ‘error’ is NULL xdg-desktop-portal-1.20.0/redhat-linux-build/../src/account.c:106:9: danger: dereference of NULL ‘error’ # 104| # 105| if (ruri == NULL) # 106|-> g_warning ("Failed to register %s: %s", image, error->message); # 107| else # 108| { Error: GCC_ANALYZER_WARNING (CWE-476): [#def11] xdg-desktop-portal-1.20.0/redhat-linux-build/../src/file-chooser.c:136:15: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘error’ xdg-desktop-portal-1.20.0/redhat-linux-build/../src/file-chooser.c:97:6: branch_false: following ‘false’ branch (when ‘response == 0’)... xdg-desktop-portal-1.20.0/redhat-linux-build/../src/file-chooser.c:100:14: branch_false: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../src/file-chooser.c:112:6: branch_true: following ‘true’ branch... branch_true: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../src/file-chooser.c:116:19: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.0/redhat-linux-build/../src/file-chooser.c:119:29: release_memory: ‘error’ is NULL xdg-desktop-portal-1.20.0/redhat-linux-build/../src/file-chooser.c:123:16: branch_true: following ‘true’ branch (when ‘__str_len > 6’)... xdg-desktop-portal-1.20.0/redhat-linux-build/../src/file-chooser.c:123:16: branch_true: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../src/file-chooser.c:123:14: branch_false: following ‘false’ branch... xdg-desktop-portal-1.20.0/redhat-linux-build/../src/file-chooser.c:129:15: branch_false: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../src/file-chooser.c:129:14: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.0/redhat-linux-build/../src/file-chooser.c:130:20: branch_true: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../src/file-chooser.c:136:15: release_memory: ‘error’ is NULL xdg-desktop-portal-1.20.0/redhat-linux-build/../src/file-chooser.c:136:15: danger: dereference of NULL ‘error’ # 134| if (ruri == NULL) # 135| { # 136|-> g_warning ("Failed to register %s: %s", uris[i], error->message); # 137| continue; # 138| } Error: GCC_ANALYZER_WARNING (CWE-688): [#def12] xdg-desktop-portal-1.20.0/redhat-linux-build/../src/file-chooser.c:172:7: warning[-Wanalyzer-null-argument]: use of NULL ‘path’ where non-null expected xdg-desktop-portal-1.20.0/redhat-linux-build/../src/file-chooser.c:523:1: enter_function: entry to ‘handle_open_file’ xdg-desktop-portal-1.20.0/redhat-linux-build/../src/file-chooser.c:541:6: branch_false: following ‘false’ branch... xdg-desktop-portal-1.20.0/redhat-linux-build/../src/file-chooser.c:551:7: branch_false: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../src/file-chooser.c:553:8: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.0/redhat-linux-build/../src/file-chooser.c:555:37: branch_true: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../src/file-chooser.c:557:26: release_memory: ‘doc_id_from_app’ is NULL xdg-desktop-portal-1.20.0/redhat-linux-build/../src/file-chooser.c:558:13: call_function: calling ‘looks_like_document_portal_path’ from ‘handle_open_file’ #argument 1 of ‘__builtin_strstr’ must be non-null # 170| return FALSE; # 171| # 172|-> p = strstr (path, "/doc/"); # 173| if (!p) # 174| return FALSE; Error: GCC_ANALYZER_WARNING (CWE-476): [#def13] xdg-desktop-portal-1.20.0/redhat-linux-build/../src/screenshot.c:131:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘error’ xdg-desktop-portal-1.20.0/redhat-linux-build/../src/screenshot.c:102:21: release_memory: ‘error’ is NULL xdg-desktop-portal-1.20.0/redhat-linux-build/../src/screenshot.c:110:6: branch_false: following ‘false’ branch (when ‘response == 0’)... xdg-desktop-portal-1.20.0/redhat-linux-build/../src/screenshot.c:113:12: branch_false: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../src/screenshot.c:114:6: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.0/redhat-linux-build/../src/screenshot.c:119:12: branch_true: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../src/screenshot.c:119:10: branch_false: following ‘false’ branch... xdg-desktop-portal-1.20.0/redhat-linux-build/../src/screenshot.c:125:11: branch_false: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../src/screenshot.c:125:10: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.0/redhat-linux-build/../src/screenshot.c:126:16: branch_true: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../src/screenshot.c:131:9: release_memory: ‘error’ is NULL xdg-desktop-portal-1.20.0/redhat-linux-build/../src/screenshot.c:131:9: danger: dereference of NULL ‘error’ # 129| # 130| if (ruri == NULL) # 131|-> g_warning ("Failed to register %s: %s", uri, error->message); # 132| else # 133| g_variant_builder_add (&results, "{&sv}", "uri", g_variant_new_string (ruri)); Error: GCC_ANALYZER_WARNING (CWE-476): [#def14] xdg-desktop-portal-1.20.0/redhat-linux-build/../src/usb.c:1264:21: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ xdg-desktop-portal-1.20.0/redhat-linux-build/../src/usb.c:1242:1: enter_function: entry to ‘handle_finish_acquire_devices’ xdg-desktop-portal-1.20.0/redhat-linux-build/../src/usb.c:1262:17: call_function: calling ‘usb_sender_info_from_call’ from ‘handle_finish_acquire_devices’ xdg-desktop-portal-1.20.0/redhat-linux-build/../src/usb.c:1262:17: return_function: returning to ‘handle_finish_acquire_devices’ from ‘usb_sender_info_from_call’ xdg-desktop-portal-1.20.0/redhat-linux-build/../src/usb.c:1264:21: danger: dereference of NULL ‘usb_sender_info_from_call(object, xdp_call_from_invocation(invocation))’ # 1262| sender_info = usb_sender_info_from_call (self, call); # 1263| # 1264|-> pending_devices = g_hash_table_lookup (sender_info->pending_devices, object_path); # 1265| if (pending_devices == NULL) # 1266| { Error: GCC_ANALYZER_WARNING (CWE-401): [#def15] xdg-desktop-portal-1.20.0/redhat-linux-build/../src/xdp-app-info-flatpak.c:628:10: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir("/proc")’ xdg-desktop-portal-1.20.0/redhat-linux-build/../src/xdp-app-info-flatpak.c:605:1: enter_function: entry to ‘get_bwrap_pidfd’ xdg-desktop-portal-1.20.0/redhat-linux-build/../src/xdp-app-info-flatpak.c:613:6: branch_false: following ‘false’ branch (when ‘instance’ is non-NULL)... xdg-desktop-portal-1.20.0/redhat-linux-build/../src/xdp-app-info-flatpak.c:620:10: branch_false: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../src/xdp-app-info-flatpak.c:620:10: call_function: calling ‘load_bwrap_info’ from ‘get_bwrap_pidfd’ xdg-desktop-portal-1.20.0/redhat-linux-build/../src/xdp-app-info-flatpak.c:620:10: return_function: returning to ‘get_bwrap_pidfd’ from ‘load_bwrap_info’ xdg-desktop-portal-1.20.0/redhat-linux-build/../src/xdp-app-info-flatpak.c:621:6: branch_false: following ‘false’ branch... xdg-desktop-portal-1.20.0/redhat-linux-build/../src/xdp-app-info-flatpak.c:624:9: branch_false: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../src/xdp-app-info-flatpak.c:625:6: branch_false: following ‘false’ branch... xdg-desktop-portal-1.20.0/redhat-linux-build/../src/xdp-app-info-flatpak.c:628:10: branch_false: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../src/xdp-app-info-flatpak.c:628:10: acquire_memory: allocated here xdg-desktop-portal-1.20.0/redhat-linux-build/../src/xdp-app-info-flatpak.c:628:10: danger: ‘opendir("/proc")’ leaks here; was allocated at [(28)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/27) # 626| return -1; # 627| # 628|-> proc = opendir ("/proc"); # 629| if (proc == NULL) # 630| { Error: GCC_ANALYZER_WARNING (CWE-775): [#def16] xdg-desktop-portal-1.20.0/redhat-linux-build/../src/xdp-app-info-snap.c:106:8: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(g_strdup_printf("/proc/%u/cgroup", (unsigned int)pid), 524544)’ xdg-desktop-portal-1.20.0/redhat-linux-build/../src/xdp-app-info-snap.c:103:3: branch_true: following ‘true’ branch (when ‘pid > 0’)... xdg-desktop-portal-1.20.0/redhat-linux-build/../src/xdp-app-info-snap.c:105:17: branch_true: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../src/xdp-app-info-snap.c:106:8: acquire_resource: opened here xdg-desktop-portal-1.20.0/redhat-linux-build/../src/xdp-app-info-snap.c:106:8: danger: ‘open(g_strdup_printf("/proc/%u/cgroup", (unsigned int)pid), 524544)’ leaks here; was opened at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2) # 104| # 105| cgroup_path = g_strdup_printf ("/proc/%u/cgroup", (guint) pid); # 106|-> fd = open (cgroup_path, O_RDONLY | O_CLOEXEC | O_NOCTTY); # 107| if (fd == -1) # 108| { Error: GCC_ANALYZER_WARNING (CWE-775): [#def17] xdg-desktop-portal-1.20.0/redhat-linux-build/../src/xdp-documents.c:93:10: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(g_path_get_dirname(g_file_get_path(g_file_new_for_uri(uri))), 2621440)’ xdg-desktop-portal-1.20.0/redhat-linux-build/../src/xdp-documents.c:85:3: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.0/redhat-linux-build/../src/xdp-documents.c:92:6: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.0/redhat-linux-build/../src/xdp-documents.c:93:10: branch_true: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../src/xdp-documents.c:93:10: acquire_resource: opened here xdg-desktop-portal-1.20.0/redhat-linux-build/../src/xdp-documents.c:93:10: danger: ‘open(g_path_get_dirname(g_file_get_path(g_file_new_for_uri(uri))), 2621440)’ leaks here; was opened at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4) # 91| # 92| if (flags & XDP_DOCUMENT_FLAG_FOR_SAVE) # 93|-> fd = open (dirname, O_PATH | O_CLOEXEC); # 94| else # 95| fd = open (path, O_PATH | O_CLOEXEC); Error: GCC_ANALYZER_WARNING (CWE-775): [#def18] xdg-desktop-portal-1.20.0/redhat-linux-build/../src/xdp-documents.c:95:10: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(g_file_get_path(g_file_new_for_uri(uri)), 2621440)’ xdg-desktop-portal-1.20.0/redhat-linux-build/../src/xdp-documents.c:85:3: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.0/redhat-linux-build/../src/xdp-documents.c:92:6: branch_false: following ‘false’ branch... xdg-desktop-portal-1.20.0/redhat-linux-build/../src/xdp-documents.c:95:10: branch_false: ...to here xdg-desktop-portal-1.20.0/redhat-linux-build/../src/xdp-documents.c:95:10: acquire_resource: opened here xdg-desktop-portal-1.20.0/redhat-linux-build/../src/xdp-documents.c:95:10: danger: ‘open(g_file_get_path(g_file_new_for_uri(uri)), 2621440)’ leaks here; was opened at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4) # 93| fd = open (dirname, O_PATH | O_CLOEXEC); # 94| else # 95|-> fd = open (path, O_PATH | O_CLOEXEC); # 96| # 97| if (fd == -1)
| analyzer-version-clippy | 1.86.0 |
| analyzer-version-cppcheck | 2.17.1 |
| analyzer-version-gcc | 15.0.1 |
| analyzer-version-gcc-analyzer | 15.0.1 |
| analyzer-version-shellcheck | 0.10.0 |
| analyzer-version-unicontrol | 0.0.2 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-186.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250425.124705.g1c7c448.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | xdg-desktop-portal-1.20.0-1.fc43 |
| store-results-to | /tmp/tmpv6wz4jo5/xdg-desktop-portal-1.20.0-1.fc43.tar.xz |
| time-created | 2025-04-25 16:01:42 |
| time-finished | 2025-04-25 16:04:07 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'unicontrol,cppcheck,gcc,clippy,shellcheck' '-o' '/tmp/tmpv6wz4jo5/xdg-desktop-portal-1.20.0-1.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpv6wz4jo5/xdg-desktop-portal-1.20.0-1.fc43.src.rpm' |
| tool-version | csmock-3.8.1.20250422.172604.g26bc3d6-1.el9 |