audit-4.1.2-2.fc44

List of Findings

Error: GCC_ANALYZER_WARNING (CWE-775): [#def1]
audit-userspace-4.1.2/audisp/audispd-pconfig.c:197:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open(&fname, 0)'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:143:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:186:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:188:14: acquire_resource: opened here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:190:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:197:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:197:9: throw: if 'close' throws an exception...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:197:9: danger: 'open(&fname, 0)' leaks here; was opened at [(11)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/10)
#  195|   	}
#  196|   
#  197|-> 	close(fd);
#  198|   	fd = rc;
#  199|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def2]
audit-userspace-4.1.2/audisp/audispd-pconfig.c:218:33: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:130:5: enter_function: entry to 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:143:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:186:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:190:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:197:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:201:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: call_function: calling 'get_line' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: return_function: returning to 'load_pconfig' from 'get_line'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: call_function: calling 'nv_split' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: return_function: returning to 'load_pconfig' from 'nv_split'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:218:33: throw: if 'audit_msg' throws an exception...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:218:33: danger: 'f' leaks here; was allocated at [(14)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/13)
#  216|   				break;
#  217|   			case 1: // not the right number of tokens.
#  218|-> 				audit_msg(LOG_ERR,
#  219|   				"Wrong number of arguments for line %d in %s",
#  220|   					lineno, file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def3]
audit-userspace-4.1.2/audisp/audispd-pconfig.c:223:33: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:130:5: enter_function: entry to 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:143:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:186:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:190:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:197:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:201:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: call_function: calling 'get_line' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: return_function: returning to 'load_pconfig' from 'get_line'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: call_function: calling 'nv_split' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: return_function: returning to 'load_pconfig' from 'nv_split'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:223:33: throw: if 'audit_msg' throws an exception...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:223:33: danger: 'f' leaks here; was allocated at [(14)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/13)
#  221|   				break;
#  222|   			case 2: // no '=' sign
#  223|-> 				audit_msg(LOG_ERR,
#  224|   					"Missing equal sign for line %d in %s",
#  225|   					lineno, file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def4]
audit-userspace-4.1.2/audisp/audispd-pconfig.c:239:32: warning[-Wanalyzer-malloc-leak]: leak of 'nv.values'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:130:5: enter_function: entry to 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:143:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:186:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:190:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:197:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: call_function: calling 'get_line' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: return_function: returning to 'load_pconfig' from 'get_line'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: call_function: calling 'nv_split' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: return_function: returning to 'load_pconfig' from 'nv_split'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:233:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:237:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:237:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: call_function: calling 'kw_lookup' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: return_function: returning to 'load_pconfig' from 'kw_lookup'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:239:32: danger: 'nv.values' leaks here; was allocated at [(40)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/39)
#  237|   		if (nv.values == NULL) {
#  238|   			fclose(f);
#  239|-> 			return 1;
#  240|   		}
#  241|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def5]
audit-userspace-4.1.2/audisp/audispd-pconfig.c:245:25: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:130:5: enter_function: entry to 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:143:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:186:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:190:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:197:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:201:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: call_function: calling 'get_line' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: return_function: returning to 'load_pconfig' from 'get_line'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: call_function: calling 'nv_split' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: return_function: returning to 'load_pconfig' from 'nv_split'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:233:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:237:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:237:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: call_function: calling 'kw_lookup' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: return_function: returning to 'load_pconfig' from 'kw_lookup'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:244:20: branch_true: following 'true' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:245:25: branch_true: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:245:25: throw: if 'audit_msg' throws an exception...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:245:25: danger: 'f' leaks here; was allocated at [(14)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/13)
#  243|   		kw = kw_lookup(nv.name);
#  244|   		if (kw->name == NULL) {
#  245|-> 			audit_msg(LOG_ERR,
#  246|   				"Unknown keyword \"%s\" in line %d of %s",
#  247|   				nv.name, lineno, file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def6]
audit-userspace-4.1.2/audisp/audispd-pconfig.c:245:25: warning[-Wanalyzer-malloc-leak]: leak of 'nv.values'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:130:5: enter_function: entry to 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:143:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:186:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:190:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:197:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: call_function: calling 'get_line' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: return_function: returning to 'load_pconfig' from 'get_line'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: call_function: calling 'nv_split' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: return_function: returning to 'load_pconfig' from 'nv_split'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:233:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:237:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:237:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: call_function: calling 'kw_lookup' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: return_function: returning to 'load_pconfig' from 'kw_lookup'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:244:20: branch_true: following 'true' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:245:25: branch_true: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:245:25: throw: if 'audit_msg' throws an exception...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:245:25: danger: 'nv.values' leaks here; was allocated at [(40)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/39)
#  243|   		kw = kw_lookup(nv.name);
#  244|   		if (kw->name == NULL) {
#  245|-> 			audit_msg(LOG_ERR,
#  246|   				"Unknown keyword \"%s\" in line %d of %s",
#  247|   				nv.name, lineno, file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def7]
audit-userspace-4.1.2/audisp/audispd-pconfig.c:257:25: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:130:5: enter_function: entry to 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:143:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:186:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:190:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:197:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:201:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: call_function: calling 'get_line' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: return_function: returning to 'load_pconfig' from 'get_line'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: call_function: calling 'nv_split' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: return_function: returning to 'load_pconfig' from 'nv_split'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:233:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:237:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:237:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: call_function: calling 'kw_lookup' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: return_function: returning to 'load_pconfig' from 'kw_lookup'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:244:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:255:38: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:256:20: branch_true: following 'true' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:257:25: throw: if 'audit_msg' throws an exception...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:257:25: danger: 'f' leaks here; was allocated at [(14)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/13)
#  255|   		const int noptions = nv.nvalues - 1;
#  256|   		if (kw->max_options != -1 && kw->max_options < noptions) {
#  257|-> 			audit_msg(LOG_ERR,
#  258|   				"Keyword \"%s\" has invalid options "
#  259|   				"in line %d of %s",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def8]
audit-userspace-4.1.2/audisp/audispd-pconfig.c:257:25: warning[-Wanalyzer-malloc-leak]: leak of 'nv.values'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:130:5: enter_function: entry to 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:143:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:186:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:190:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:197:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: call_function: calling 'get_line' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: return_function: returning to 'load_pconfig' from 'get_line'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: call_function: calling 'nv_split' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: return_function: returning to 'load_pconfig' from 'nv_split'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:233:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:237:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:237:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: call_function: calling 'kw_lookup' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: return_function: returning to 'load_pconfig' from 'kw_lookup'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:244:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:255:38: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:256:20: branch_true: following 'true' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:257:25: throw: if 'audit_msg' throws an exception...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:257:25: danger: 'nv.values' leaks here; was allocated at [(40)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/39)
#  255|   		const int noptions = nv.nvalues - 1;
#  256|   		if (kw->max_options != -1 && kw->max_options < noptions) {
#  257|-> 			audit_msg(LOG_ERR,
#  258|   				"Keyword \"%s\" has invalid options "
#  259|   				"in line %d of %s",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def9]
audit-userspace-4.1.2/audisp/audispd-pconfig.c:266:22: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:130:5: enter_function: entry to 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:143:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:186:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:190:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:197:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:201:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: call_function: calling 'get_line' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: return_function: returning to 'load_pconfig' from 'get_line'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: call_function: calling 'nv_split' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: return_function: returning to 'load_pconfig' from 'nv_split'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:233:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:237:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:237:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: call_function: calling 'kw_lookup' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: return_function: returning to 'load_pconfig' from 'kw_lookup'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:244:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:255:38: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:256:21: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:266:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:266:22: throw: if the called function throws an exception...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:266:22: danger: 'f' leaks here; was allocated at [(14)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/13)
#  264|   
#  265|   		/* dispatch to keyword's local parser */
#  266|-> 		rc = kw->parser(&nv, lineno, config);
#  267|   		if (rc != 0) {
#  268|   			fclose(f);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def10]
audit-userspace-4.1.2/audisp/audispd-pconfig.c:266:22: warning[-Wanalyzer-malloc-leak]: leak of 'nv.values'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:130:5: enter_function: entry to 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:143:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:186:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:190:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:197:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: call_function: calling 'get_line' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: return_function: returning to 'load_pconfig' from 'get_line'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: call_function: calling 'nv_split' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: return_function: returning to 'load_pconfig' from 'nv_split'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:233:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:237:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:237:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: call_function: calling 'kw_lookup' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: return_function: returning to 'load_pconfig' from 'kw_lookup'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:244:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:255:38: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:256:21: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:266:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:266:22: throw: if the called function throws an exception...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:266:22: danger: 'nv.values' leaks here; was allocated at [(40)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/39)
#  264|   
#  265|   		/* dispatch to keyword's local parser */
#  266|-> 		rc = kw->parser(&nv, lineno, config);
#  267|   		if (rc != 0) {
#  268|   			fclose(f);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def11]
audit-userspace-4.1.2/audisp/audispd-pconfig.c:302:33: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:130:5: enter_function: entry to 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:143:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:186:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:190:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:197:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:201:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: call_function: calling 'get_line' from 'load_pconfig'
#  300|   			// Only output 1 warning
#  301|   			if (!too_long)
#  302|-> 				audit_msg(LOG_ERR,
#  303|   					"Skipping line %d in %s: too long",
#  304|   					*lineno, file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def12]
audit-userspace-4.1.2/audisp/audispd-pconfig.c:340:17: warning[-Wanalyzer-malloc-leak]: leak of 'nv.values'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:130:5: enter_function: entry to 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:143:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:186:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:190:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:197:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: call_function: calling 'get_line' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: return_function: returning to 'load_pconfig' from 'get_line'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: call_function: calling 'nv_split' from 'load_pconfig'
#  338|   	/* get the value part */
#  339|   	while ((ptr = strtok_r(NULL, " ", &saved)) != NULL) {
#  340|-> 		nv->values = realloc(nv->values, (nv->nvalues + 1) * sizeof(char *));
#  341|   		if (nv->values == NULL) {
#  342|   			return 1;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def13]
audit-userspace-4.1.2/audisp/audispd-pconfig.c:454:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL '*config.args'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:450:24: acquire_memory: this call could return NULL
audit-userspace-4.1.2/audisp/audispd-pconfig.c:453:25: branch_true: following 'true' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:454:42: branch_true: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:454:17: danger: '*config.args + (long unsigned int)i * 8' could be NULL: unchecked value from [(1)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/0)
#  452|   
#  453|   	for (int i = 0; i < nv->nvalues; i++) {
#  454|-> 		config->args[i] = strdup(nv->values[nv->nvalues - i - 1]);
#  455|   	}
#  456|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def14]
audit-userspace-4.1.2/audisp/audispd.c:443:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'dup2(*conf.plug_pipe[0], 0)'
audit-userspace-4.1.2/audisp/audispd.c:427:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd.c:430:15: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd.c:431:12: branch_false: following 'false' branch (when 'pid <= 0')...
audit-userspace-4.1.2/audisp/audispd.c:435:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd.c:435:12: branch_false: following 'false' branch (when 'pid == 0')...
audit-userspace-4.1.2/audisp/audispd.c:443:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd.c:443:13: acquire_resource: opened here
audit-userspace-4.1.2/audisp/audispd.c:443:12: danger: 'dup2(*conf.plug_pipe[0], 0)' leaks here; was opened at [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6)
#  441|   
#  442|   	/* Set up comm with child. It reads stdin so put the pipe there. */
#  443|-> 	if (dup2(conf->plug_pipe[0], 0) < 0) {
#  444|   		close(conf->plug_pipe[0]);
#  445|   		close(conf->plug_pipe[1]);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def15]
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:136:54: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen("/run/audit/af_unix.state", "w")’
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:128:19: acquire_resource: opened here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:130:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:133:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:137:9: throw: if ‘q_queue_length’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:136:54: danger: ‘fopen("/run/audit/af_unix.state", "w")’ leaks here; was opened at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  134|   	strftime(buf, sizeof(buf), "%x %X", localtime(&now));
#  135|   	fprintf(f, "current time = %s\n", buf);
#  136|-> 	fprintf(f, "client_connected = %s\n", client ? "yes" : "no");
#  137|   	fprintf(f, "queue_length = %zu\n", q_queue_length(queue));
#  138|   	fprintf(f, "max_queue_length = %zu\n", q_max_queue_length(queue));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def16]
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:136:54: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen("/run/audit/af_unix.state", "w")’
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:128:19: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:130:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:133:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:137:9: throw: if ‘q_queue_length’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:136:54: danger: ‘fopen("/run/audit/af_unix.state", "w")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  134|   	strftime(buf, sizeof(buf), "%x %X", localtime(&now));
#  135|   	fprintf(f, "current time = %s\n", buf);
#  136|-> 	fprintf(f, "client_connected = %s\n", client ? "yes" : "no");
#  137|   	fprintf(f, "queue_length = %zu\n", q_queue_length(queue));
#  138|   	fprintf(f, "max_queue_length = %zu\n", q_max_queue_length(queue));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def17]
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:230:41: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(base)’
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:195:25: branch_true: following ‘true’ branch (when ‘i < argc’)...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:196:33: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:218:27: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:221:25: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:224:28: branch_true: following ‘true’ branch (when ‘base’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:226:45: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:228:37: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:229:36: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:230:41: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:230:41: danger: ‘opendir(base)’ leaks here; was allocated at [(9)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/8)
#  228|   				d = opendir(base);
#  229|   				if (d) {
#  230|-> 					closedir(d);
#  231|   					free(dir);
#  232|   				} else {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def18]
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:446:45: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:373:6: enter_function: entry to ‘read_audit_record’
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:409:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:414:23: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:414:23: call_function: calling ‘read_binary_record’ from ‘read_audit_record’
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:414:23: return_function: returning to ‘read_audit_record’ from ‘read_binary_record’
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:415:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:421:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:421:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:422:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:439:35: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:439:35: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:440:60: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:441:45: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:442:36: branch_true: following ‘true’ branch (when ‘buf’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:443:41: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:446:45: throw: if ‘q_append’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:446:45: danger: ‘buf’ leaks here; was allocated at [(17)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/16)
#  444|   					memcpy(buf + sizeof(*hdr), data,
#  445|   					       hdr->size);
#  446|-> 					if (q_append(queue, buf, total) != 0) {
#  447|   						if (failed_append < 5)
#  448|   							syslog(LOG_ERR,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def19]
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:448:57: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:373:6: enter_function: entry to ‘read_audit_record’
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:409:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:414:23: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:414:23: call_function: calling ‘read_binary_record’ from ‘read_audit_record’
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:414:23: return_function: returning to ‘read_audit_record’ from ‘read_binary_record’
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:415:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:421:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:421:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:422:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:439:35: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:439:35: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:440:60: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:441:45: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:442:36: branch_true: following ‘true’ branch (when ‘buf’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:443:41: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:446:44: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:447:53: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:447:52: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:450:69: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:448:57: throw: if ‘syslog’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:448:57: danger: ‘buf’ leaks here; was allocated at [(17)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/16)
#  446|   					if (q_append(queue, buf, total) != 0) {
#  447|   						if (failed_append < 5)
#  448|-> 							syslog(LOG_ERR,
#  449|   				  "Dropping event - queue append failed (%s)",
#  450|   							   strerror(errno));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def20]
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:484:61: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:409:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:409:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:462:28: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:463:37: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:463:36: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:470:51: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:473:49: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:478:61: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:479:52: branch_true: following ‘true’ branch (when ‘buf’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:480:57: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:484:61: throw: if ‘q_append’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:484:61: danger: ‘buf’ leaks here; was allocated at [(9)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/8)
#  482|   							memcpy(buf+sizeof(hdr),
#  483|   							       rx_buf, len);
#  484|-> 							if (q_append(queue, buf,
#  485|   								    total) != 0)
#  486|   								syslog(LOG_ERR,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def21]
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:486:65: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:409:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:409:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:462:28: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:463:37: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:463:36: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:470:51: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:473:49: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:478:61: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:479:52: branch_true: following ‘true’ branch (when ‘buf’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:480:57: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:484:60: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:488:73: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:486:65: throw: if ‘syslog’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:486:65: danger: ‘buf’ leaks here; was allocated at [(9)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/8)
#  484|   							if (q_append(queue, buf,
#  485|   								    total) != 0)
#  486|-> 								syslog(LOG_ERR,
#  487|   						     "Queue append failed (%s)",
#  488|   							       strerror(errno));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def22]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:222:33: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:323:12: enter_function: entry to ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:334:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:368:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:368:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: call_function: calling ‘get_line’ from ‘load_rules’
#  220|   			// Only output 1 warning
#  221|   			if (!too_long)
#  222|-> 				syslog(LOG_WARNING,
#  223|   				       "Skipping line %d in %s: too long",
#  224|   				       *lineno, file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def23]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:19: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:323:12: enter_function: entry to ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:334:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:368:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:368:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: call_function: calling ‘get_line’ from ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: return_function: returning to ‘load_rules’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:375:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:377:29: call_function: calling ‘parse_line’ from ‘load_rules’
#  278|   	/* dummy instance of the audit parsing library, we use it to
#  279|   	validate search expressions that will be added to the filter engine */
#  280|-> 	if ((au = auparse_init(AUSOURCE_BUFFER_ARRAY, buf)) == NULL) {
#  281|   		syslog(LOG_ERR, "The auparse_init failed");
#  282|   		return NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def24]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:281:17: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:323:12: enter_function: entry to ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:334:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:368:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:368:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: call_function: calling ‘get_line’ from ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: return_function: returning to ‘load_rules’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:375:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:377:29: call_function: calling ‘parse_line’ from ‘load_rules’
#  279|   	validate search expressions that will be added to the filter engine */
#  280|   	if ((au = auparse_init(AUSOURCE_BUFFER_ARRAY, buf)) == NULL) {
#  281|-> 		syslog(LOG_ERR, "The auparse_init failed");
#  282|   		return NULL;
#  283|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def25]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:286:16: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(4, &buf)’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:19: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:290:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:291:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:286:16: danger: ‘auparse_init(4, &buf)’ leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
#  284|   
#  285|   	// Skip whitespace
#  286|-> 	while (*line == ' ')
#  287|   		line++;
#  288|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def26]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:291:17: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:323:12: enter_function: entry to ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:334:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:368:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:368:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: call_function: calling ‘get_line’ from ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: return_function: returning to ‘load_rules’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:375:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:377:29: call_function: calling ‘parse_line’ from ‘load_rules’
#  289|   	// Empty line or it's a comment
#  290|   	if (!*line || *line == '#') {
#  291|-> 		auparse_destroy(au);
#  292|   		return NULL;
#  293|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def27]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:296:17: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:323:12: enter_function: entry to ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:334:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:368:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:368:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: call_function: calling ‘get_line’ from ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: return_function: returning to ‘load_rules’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:375:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:377:29: call_function: calling ‘parse_line’ from ‘load_rules’
#  294|   
#  295|   	if ((rule = malloc(sizeof(struct filter_rule))) == NULL) {
#  296|-> 		auparse_destroy(au);
#  297|   		return NULL;
#  298|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def28]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:303:17: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:323:12: enter_function: entry to ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:334:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:368:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:368:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: call_function: calling ‘get_line’ from ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: return_function: returning to ‘load_rules’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:375:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:377:29: call_function: calling ‘parse_line’ from ‘load_rules’
#  301|   
#  302|   	if ((rule->expr = strdup(line)) == NULL) {
#  303|-> 		auparse_destroy(au);
#  304|   		free(rule);
#  305|   		return NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def29]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:303:17: warning[-Wanalyzer-malloc-leak]: leak of ‘rule’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:290:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:21: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:12: branch_false: following ‘false’ branch (when ‘rule’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:299:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:302:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:303:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:303:17: throw: if ‘auparse_destroy’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:303:17: danger: ‘rule’ leaks here; was allocated at [(5)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/4)
#  301|   
#  302|   	if ((rule->expr = strdup(line)) == NULL) {
#  303|-> 		auparse_destroy(au);
#  304|   		free(rule);
#  305|   		return NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def30]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:13: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:323:12: enter_function: entry to ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:334:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:368:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:368:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: call_function: calling ‘get_line’ from ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: return_function: returning to ‘load_rules’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:375:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:377:29: call_function: calling ‘parse_line’ from ‘load_rules’
#  306|   	}
#  307|   
#  308|-> 	if (ausearch_add_expression(au, rule->expr, &error, AUSEARCH_RULE_OR) != 0) {
#  309|   		syslog(LOG_ERR, "Invalid expression: %s (%s)", rule->expr, error);
#  310|   		free_rule(rule);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def31]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:13: warning[-Wanalyzer-malloc-leak]: leak of ‘rule’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:290:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:21: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:12: branch_false: following ‘false’ branch (when ‘rule’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:299:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:302:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:13: throw: if ‘ausearch_add_expression’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:13: danger: ‘rule’ leaks here; was allocated at [(5)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/4)
#  306|   	}
#  307|   
#  308|-> 	if (ausearch_add_expression(au, rule->expr, &error, AUSEARCH_RULE_OR) != 0) {
#  309|   		syslog(LOG_ERR, "Invalid expression: %s (%s)", rule->expr, error);
#  310|   		free_rule(rule);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def32]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:13: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(line)’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:290:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:12: branch_false: following ‘false’ branch (when ‘rule’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:299:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:302:27: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:302:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:13: throw: if ‘ausearch_add_expression’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:13: danger: ‘strdup(line)’ leaks here; was allocated at [(7)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/6)
#  306|   	}
#  307|   
#  308|-> 	if (ausearch_add_expression(au, rule->expr, &error, AUSEARCH_RULE_OR) != 0) {
#  309|   		syslog(LOG_ERR, "Invalid expression: %s (%s)", rule->expr, error);
#  310|   		free_rule(rule);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def33]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:309:17: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:323:12: enter_function: entry to ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:334:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:368:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:368:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: call_function: calling ‘get_line’ from ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: return_function: returning to ‘load_rules’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:375:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:377:29: call_function: calling ‘parse_line’ from ‘load_rules’
#  307|   
#  308|   	if (ausearch_add_expression(au, rule->expr, &error, AUSEARCH_RULE_OR) != 0) {
#  309|-> 		syslog(LOG_ERR, "Invalid expression: %s (%s)", rule->expr, error);
#  310|   		free_rule(rule);
#  311|   		free(rule);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def34]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:309:17: warning[-Wanalyzer-malloc-leak]: leak of ‘rule’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:290:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:21: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:12: branch_false: following ‘false’ branch (when ‘rule’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:299:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:302:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:309:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:309:17: throw: if ‘syslog’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:309:17: danger: ‘rule’ leaks here; was allocated at [(5)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/4)
#  307|   
#  308|   	if (ausearch_add_expression(au, rule->expr, &error, AUSEARCH_RULE_OR) != 0) {
#  309|-> 		syslog(LOG_ERR, "Invalid expression: %s (%s)", rule->expr, error);
#  310|   		free_rule(rule);
#  311|   		free(rule);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def35]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:309:17: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(line)’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:290:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:12: branch_false: following ‘false’ branch (when ‘rule’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:299:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:302:27: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:302:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:309:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:309:17: throw: if ‘syslog’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:309:17: danger: ‘strdup(line)’ leaks here; was allocated at [(7)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/6)
#  307|   
#  308|   	if (ausearch_add_expression(au, rule->expr, &error, AUSEARCH_RULE_OR) != 0) {
#  309|-> 		syslog(LOG_ERR, "Invalid expression: %s (%s)", rule->expr, error);
#  310|   		free_rule(rule);
#  311|   		free(rule);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def36]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:316:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:290:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:12: branch_false: following ‘false’ branch (when ‘rule’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:299:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:302:27: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:302:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:316:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:316:9: throw: if ‘auparse_destroy’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:316:9: danger: ‘<unknown>’ leaks here; was allocated at [(7)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/6)
#  314|   	}
#  315|   
#  316|-> 	auparse_destroy(au);
#  317|   	return rule;
#  318|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def37]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:316:9: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:323:12: enter_function: entry to ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:334:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:368:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:368:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: call_function: calling ‘get_line’ from ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: return_function: returning to ‘load_rules’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:375:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:377:29: call_function: calling ‘parse_line’ from ‘load_rules’
#  314|   	}
#  315|   
#  316|-> 	auparse_destroy(au);
#  317|   	return rule;
#  318|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def38]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:316:9: warning[-Wanalyzer-malloc-leak]: leak of ‘rule’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:290:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:21: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:12: branch_false: following ‘false’ branch (when ‘rule’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:299:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:302:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:316:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:316:9: throw: if ‘auparse_destroy’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:316:9: danger: ‘rule’ leaks here; was allocated at [(5)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/4)
#  314|   	}
#  315|   
#  316|-> 	auparse_destroy(au);
#  317|   	return rule;
#  318|   }

Error: GCC_ANALYZER_WARNING (CWE-688): [#def39]
audit-userspace-4.1.2/audisp/plugins/remote/audisp-remote.c:966:17: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘config.krb5_principal’ where non-null expected
audit-userspace-4.1.2/audisp/plugins/remote/audisp-remote.c:1712:12: enter_function: entry to ‘relay_sock’
audit-userspace-4.1.2/audisp/plugins/remote/audisp-remote.c:1722:30: call_function: calling ‘relay_sock_ascii’ from ‘relay_sock’
#  964|   		config.krb5_principal = (char *) malloc (strlen (name) + 1
#  965|   					+ strlen (config.remote_server) + 1);
#  966|-> 		sprintf((char *)config.krb5_principal, "%s@%s",
#  967|   			name, config.remote_server);
#  968|   	}

Error: COMPILER_WARNING (CWE-704): [#def40]
audit-userspace-4.1.2/audisp/plugins/remote/audisp-remote.c: scope_hint: In function ‘negotiate_credentials’
audit-userspace-4.1.2/audisp/plugins/remote/audisp-remote.c:969:18: warning[-Wdiscarded-qualifiers]: assignment discards ‘const’ qualifier from pointer target type
#  969 |         slashptr = strchr (config.krb5_principal, '/');
#      |                  ^
#  967|   			name, config.remote_server);
#  968|   	}
#  969|-> 	slashptr = strchr (config.krb5_principal, '/');
#  970|   	if (slashptr)
#  971|   		*slashptr = '@';

Error: COMPILER_WARNING (CWE-704): [#def41]
audit-userspace-4.1.2/audisp/plugins/remote/audisp-remote.c:969:18: warning[-Wdiscarded-qualifiers]: assignment discards ‘const’ qualifier from pointer target type
#  967|   			name, config.remote_server);
#  968|   	}
#  969|-> 	slashptr = strchr (config.krb5_principal, '/');
#  970|   	if (slashptr)
#  971|   		*slashptr = '@';

Error: GCC_ANALYZER_WARNING (CWE-775): [#def42]
audit-userspace-4.1.2/audisp/plugins/remote/audisp-remote.c:1176:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘socket(*runp.ai_family, *runp.ai_socktype, *runp.ai_protocol)’
audit-userspace-4.1.2/audisp/plugins/remote/audisp-remote.c:1712:12: enter_function: entry to ‘relay_sock’
audit-userspace-4.1.2/audisp/plugins/remote/audisp-remote.c:1722:30: call_function: calling ‘relay_sock_ascii’ from ‘relay_sock’
# 1174|   		if (sock >= 0)
# 1175|   			close(sock);
# 1176|-> 		sock = socket(runp->ai_family, runp->ai_socktype,
# 1177|   					runp->ai_protocol);
# 1178|   		if (sock < 0) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def43]
audit-userspace-4.1.2/audisp/plugins/remote/audisp-remote.c:1384:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘utok.value’
audit-userspace-4.1.2/audisp/plugins/remote/audisp-remote.c:1712:12: enter_function: entry to ‘relay_sock’
audit-userspace-4.1.2/audisp/plugins/remote/audisp-remote.c:1719:30: call_function: calling ‘relay_sock_managed’ from ‘relay_sock’
# 1382|   	utok.value = malloc (utok.length);
# 1383|   
# 1384|-> 	memcpy (utok.value, header, AUDIT_RMW_HEADER_SIZE);
# 1385|   
# 1386|   	if (msg != NULL && mlen > 0)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def44]
audit-userspace-4.1.2/audisp/plugins/remote/audisp-remote.c:1389:24: warning[-Wanalyzer-malloc-leak]: leak of ‘utok.value’
audit-userspace-4.1.2/audisp/plugins/remote/audisp-remote.c:1712:12: enter_function: entry to ‘relay_sock’
audit-userspace-4.1.2/audisp/plugins/remote/audisp-remote.c:1719:30: call_function: calling ‘relay_sock_managed’ from ‘relay_sock’
# 1387|   		memcpy (utok.value+AUDIT_RMW_HEADER_SIZE, msg, mlen);
# 1388|   
# 1389|-> 	major_status = gss_wrap (&minor_status,
# 1390|   				 my_context,
# 1391|   				 1,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def45]
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:100:23: warning[-Wanalyzer-malloc-leak]: leak of ‘copy’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:338:12: enter_function: entry to ‘q_append_no_sync_fh_state’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:343:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:348:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:349:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:354:24: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:355:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:356:30: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:356:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:360:24: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:360:24: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:361:20: branch_false: following ‘false’ branch (when ‘copy’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:363:17: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:367:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:370:26: call_function: inlined call to ‘entry_offset’ from ‘q_append_no_sync_fh_state’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:371:21: call_function: calling ‘full_pwrite’ from ‘q_append_no_sync_fh_state’
#   98|   		else
#   99|   			run = size;
#  100|-> 		res = pwrite(fd, buf, run, offset);
#  101|   		if (res < 0)
#  102|   			return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def46]
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:100:23: warning[-Wanalyzer-malloc-leak]: leak of ‘q’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:263:22: enter_function: entry to ‘q_open_no_resize’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:288:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:289:12: branch_false: following ‘false’ branch (when ‘q’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:291:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:299:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:43: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:43: call_function: calling ‘q_open_file’ from ‘q_open_no_resize’
#   98|   		else
#   99|   			run = size;
#  100|-> 		res = pwrite(fd, buf, run, offset);
#  101|   		if (res < 0)
#  102|   			return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def47]
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:156:16: warning[-Wanalyzer-malloc-leak]: leak of ‘q’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:263:22: enter_function: entry to ‘q_open_no_resize’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:288:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:289:12: branch_false: following ‘false’ branch (when ‘q’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:291:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:299:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:43: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:43: call_function: calling ‘q_open_file’ from ‘q_open_no_resize’
#  154|   	if ((q->flags & Q_SYNC) == 0)
#  155|   		return 0;
#  156|-> 	return fdatasync(q->fd);
#  157|   }
#  158|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def48]
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:191:17: warning[-Wanalyzer-malloc-leak]: leak of ‘q’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:263:22: enter_function: entry to ‘q_open_no_resize’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:288:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:289:12: branch_false: following ‘false’ branch (when ‘q’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:291:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:299:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:43: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:43: call_function: calling ‘q_open_file’ from ‘q_open_no_resize’
#  189|   	if ((q->flags & Q_EXCL) != 0)
#  190|   		open_flags |= O_EXCL;
#  191|-> 	q->fd = open(path, open_flags, S_IRUSR | S_IWUSR);
#  192|   	if (q->fd == -1)
#  193|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def49]
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:195:20: warning[-Wanalyzer-malloc-leak]: leak of ‘q’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:263:22: enter_function: entry to ‘q_open_no_resize’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:288:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:289:12: branch_false: following ‘false’ branch (when ‘q’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:291:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:299:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:43: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:43: call_function: calling ‘q_open_file’ from ‘q_open_no_resize’
#  193|   		return -1;
#  194|   
#  195|-> 	fd_flags = fcntl(q->fd, F_GETFD);
#  196|   	if (fd_flags < 0)
#  197|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def50]
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:198:13: warning[-Wanalyzer-malloc-leak]: leak of ‘q’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:263:22: enter_function: entry to ‘q_open_no_resize’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:288:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:289:12: branch_false: following ‘false’ branch (when ‘q’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:291:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:299:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:43: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:43: call_function: calling ‘q_open_file’ from ‘q_open_no_resize’
#  196|   	if (fd_flags < 0)
#  197|   		return -1;
#  198|-> 	if (fcntl(q->fd, F_SETFD, fd_flags | FD_CLOEXEC) == -1)
#  199|   		return -1;
#  200|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def51]
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:205:13: warning[-Wanalyzer-malloc-leak]: leak of ‘q’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:263:22: enter_function: entry to ‘q_open_no_resize’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:288:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:289:12: branch_false: following ‘false’ branch (when ‘q’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:291:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:299:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:43: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:43: call_function: calling ‘q_open_file’ from ‘q_open_no_resize’
#  203|   	   open() above has initialized the file offset to 0, so the lockf()
#  204|   	   below affects the whole file. */
#  205|-> 	if (lockf(q->fd, F_TLOCK, 0) != 0) {
#  206|   		if (errno == EACCES || errno == EAGAIN)
#  207|   			errno = EBUSY; /* This makes more sense... */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def52]
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:227:21: warning[-Wanalyzer-malloc-leak]: leak of ‘q’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:263:22: enter_function: entry to ‘q_open_no_resize’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:288:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:289:12: branch_false: following ‘false’ branch (when ‘q’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:291:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:299:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:43: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:43: call_function: calling ‘q_open_file’ from ‘q_open_no_resize’
#  225|   			return -1;
#  226|   #ifdef HAVE_POSIX_FALLOCATE
#  227|-> 		if (posix_fallocate(q->fd, 0,
#  228|   				    (q->num_entries + 1) * q->entry_size) != 0)
#  229|   			return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def53]
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:304:33: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:234:5: enter_function: entry to ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:246:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:261:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:261:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:267:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:267:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:273:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:273:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:279:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:279:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:287:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:287:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:288:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:288:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:295:16: call_function: calling ‘get_line’ from ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:295:16: return_function: returning to ‘load_config’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:295:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:299:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:299:22: call_function: calling ‘nv_split’ from ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:299:22: return_function: returning to ‘load_config’ from ‘nv_split’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:304:33: throw: if ‘syslog’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:304:33: danger: ‘f’ leaks here; was allocated at [(12)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/11)
#  302|   				break;
#  303|   			case 1: // not the right number of tokens.
#  304|-> 				syslog(LOG_ERR, 
#  305|   				"Wrong number of arguments for line %d in %s", 
#  306|   					lineno, file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def54]
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:309:33: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:234:5: enter_function: entry to ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:246:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:261:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:261:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:267:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:267:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:273:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:273:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:279:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:279:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:287:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:287:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:288:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:288:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:295:16: call_function: calling ‘get_line’ from ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:295:16: return_function: returning to ‘load_config’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:295:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:299:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:299:22: call_function: calling ‘nv_split’ from ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:299:22: return_function: returning to ‘load_config’ from ‘nv_split’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:309:33: throw: if ‘syslog’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:309:33: danger: ‘f’ leaks here; was allocated at [(12)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/11)
#  307|   				break;
#  308|   			case 2: // no '=' sign
#  309|-> 				syslog(LOG_ERR, 
#  310|   					"Missing equal sign for line %d in %s", 
#  311|   					lineno, file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def55]
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:331:25: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:234:5: enter_function: entry to ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:246:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:261:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:261:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:267:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:267:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:273:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:273:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:279:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:279:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:287:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:287:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:288:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:288:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:295:16: call_function: calling ‘get_line’ from ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:295:16: return_function: returning to ‘load_config’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:295:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:299:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:299:22: call_function: calling ‘nv_split’ from ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:299:22: return_function: returning to ‘load_config’ from ‘nv_split’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:319:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:323:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:323:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:329:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:329:22: call_function: calling ‘kw_lookup’ from ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:329:22: return_function: returning to ‘load_config’ from ‘kw_lookup’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:330:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:331:25: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:331:25: throw: if ‘syslog’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:331:25: danger: ‘f’ leaks here; was allocated at [(12)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/11)
#  329|   		kw = kw_lookup(nv.name);
#  330|   		if (kw->name == NULL) {
#  331|-> 			syslog(LOG_ERR, 
#  332|   				"Unknown keyword \"%s\" in line %d of %s", 
#  333|   				nv.name, lineno, file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def56]
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:340:25: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:234:5: enter_function: entry to ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:246:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:261:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:261:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:267:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:267:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:273:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:273:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:279:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:279:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:287:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:287:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:288:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:288:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:295:16: call_function: calling ‘get_line’ from ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:295:16: return_function: returning to ‘load_config’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:295:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:299:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:299:22: call_function: calling ‘nv_split’ from ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:299:22: return_function: returning to ‘load_config’ from ‘nv_split’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:319:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:323:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:323:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:329:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:329:22: call_function: calling ‘kw_lookup’ from ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:329:22: return_function: returning to ‘load_config’ from ‘kw_lookup’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:330:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:339:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:339:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:340:25: throw: if ‘syslog’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:340:25: danger: ‘f’ leaks here; was allocated at [(12)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/11)
#  338|   		/* Check number of options */
#  339|   		if (kw->max_options == 0 && nv.option != NULL) {
#  340|-> 			syslog(LOG_ERR, 
#  341|   				"Keyword \"%s\" has invalid option "
#  342|   				"\"%s\" in line %d of %s", 

Error: GCC_ANALYZER_WARNING (CWE-401): [#def57]
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:349:22: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:234:5: enter_function: entry to ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:246:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:261:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:261:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:267:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:267:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:273:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:273:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:279:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:279:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:287:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:287:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:288:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:288:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:295:16: call_function: calling ‘get_line’ from ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:295:16: return_function: returning to ‘load_config’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:295:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:299:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:299:22: call_function: calling ‘nv_split’ from ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:299:22: return_function: returning to ‘load_config’ from ‘nv_split’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:319:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:323:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:323:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:329:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:329:22: call_function: calling ‘kw_lookup’ from ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:329:22: return_function: returning to ‘load_config’ from ‘kw_lookup’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:330:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:339:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:339:21: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:349:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:349:22: throw: if the called function throws an exception...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:349:22: danger: ‘f’ leaks here; was allocated at [(12)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/11)
#  347|   
#  348|   		/* dispatch to keyword's local parser */
#  349|-> 		rc = kw->parser(&nv, lineno, config);
#  350|   		if (rc != 0) {
#  351|   			fclose(f);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def58]
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:116:13: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen("/etc/audit/audisp-statsd.conf", "rt")’
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:129:12: enter_function: entry to ‘load_config’
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:134:19: acquire_resource: opened here
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:135:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:135:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:140:16: call_function: calling ‘get_line’ from ‘load_config’
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:140:16: return_function: returning to ‘load_config’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:140:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:141:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:157:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:162:29: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:162:29: throw: if ‘time_string_to_seconds’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:116:13: danger: ‘fopen("/etc/audit/audisp-statsd.conf", "rt")’ leaks here; was opened at [(2)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/1)
#  114|   static char *get_line(FILE *f, char *buf, size_t len)
#  115|   {
#  116|->         if (fgets(buf, len, f)) {
#  117|                   /* remove newline */
#  118|                   char *ptr = strchr(buf, 0x0a);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def59]
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:116:13: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen("/etc/audit/audisp-statsd.conf", "rt")’
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:129:12: enter_function: entry to ‘load_config’
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:134:19: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:135:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:135:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:140:16: call_function: calling ‘get_line’ from ‘load_config’
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:140:16: return_function: returning to ‘load_config’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:140:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:141:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:157:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:162:29: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:162:29: throw: if ‘time_string_to_seconds’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:116:13: danger: ‘fopen("/etc/audit/audisp-statsd.conf", "rt")’ leaks here; was allocated at [(2)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/1)
#  114|   static char *get_line(FILE *f, char *buf, size_t len)
#  115|   {
#  116|->         if (fgets(buf, len, f)) {
#  117|                   /* remove newline */
#  118|                   char *ptr = strchr(buf, 0x0a);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def60]
audit-userspace-4.1.2/audisp/plugins/syslog/audisp-syslog.c:155:22: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(3, s)’
audit-userspace-4.1.2/audisp/plugins/syslog/audisp-syslog.c:142:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/syslog/audisp-syslog.c:147:21: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/syslog/audisp-syslog.c:149:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/syslog/audisp-syslog.c:152:39: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/syslog/audisp-syslog.c:152:39: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/syslog/audisp-syslog.c:153:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/syslog/audisp-syslog.c:155:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/syslog/audisp-syslog.c:155:22: throw: if ‘auparse_first_record’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/syslog/audisp-syslog.c:155:22: danger: ‘auparse_init(3, s)’ leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  153|   		if (au == NULL)
#  154|   			return;
#  155|-> 		rc = auparse_first_record(au);
#  156|   
#  157|   		// AUDIT_EOE has no fields - drop it

Error: GCC_ANALYZER_WARNING (CWE-401): [#def61]
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:162:25: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:95:5: enter_function: entry to ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:107:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:121:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:121:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:127:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:127:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:132:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:132:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:138:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:138:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:145:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:145:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:146:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:146:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:152:16: call_function: calling ‘get_line’ from ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:152:16: return_function: returning to ‘plugin_load_config’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:152:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:157:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:157:22: call_function: calling ‘nv_split’ from ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:157:22: return_function: returning to ‘plugin_load_config’ from ‘nv_split’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:162:25: throw: if ‘log_err’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:162:25: danger: ‘f’ leaks here; was allocated at [(12)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/11)
#  160|                           break;
#  161|                   case 1:        /* not the right number of tokens. */
#  162|->                         log_err("Wrong number of arguments for line %d in %s", lineno, file);
#  163|                           break;
#  164|                   case 2:        /* no '=' sign */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def62]
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:165:25: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:95:5: enter_function: entry to ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:107:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:121:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:121:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:127:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:127:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:132:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:132:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:138:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:138:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:145:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:145:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:146:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:146:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:152:16: call_function: calling ‘get_line’ from ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:152:16: return_function: returning to ‘plugin_load_config’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:152:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:157:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:157:22: call_function: calling ‘nv_split’ from ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:157:22: return_function: returning to ‘plugin_load_config’ from ‘nv_split’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:165:25: throw: if ‘log_err’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:165:25: danger: ‘f’ leaks here; was allocated at [(12)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/11)
#  163|                           break;
#  164|                   case 2:        /* no '=' sign */
#  165|->                         log_err("Missing equal sign for line %d in %s",
#  166|                                   lineno, file);
#  167|                           break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def63]
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:185:25: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:95:5: enter_function: entry to ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:107:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:121:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:121:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:127:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:127:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:132:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:132:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:138:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:138:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:145:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:145:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:146:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:146:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:152:16: call_function: calling ‘get_line’ from ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:152:16: return_function: returning to ‘plugin_load_config’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:152:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:157:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:157:22: call_function: calling ‘nv_split’ from ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:157:22: return_function: returning to ‘plugin_load_config’ from ‘nv_split’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:173:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:177:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:177:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:183:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:183:22: call_function: calling ‘kw_lookup’ from ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:183:22: return_function: returning to ‘plugin_load_config’ from ‘kw_lookup’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:184:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:185:25: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:185:25: throw: if ‘log_err’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:185:25: danger: ‘f’ leaks here; was allocated at [(12)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/11)
#  183|                   kw = kw_lookup(nv.name);
#  184|                   if (kw->name == NULL) {
#  185|->                         log_err("Unknown keyword \"%s\" in line %d of %s",
#  186|                                   nv.name, lineno, file);
#  187|                           fclose(f);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def64]
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:193:25: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:95:5: enter_function: entry to ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:107:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:121:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:121:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:127:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:127:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:132:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:132:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:138:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:138:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:145:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:145:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:146:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:146:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:152:16: call_function: calling ‘get_line’ from ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:152:16: return_function: returning to ‘plugin_load_config’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:152:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:157:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:157:22: call_function: calling ‘nv_split’ from ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:157:22: return_function: returning to ‘plugin_load_config’ from ‘nv_split’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:173:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:177:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:177:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:183:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:183:22: call_function: calling ‘kw_lookup’ from ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:183:22: return_function: returning to ‘plugin_load_config’ from ‘kw_lookup’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:184:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:192:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:192:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:193:25: throw: if ‘log_err’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:193:25: danger: ‘f’ leaks here; was allocated at [(12)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/11)
#  191|                   /* Check number of options */
#  192|                   if (kw->max_options == 0 && nv.option != NULL) {
#  193|->                         log_err("Keyword \"%s\" has invalid option "
#  194|                                   "\"%s\" in line %d of %s",
#  195|                                   nv.name, nv.option, lineno, file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def65]
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:201:22: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:95:5: enter_function: entry to ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:107:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:121:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:121:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:127:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:127:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:132:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:132:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:138:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:138:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:145:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:145:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:146:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:146:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:152:16: call_function: calling ‘get_line’ from ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:152:16: return_function: returning to ‘plugin_load_config’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:152:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:157:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:157:22: call_function: calling ‘nv_split’ from ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:157:22: return_function: returning to ‘plugin_load_config’ from ‘nv_split’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:173:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:177:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:177:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:183:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:183:22: call_function: calling ‘kw_lookup’ from ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:183:22: return_function: returning to ‘plugin_load_config’ from ‘kw_lookup’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:184:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:192:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:192:21: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:201:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:201:22: throw: if the called function throws an exception...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:201:22: danger: ‘f’ leaks here; was allocated at [(12)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/11)
#  199|   
#  200|                   /* dispatch to keyword's local parser */
#  201|->                 rc = kw->parser(&nv, lineno, c);
#  202|                   if (rc != 0) {
#  203|                           fclose(f);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def66]
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:589:23: warning[-Wanalyzer-malloc-leak]: leak of ‘item’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:534:12: branch_false: following ‘false’ branch (when ‘bv’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:537:27: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:537:19: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:545:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:551:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:559:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:559:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:559:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:567:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:568:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:574:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:582:25: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:582:25: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:584:20: branch_false: following ‘false’ branch (when ‘item’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:589:23: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:589:23: throw: if ‘ber_scanf’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:589:23: danger: ‘item’ leaks here; was allocated at [(14)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/13)
#  587|                   }
#  588|   
#  589|->                 rc |= ber_scanf(ber, "{{iiiiii}}",
#  590|                                   &item->version,
#  591|                                   &item->itemTag,

Error: GCC_ANALYZER_WARNING (CWE-404): [#def67]
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-log.c:36:17: warning[-Wanalyzer-va-list-leak]: missing call to ‘va_end’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-log.c:68:6: enter_function: entry to ‘_log_debug’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-log.c:72:9: acquire_resource: ‘va_start’ called here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-log.c:73:9: call_function: calling ‘vlog_prio’ from ‘_log_debug’
#   34|   
#   35|           if (asprintf(&str, "pid=%d: %s", mypid, fmt) != -1) {
#   36|->                 vsyslog(LOG_DAEMON | prio, str, ap);
#   37|                   free(str);
#   38|           }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def68]
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:193:33: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_get_node(au)’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:169:12: branch_false: following ‘false’ branch (when ‘cb_event_type == 0’)...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:172:31: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:173:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:183:15: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:184:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:192:28: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:192:28: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:193:33: throw: if ‘auparse_find_field’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:193:33: danger: ‘auparse_get_node(au)’ leaks here; was allocated at [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6)
#  191|            */
#  192|           const char *node = auparse_get_node(au);
#  193|->         const char *orig_type = auparse_find_field(au, "type");
#  194|           /* roll back event to get 'success' */
#  195|           auparse_first_record(au);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def69]
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:195:9: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_get_node(au)’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:169:12: branch_false: following ‘false’ branch (when ‘cb_event_type == 0’)...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:172:31: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:173:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:183:15: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:184:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:192:28: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:192:28: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:195:9: throw: if ‘auparse_first_record’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:195:9: danger: ‘auparse_get_node(au)’ leaks here; was allocated at [(7)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/6)
#  193|           const char *orig_type = auparse_find_field(au, "type");
#  194|           /* roll back event to get 'success' */
#  195|->         auparse_first_record(au);
#  196|           const char *success = auparse_find_field(au, "success");
#  197|           /* roll back event to get 'res' */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def70]
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:196:31: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_get_node(au)’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:169:12: branch_false: following ‘false’ branch (when ‘cb_event_type == 0’)...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:172:31: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:173:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:183:15: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:184:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:192:28: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:192:28: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:196:31: throw: if ‘auparse_find_field’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:196:31: danger: ‘auparse_get_node(au)’ leaks here; was allocated at [(7)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/6)
#  194|           /* roll back event to get 'success' */
#  195|           auparse_first_record(au);
#  196|->         const char *success = auparse_find_field(au, "success");
#  197|           /* roll back event to get 'res' */
#  198|           auparse_first_record(au);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def71]
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:198:9: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_get_node(au)’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:169:12: branch_false: following ‘false’ branch (when ‘cb_event_type == 0’)...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:172:31: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:173:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:183:15: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:184:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:192:28: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:192:28: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:198:9: throw: if ‘auparse_first_record’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:198:9: danger: ‘auparse_get_node(au)’ leaks here; was allocated at [(7)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/6)
#  196|           const char *success = auparse_find_field(au, "success");
#  197|           /* roll back event to get 'res' */
#  198|->         auparse_first_record(au);
#  199|           const char *res = auparse_find_field(au, "res");
#  200|           

Error: GCC_ANALYZER_WARNING (CWE-401): [#def72]
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:199:27: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_get_node(au)’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:169:12: branch_false: following ‘false’ branch (when ‘cb_event_type == 0’)...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:172:31: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:173:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:183:15: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:184:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:192:28: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:192:28: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:199:27: throw: if ‘auparse_find_field’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:199:27: danger: ‘auparse_get_node(au)’ leaks here; was allocated at [(7)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/6)
#  197|           /* roll back event to get 'res' */
#  198|           auparse_first_record(au);
#  199|->         const char *res = auparse_find_field(au, "res");
#  200|           
#  201|           /* check if this event is a success or failure one */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def73]
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:526:17: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(7, 0)’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:469:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:476:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:482:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:482:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:501:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:505:17: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:508:22: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:509:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:519:17: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:526:17: throw: if ‘auparse_add_callback’ throws an exception...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:526:17: danger: ‘auparse_init(7, 0)’ leaks here; was allocated at [(7)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/6)
#  524|   
#  525|                   /* add our event consumer callback */
#  526|->                 auparse_add_callback(au, push_event, NULL, NULL);  /* 4 */
#  527|   
#  528|                   /* main loop */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def74]
audit-userspace-4.1.2/auparse/auditd-config.c:154:33: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/auparse/auditd-config.c:109:5: enter_function: entry to 'aup_load_config'
audit-userspace-4.1.2/auparse/auditd-config.c:120:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:137:13: branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:137:13: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/auditd-config.c:138:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
audit-userspace-4.1.2/auparse/auditd-config.c:138:12: branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: call_function: calling 'get_line' from 'aup_load_config'
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: return_function: returning to 'aup_load_config' from 'get_line'
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:149:26: branch_true: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:149:26: call_function: calling 'nv_split' from 'aup_load_config'
audit-userspace-4.1.2/auparse/auditd-config.c:149:26: return_function: returning to 'aup_load_config' from 'nv_split'
audit-userspace-4.1.2/auparse/auditd-config.c:154:33: throw: if 'auparse_msg' throws an exception...
audit-userspace-4.1.2/auparse/auditd-config.c:154:33: danger: 'f' leaks here; was allocated at [(4)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/3)
#  152|   				break;
#  153|   			case 1: // not the right number of tokens.
#  154|-> 				audit_msg(au, LOG_ERR, 
#  155|   				"Wrong number of arguments for line %d in %s", 
#  156|   					lineno, CONFIG_FILE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def75]
audit-userspace-4.1.2/auparse/auditd-config.c:159:33: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/auparse/auditd-config.c:109:5: enter_function: entry to 'aup_load_config'
audit-userspace-4.1.2/auparse/auditd-config.c:120:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:137:13: branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:137:13: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/auditd-config.c:138:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
audit-userspace-4.1.2/auparse/auditd-config.c:138:12: branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: call_function: calling 'get_line' from 'aup_load_config'
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: return_function: returning to 'aup_load_config' from 'get_line'
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:149:26: branch_true: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:149:26: call_function: calling 'nv_split' from 'aup_load_config'
audit-userspace-4.1.2/auparse/auditd-config.c:149:26: return_function: returning to 'aup_load_config' from 'nv_split'
audit-userspace-4.1.2/auparse/auditd-config.c:159:33: throw: if 'auparse_msg' throws an exception...
audit-userspace-4.1.2/auparse/auditd-config.c:159:33: danger: 'f' leaks here; was allocated at [(4)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/3)
#  157|   				break;
#  158|   			case 2: // no '=' sign
#  159|-> 				audit_msg(au, LOG_ERR, 
#  160|   					"Missing equal sign for line %d in %s", 
#  161|   					lineno, CONFIG_FILE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def76]
audit-userspace-4.1.2/auparse/auditd-config.c:219:33: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/auparse/auditd-config.c:109:5: enter_function: entry to 'aup_load_config'
audit-userspace-4.1.2/auparse/auditd-config.c:120:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:137:13: branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:137:13: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/auditd-config.c:138:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
audit-userspace-4.1.2/auparse/auditd-config.c:138:12: branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: call_function: calling 'get_line' from 'aup_load_config'
#  217|   			// Only output 1 warning
#  218|   			if (!too_long)
#  219|-> 				audit_msg(au, LOG_ERR,
#  220|   					"Skipping line %d in %s: too long",
#  221|   					*lineno, file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def77]
audit-userspace-4.1.2/auparse/auditd-config.c:235:15: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/auparse/auditd-config.c:109:5: enter_function: entry to 'aup_load_config'
audit-userspace-4.1.2/auparse/auditd-config.c:120:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:137:13: branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:137:13: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/auditd-config.c:138:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
audit-userspace-4.1.2/auparse/auditd-config.c:138:12: branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: call_function: calling 'get_line' from 'aup_load_config'
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: return_function: returning to 'aup_load_config' from 'get_line'
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:149:26: branch_true: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:149:26: call_function: calling 'nv_split' from 'aup_load_config'
#  233|   	nv->name = NULL;
#  234|   	nv->value = NULL;
#  235|-> 	ptr = audit_strsplit(buf);
#  236|   	if (ptr == NULL)
#  237|   		return 0; /* If there's nothing, go to next line */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def78]
audit-userspace-4.1.2/auparse/auditd-config.c:243:15: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/auparse/auditd-config.c:109:5: enter_function: entry to 'aup_load_config'
audit-userspace-4.1.2/auparse/auditd-config.c:120:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:137:13: branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:137:13: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/auditd-config.c:138:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
audit-userspace-4.1.2/auparse/auditd-config.c:138:12: branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: call_function: calling 'get_line' from 'aup_load_config'
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: return_function: returning to 'aup_load_config' from 'get_line'
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:149:26: branch_true: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:149:26: call_function: calling 'nv_split' from 'aup_load_config'
#  241|   
#  242|   	/* Check for a '=' */
#  243|-> 	ptr = audit_strsplit(NULL);
#  244|   	if (ptr == NULL)
#  245|   		return 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def79]
audit-userspace-4.1.2/auparse/auditd-config.c:250:15: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/auparse/auditd-config.c:109:5: enter_function: entry to 'aup_load_config'
audit-userspace-4.1.2/auparse/auditd-config.c:120:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:137:13: branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:137:13: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/auditd-config.c:138:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
audit-userspace-4.1.2/auparse/auditd-config.c:138:12: branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: call_function: calling 'get_line' from 'aup_load_config'
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: return_function: returning to 'aup_load_config' from 'get_line'
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:149:26: branch_true: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:149:26: call_function: calling 'nv_split' from 'aup_load_config'
#  248|   
#  249|   	/* get the value */
#  250|-> 	ptr = audit_strsplit(NULL);
#  251|   	if (ptr == NULL)
#  252|   		return 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def80]
audit-userspace-4.1.2/auparse/auditd-config.c:256:15: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/auparse/auditd-config.c:109:5: enter_function: entry to 'aup_load_config'
audit-userspace-4.1.2/auparse/auditd-config.c:120:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:137:13: branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:137:13: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/auditd-config.c:138:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
audit-userspace-4.1.2/auparse/auditd-config.c:138:12: branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: call_function: calling 'get_line' from 'aup_load_config'
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: return_function: returning to 'aup_load_config' from 'get_line'
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:149:26: branch_true: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:149:26: call_function: calling 'nv_split' from 'aup_load_config'
#  254|   
#  255|   	/* Make sure there's nothing else */
#  256|-> 	ptr = audit_strsplit(NULL);
#  257|   	if (ptr) {
#  258|   		/* Allow one option, but check that there's not 2 */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def81]
audit-userspace-4.1.2/auparse/auditd-config.c:259:23: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/auparse/auditd-config.c:109:5: enter_function: entry to 'aup_load_config'
audit-userspace-4.1.2/auparse/auditd-config.c:120:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:137:13: branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:137:13: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/auditd-config.c:138:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
audit-userspace-4.1.2/auparse/auditd-config.c:138:12: branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: call_function: calling 'get_line' from 'aup_load_config'
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: return_function: returning to 'aup_load_config' from 'get_line'
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:149:26: branch_true: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:149:26: call_function: calling 'nv_split' from 'aup_load_config'
#  257|   	if (ptr) {
#  258|   		/* Allow one option, but check that there's not 2 */
#  259|-> 		ptr = audit_strsplit(NULL);
#  260|   		if (ptr)
#  261|   			return 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def82]
audit-userspace-4.1.2/auparse/auditd-config.c:315:9: warning[-Wanalyzer-malloc-leak]: leak of 'opendir(dir)'
audit-userspace-4.1.2/auparse/auditd-config.c:288:12: branch_true: following 'true' branch (when 'tdir' is non-NULL)...
audit-userspace-4.1.2/auparse/auditd-config.c:289:23: branch_true: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:290:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:299:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:307:13: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/auditd-config.c:308:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:314:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:315:9: danger: 'opendir(dir)' leaks here; was allocated at [(7)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/6)
#  313|   	}
#  314|   	free((void *)tdir);
#  315|-> 	closedir(d);
#  316|   
#  317|   	/* Verify the log file can be opened. */

Error: GCC_ANALYZER_WARNING (CWE-775): [#def83]
audit-userspace-4.1.2/auparse/auditd-config.c:325:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open(val, 0)'
audit-userspace-4.1.2/auparse/auditd-config.c:288:12: branch_true: following 'true' branch (when 'tdir' is non-NULL)...
audit-userspace-4.1.2/auparse/auditd-config.c:289:23: branch_true: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:290:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:299:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:308:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:314:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:319:14: acquire_resource: opened here
audit-userspace-4.1.2/auparse/auditd-config.c:320:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:325:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:325:9: danger: 'open(val, 0)' leaks here; was opened at [(9)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/8)
#  323|   		return 1;
#  324|   	}
#  325|-> 	close(fd);
#  326|   
#  327|   	free((void *)config->log_file);

Error: CPPCHECK_WARNING (CWE-476): [#def84]
audit-userspace-4.1.2/auparse/auparse.c:509: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: tmp
#  507|   			tmp = malloc((n+1)*sizeof(char *));
#  508|   			for (i=0; i<n; i++)
#  509|-> 				tmp[i] = strdup(bb[i]);
#  510|   			tmp[n] = NULL;
#  511|   			au->source_list = tmp;

Error: CPPCHECK_WARNING (CWE-476): [#def85]
audit-userspace-4.1.2/auparse/auparse.c:510: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: tmp
#  508|   			for (i=0; i<n; i++)
#  509|   				tmp[i] = strdup(bb[i]);
#  510|-> 			tmp[n] = NULL;
#  511|   			au->source_list = tmp;
#  512|   			break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def86]
audit-userspace-4.1.2/auparse/auparse.c:1229:31: warning[-Wanalyzer-malloc-leak]: leak of 'e.host'
audit-userspace-4.1.2/auparse/auparse.c:1715:5: enter_function: entry to 'auparse_next_event'
audit-userspace-4.1.2/auparse/auparse.c:1718:16: call_function: calling 'au_auparse_next_event' from 'auparse_next_event'
# 1227|   		if (*ptr == 'n' && strnlen(ptr, 8) > 5) {
# 1228|   			e->host = strdup(ptr+5);
# 1229|-> 			(void)audit_strsplit(NULL);// Bump along to next one
# 1230|   		}
# 1231|   		// at this point we have type=

Error: GCC_ANALYZER_WARNING (CWE-401): [#def87]
audit-userspace-4.1.2/auparse/auparse.c:1232:23: warning[-Wanalyzer-malloc-leak]: leak of 'e.host'
audit-userspace-4.1.2/auparse/auparse.c:1715:5: enter_function: entry to 'auparse_next_event'
audit-userspace-4.1.2/auparse/auparse.c:1718:16: call_function: calling 'au_auparse_next_event' from 'auparse_next_event'
# 1230|   		}
# 1231|   		// at this point we have type=
# 1232|-> 		ptr = audit_strsplit(NULL);
# 1233|   		// strlen is for fuzzers that make invalid lines
# 1234|   		if (ptr && strnlen(ptr, 20) > 18) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def88]
audit-userspace-4.1.2/auparse/auparse.c:1514:17: warning[-Wanalyzer-malloc-leak]: leak of '<return-value>'
audit-userspace-4.1.2/auparse/auparse.c:1715:5: enter_function: entry to 'auparse_next_event'
audit-userspace-4.1.2/auparse/auparse.c:1718:16: call_function: calling 'au_auparse_next_event' from 'auparse_next_event'
# 1512|   		if (debug) printf("Creating lol array\n");
# 1513|   #endif	/* LOL_EVENTS_DEBUG01 */
# 1514|-> 		au_lol_create(au->au_lo);
# 1515|   	}
# 1516|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def89]
audit-userspace-4.1.2/auparse/auparse.c:1668:17: warning[-Wanalyzer-malloc-leak]: leak of 'l'
audit-userspace-4.1.2/auparse/auparse.c:1824:5: enter_function: entry to 'auparse_first_record'
audit-userspace-4.1.2/auparse/auparse.c:1832:22: call_function: calling 'auparse_next_event' from 'auparse_first_record'
# 1666|   			return -1;
# 1667|   		}
# 1668|-> 		aup_list_create(l);
# 1669|   		aup_list_set_event(l, &e);
# 1670|   		if (aup_list_append(l, au->cur_buf, au->list_idx,

Error: COMPILER_WARNING (CWE-704): [#def90]
audit-userspace-4.1.2/auparse/auparse.c: scope_hint: In function 'auparse_interpret_sock_parts'
audit-userspace-4.1.2/auparse/auparse.c:2242:37: warning[-Wdiscarded-qualifiers]: initialization discards 'const' qualifier from pointer target type
# 2242 |                         char *ptr = strchr(val, ' ');
#      |                                     ^~~~~~
# 2240|   			val += strlen(field);
# 2241|   			// find other side
# 2242|-> 			char *ptr = strchr(val, ' ');
# 2243|   			if (ptr) {
# 2244|   				// terminate, copy, and return it

Error: COMPILER_WARNING (CWE-704): [#def91]
audit-userspace-4.1.2/auparse/auparse.c:2242:37: warning[-Wdiscarded-qualifiers]: initialization discards 'const' qualifier from pointer target type
# 2240|   			val += strlen(field);
# 2241|   			// find other side
# 2242|-> 			char *ptr = strchr(val, ' ');
# 2243|   			if (ptr) {
# 2244|   				// terminate, copy, and return it

Error: GCC_ANALYZER_WARNING (CWE-688): [#def92]
audit-userspace-4.1.2/auparse/data_buf.c:236:9: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
audit-userspace-4.1.2/auparse/data_buf.c:194:5: enter_function: entry to 'databuf_append'
audit-userspace-4.1.2/auparse/data_buf.c:236:17: call_function: inlined call to 'databuf_end' from 'databuf_append'
audit-userspace-4.1.2/auparse/data_buf.c:236:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/data_buf.c:236:9: danger: argument 1 ('<unknown>') NULL where non-null expected
#  234|   #endif
#  235|   	/* pointers all set up and room available, move the data and update */
#  236|-> 	memmove(databuf_end(db), src, src_size);
#  237|   	db->len = new_len;
#  238|   	db->max_len = MAX(db->max_len, new_len);

Error: CPPCHECK_WARNING (CWE-682): [#def93]
audit-userspace-4.1.2/auparse/ellist.c:77: error[nullPointerArithmeticOutOfMemory]: If memory allocation fails: pointer addition with NULL pointer.
#   75|   
#   76|   	for (i=0; i<size; i++) {
#   77|-> 		*ptr++ = hex[(buf[i] & 0xF0)>>4]; /* Upper nibble */
#   78|   		*ptr++ = hex[buf[i] & 0x0F];      /* Lower nibble */
#   79|   	}

Error: CPPCHECK_WARNING (CWE-476): [#def94]
audit-userspace-4.1.2/auparse/ellist.c:77: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: ptr++
#   75|   
#   76|   	for (i=0; i<size; i++) {
#   77|-> 		*ptr++ = hex[(buf[i] & 0xF0)>>4]; /* Upper nibble */
#   78|   		*ptr++ = hex[buf[i] & 0x0F];      /* Lower nibble */
#   79|   	}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def95]
audit-userspace-4.1.2/auparse/ellist.c:77:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'ptr'
audit-userspace-4.1.2/auparse/ellist.c:356:5: enter_function: entry to 'aup_list_append'
audit-userspace-4.1.2/auparse/ellist.c:362:12: branch_false: following 'false' branch (when 'record' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:366:13: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:367:12: branch_false: following 'false' branch (when 'r' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:370:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:397:14: call_function: calling 'parse_up_record' from 'aup_list_append'
#   75|   
#   76|   	for (i=0; i<size; i++) {
#   77|-> 		*ptr++ = hex[(buf[i] & 0xF0)>>4]; /* Upper nibble */
#   78|   		*ptr++ = hex[buf[i] & 0x0F];      /* Lower nibble */
#   79|   	}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def96]
audit-userspace-4.1.2/auparse/ellist.c:80:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'ptr'
audit-userspace-4.1.2/auparse/ellist.c:356:5: enter_function: entry to 'aup_list_append'
audit-userspace-4.1.2/auparse/ellist.c:362:12: branch_false: following 'false' branch (when 'record' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:366:13: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:367:12: branch_false: following 'false' branch (when 'r' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:370:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:397:14: call_function: calling 'parse_up_record' from 'aup_list_append'
#   78|   		*ptr++ = hex[buf[i] & 0x0F];      /* Lower nibble */
#   79|   	}
#   80|-> 	*ptr = 0;
#   81|   	return final;
#   82|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def97]
audit-userspace-4.1.2/auparse/ellist.c:194:45: warning[-Wanalyzer-malloc-leak]: leak of 'n.name'
audit-userspace-4.1.2/auparse/ellist.c:110:12: branch_false: following 'false' branch (when 'ptr' is NULL)...
audit-userspace-4.1.2/auparse/ellist.c:114:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:120:12: branch_false: following 'false' branch (when 'buf' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:122:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:126:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/ellist.c:126:12: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:136:20: branch_true: following 'true' branch (when 'val' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:140:29: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:166:28: branch_false: following 'false' branch (when 'vlen != 0')...
audit-userspace-4.1.2/auparse/ellist.c:168:35: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:188:28: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/ellist.c:189:36: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/ellist.c:191:50: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:191:50: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/ellist.c:194:45: throw: if 'nvlist_append' throws an exception...
audit-userspace-4.1.2/auparse/ellist.c:194:45: danger: 'n.name' leaks here; was allocated at [(17)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/16)
#  192|   					char *t = strdup(n.val);
#  193|   					n.val = t;
#  194|-> 					if (nvlist_append(&r->nv, &n)) {
#  195|   						free(n.name);
#  196|   						free(n.val);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def98]
audit-userspace-4.1.2/auparse/ellist.c:194:45: warning[-Wanalyzer-malloc-leak]: leak of 't'
audit-userspace-4.1.2/auparse/ellist.c:110:12: branch_false: following 'false' branch (when 'ptr' is NULL)...
audit-userspace-4.1.2/auparse/ellist.c:114:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:120:12: branch_false: following 'false' branch (when 'buf' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:122:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:126:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/ellist.c:126:12: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:136:20: branch_true: following 'true' branch (when 'val' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:140:29: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:166:28: branch_false: following 'false' branch (when 'vlen != 0')...
audit-userspace-4.1.2/auparse/ellist.c:168:35: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:188:28: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/ellist.c:189:36: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/ellist.c:191:50: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:192:51: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/ellist.c:194:45: throw: if 'nvlist_append' throws an exception...
audit-userspace-4.1.2/auparse/ellist.c:194:45: danger: 't' leaks here; was allocated at [(17)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/16)
#  192|   					char *t = strdup(n.val);
#  193|   					n.val = t;
#  194|-> 					if (nvlist_append(&r->nv, &n)) {
#  195|   						free(n.name);
#  196|   						free(n.val);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def99]
audit-userspace-4.1.2/auparse/ellist.c:208:53: warning[-Wanalyzer-malloc-leak]: leak of 'n.name'
audit-userspace-4.1.2/auparse/ellist.c:110:12: branch_false: following 'false' branch (when 'ptr' is NULL)...
audit-userspace-4.1.2/auparse/ellist.c:114:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:120:12: branch_false: following 'false' branch (when 'buf' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:122:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:126:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/ellist.c:126:12: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:136:20: branch_true: following 'true' branch (when 'val' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:140:29: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:166:28: branch_false: following 'false' branch (when 'vlen != 0')...
audit-userspace-4.1.2/auparse/ellist.c:168:35: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:188:28: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/ellist.c:189:36: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/ellist.c:203:47: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:204:44: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/ellist.c:205:58: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:205:58: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/ellist.c:208:53: throw: if 'nvlist_append' throws an exception...
audit-userspace-4.1.2/auparse/ellist.c:208:53: danger: 'n.name' leaks here; was allocated at [(19)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/18)
#  206|   						n.val = NULL;
#  207|   						// Malformed key - save as is
#  208|-> 						if (nvlist_append(&r->nv, &n)) {
#  209|   							free(n.name);
#  210|   							free(n.val);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def100]
audit-userspace-4.1.2/auparse/ellist.c:218:53: warning[-Wanalyzer-malloc-leak]: leak of 'n.name'
audit-userspace-4.1.2/auparse/ellist.c:356:5: enter_function: entry to 'aup_list_append'
audit-userspace-4.1.2/auparse/ellist.c:362:12: branch_false: following 'false' branch (when 'record' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:366:13: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:367:12: branch_false: following 'false' branch (when 'r' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:370:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:397:14: call_function: calling 'parse_up_record' from 'aup_list_append'
#  216|   						n.name = strdup("key");
#  217|   						n.val = escape(ptr2);
#  218|-> 						if (nvlist_append(&r->nv, &n)) {
#  219|   							free(n.name);
#  220|   							free(n.val);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def101]
audit-userspace-4.1.2/auparse/ellist.c:218:53: warning[-Wanalyzer-malloc-leak]: leak of 'n.val'
audit-userspace-4.1.2/auparse/ellist.c:356:5: enter_function: entry to 'aup_list_append'
audit-userspace-4.1.2/auparse/ellist.c:362:12: branch_false: following 'false' branch (when 'record' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:366:13: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:367:12: branch_false: following 'false' branch (when 'r' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:370:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:397:14: call_function: calling 'parse_up_record' from 'aup_list_append'
#  216|   						n.name = strdup("key");
#  217|   						n.val = escape(ptr2);
#  218|-> 						if (nvlist_append(&r->nv, &n)) {
#  219|   							free(n.name);
#  220|   							free(n.val);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def102]
audit-userspace-4.1.2/auparse/ellist.c:234:45: warning[-Wanalyzer-malloc-leak]: leak of 'n.name'
audit-userspace-4.1.2/auparse/ellist.c:110:12: branch_false: following 'false' branch (when 'ptr' is NULL)...
audit-userspace-4.1.2/auparse/ellist.c:114:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:120:12: branch_false: following 'false' branch (when 'buf' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:122:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:126:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/ellist.c:126:12: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:136:20: branch_true: following 'true' branch (when 'val' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:140:29: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:166:28: branch_false: following 'false' branch (when 'vlen != 0')...
audit-userspace-4.1.2/auparse/ellist.c:168:35: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:188:29: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/ellist.c:229:36: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:229:36: branch_true: following 'true' branch (when the strings are equal)...
audit-userspace-4.1.2/auparse/ellist.c:231:50: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:231:50: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/ellist.c:234:45: throw: if 'nvlist_append' throws an exception...
audit-userspace-4.1.2/auparse/ellist.c:234:45: danger: 'n.name' leaks here; was allocated at [(17)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/16)
#  232|   					char *t = strdup(n.val);
#  233|   					n.val = t;
#  234|-> 					if (nvlist_append(&r->nv, &n)) {
#  235|   						free(n.name);
#  236|   						free(n.val);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def103]
audit-userspace-4.1.2/auparse/ellist.c:234:45: warning[-Wanalyzer-malloc-leak]: leak of 't'
audit-userspace-4.1.2/auparse/ellist.c:110:12: branch_false: following 'false' branch (when 'ptr' is NULL)...
audit-userspace-4.1.2/auparse/ellist.c:114:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:120:12: branch_false: following 'false' branch (when 'buf' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:122:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:126:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/ellist.c:126:12: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:136:20: branch_true: following 'true' branch (when 'val' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:140:29: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:166:28: branch_false: following 'false' branch (when 'vlen != 0')...
audit-userspace-4.1.2/auparse/ellist.c:168:35: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:188:29: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/ellist.c:229:36: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:229:36: branch_true: following 'true' branch (when the strings are equal)...
audit-userspace-4.1.2/auparse/ellist.c:231:50: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:232:51: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/ellist.c:234:45: throw: if 'nvlist_append' throws an exception...
audit-userspace-4.1.2/auparse/ellist.c:234:45: danger: 't' leaks here; was allocated at [(17)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/16)
#  232|   					char *t = strdup(n.val);
#  233|   					n.val = t;
#  234|-> 					if (nvlist_append(&r->nv, &n)) {
#  235|   						free(n.name);
#  236|   						free(n.val);

Error: CPPCHECK_WARNING (CWE-401): [#def104]
audit-userspace-4.1.2/auparse/ellist.c:316: error[memleak]: Memory leak: n.name
#  314|   									 == 0)
#  315|   								free(buf);
#  316|-> 							return -1;
#  317|   						}
#  318|   						if (tmpctx[0]) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def105]
audit-userspace-4.1.2/auparse/ellist.c:329:45: warning[-Wanalyzer-malloc-leak]: leak of 'n.name'
audit-userspace-4.1.2/auparse/ellist.c:356:5: enter_function: entry to 'aup_list_append'
audit-userspace-4.1.2/auparse/ellist.c:362:12: branch_false: following 'false' branch (when 'record' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:366:13: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:367:12: branch_false: following 'false' branch (when 'r' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:370:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:397:14: call_function: calling 'parse_up_record' from 'aup_list_append'
#  327|   					n.name = strdup("seperms");
#  328|   					n.val = strdup(tmpctx);
#  329|-> 					if (nvlist_append(&r->nv, &n)) {
#  330|   						free(n.name);
#  331|   						free(n.val);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def106]
audit-userspace-4.1.2/auparse/ellist.c:329:45: warning[-Wanalyzer-malloc-leak]: leak of 'n.val'
audit-userspace-4.1.2/auparse/ellist.c:356:5: enter_function: entry to 'aup_list_append'
audit-userspace-4.1.2/auparse/ellist.c:362:12: branch_false: following 'false' branch (when 'record' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:366:13: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:367:12: branch_false: following 'false' branch (when 'r' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:370:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:397:14: call_function: calling 'parse_up_record' from 'aup_list_append'
#  327|   					n.name = strdup("seperms");
#  328|   					n.val = strdup(tmpctx);
#  329|-> 					if (nvlist_append(&r->nv, &n)) {
#  330|   						free(n.name);
#  331|   						free(n.val);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def107]
audit-userspace-4.1.2/auparse/ellist.c:339:25: warning[-Wanalyzer-malloc-leak]: leak of 'n.name'
audit-userspace-4.1.2/auparse/ellist.c:110:12: branch_false: following 'false' branch (when 'ptr' is NULL)...
audit-userspace-4.1.2/auparse/ellist.c:114:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:120:12: branch_false: following 'false' branch (when 'buf' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:122:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:126:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/ellist.c:126:12: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:136:20: branch_false: following 'false' branch (when 'val' is NULL)...
audit-userspace-4.1.2/auparse/ellist.c:293:28: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:293:27: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/ellist.c:296:25: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:297:28: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/ellist.c:299:37: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:299:36: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/ellist.c:301:42: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:301:42: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/ellist.c:339:25: throw: if 'nvlist_append' throws an exception...
audit-userspace-4.1.2/auparse/ellist.c:339:25: danger: 'n.name' leaks here; was allocated at [(17)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/16)
#  337|   
#  338|   			n.val = ptr;
#  339|-> 			nvlist_append(&r->nv, &n);
#  340|   		}
#  341|   	} while((ptr = audit_strsplit_r(NULL, &saved)));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def108]
audit-userspace-4.1.2/auparse/ellist.c:382:9: warning[-Wanalyzer-malloc-leak]: leak of 'r'
audit-userspace-4.1.2/auparse/ellist.c:362:12: branch_false: following 'false' branch (when 'record' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:366:13: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:366:13: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/ellist.c:367:12: branch_false: following 'false' branch (when 'r' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:370:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:382:9: throw: if 'nvlist_create' throws an exception...
audit-userspace-4.1.2/auparse/ellist.c:382:9: danger: 'r' leaks here; was allocated at [(3)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/2)
#  380|   	r->line_number = line_number;
#  381|   	r->next = NULL;
#  382|-> 	nvlist_create(&r->nv);
#  383|   
#  384|   	// if we are at top, fix this up

Error: COMPILER_WARNING (CWE-704): [#def109]
audit-userspace-4.1.2/auparse/interpret.c: scope_hint: In function 'x2c'
audit-userspace-4.1.2/auparse/interpret.c:151:13: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type
#  151 |         ptr = strchr(AsciiArray, (char)toupper(buf[0]));
#      |             ^
#  149|   	unsigned char total=0;
#  150|   
#  151|-> 	ptr = strchr(AsciiArray, (char)toupper(buf[0]));
#  152|   	if (ptr)
#  153|   		total = (unsigned char)(((ptr-AsciiArray) & 0x0F)<<4);

Error: COMPILER_WARNING (CWE-704): [#def110]
audit-userspace-4.1.2/auparse/interpret.c:151:13: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type
#  149|   	unsigned char total=0;
#  150|   
#  151|-> 	ptr = strchr(AsciiArray, (char)toupper(buf[0]));
#  152|   	if (ptr)
#  153|   		total = (unsigned char)(((ptr-AsciiArray) & 0x0F)<<4);

Error: COMPILER_WARNING (CWE-704): [#def111]
audit-userspace-4.1.2/auparse/interpret.c:154:13: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type
#  154 |         ptr = strchr(AsciiArray, (char)toupper(buf[1]));
#      |             ^
#  152|   	if (ptr)
#  153|   		total = (unsigned char)(((ptr-AsciiArray) & 0x0F)<<4);
#  154|-> 	ptr = strchr(AsciiArray, (char)toupper(buf[1]));
#  155|   	if (ptr)
#  156|   		total += (unsigned char)((ptr-AsciiArray) & 0x0F);

Error: COMPILER_WARNING (CWE-704): [#def112]
audit-userspace-4.1.2/auparse/interpret.c:154:13: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type
#  152|   	if (ptr)
#  153|   		total = (unsigned char)(((ptr-AsciiArray) & 0x0F)<<4);
#  154|-> 	ptr = strchr(AsciiArray, (char)toupper(buf[1]));
#  155|   	if (ptr)
#  156|   		total += (unsigned char)((ptr-AsciiArray) & 0x0F);

Error: COMPILER_WARNING (CWE-704): [#def113]
audit-userspace-4.1.2/auparse/interpret.c: scope_hint: In function 'key_escape'
audit-userspace-4.1.2/auparse/interpret.c:301:21: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type
#  301 |                 str = strchr(optr, AUDIT_KEY_SEPARATOR);
#      |                     ^
#  299|   		unsigned int klen, cnt;
#  300|   		// Find the separator or the end
#  301|-> 		str = strchr(optr, AUDIT_KEY_SEPARATOR);
#  302|   		if (str == NULL)
#  303|   			str = strchr(optr, 0);

Error: COMPILER_WARNING (CWE-704): [#def114]
audit-userspace-4.1.2/auparse/interpret.c:301:21: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type
#  299|   		unsigned int klen, cnt;
#  300|   		// Find the separator or the end
#  301|-> 		str = strchr(optr, AUDIT_KEY_SEPARATOR);
#  302|   		if (str == NULL)
#  303|   			str = strchr(optr, 0);

Error: COMPILER_WARNING (CWE-704): [#def115]
audit-userspace-4.1.2/auparse/interpret.c:303:29: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type
#  303 |                         str = strchr(optr, 0);
#      |                             ^
#  301|   		str = strchr(optr, AUDIT_KEY_SEPARATOR);
#  302|   		if (str == NULL)
#  303|-> 			str = strchr(optr, 0);
#  304|   		klen = str - optr;
#  305|   		tmp = *str;

Error: COMPILER_WARNING (CWE-704): [#def116]
audit-userspace-4.1.2/auparse/interpret.c:303:29: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type
#  301|   		str = strchr(optr, AUDIT_KEY_SEPARATOR);
#  302|   		if (str == NULL)
#  303|-> 			str = strchr(optr, 0);
#  304|   		klen = str - optr;
#  305|   		tmp = *str;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def117]
audit-userspace-4.1.2/auparse/interpret.c:345:13: warning[-Wanalyzer-malloc-leak]: leak of 'au_unescape(val)'
audit-userspace-4.1.2/auparse/interpret.c:3414:7: enter_function: entry to 'auparse_do_interpretation'
audit-userspace-4.1.2/auparse/interpret.c:3477:31: call_function: calling 'print_sockaddr' from 'auparse_do_interpretation'
#  343|   
#  344|   	/* Find the end of the name */
#  345|-> 	if (*ptr == '(') {
#  346|   		ptr = strchr(ptr, ')');
#  347|   		if (ptr == NULL)

Error: COMPILER_WARNING (CWE-704): [#def118]
audit-userspace-4.1.2/auparse/interpret.c: scope_hint: In function 'print_escaped'
audit-userspace-4.1.2/auparse/interpret.c:917:22: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type
#  917 |                 term = strchr(val, '"');
#      |                      ^
#  915|   		char *term;
#  916|   		val++;
#  917|-> 		term = strchr(val, '"');
#  918|   		if (term == NULL)
#  919|   			return strdup(" ");

Error: COMPILER_WARNING (CWE-704): [#def119]
audit-userspace-4.1.2/auparse/interpret.c:917:22: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type
#  915|   		char *term;
#  916|   		val++;
#  917|-> 		term = strchr(val, '"');
#  918|   		if (term == NULL)
#  919|   			return strdup(" ");

Error: GCC_ANALYZER_WARNING (CWE-688): [#def120]
audit-userspace-4.1.2/auparse/interpret.c:1078:32: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 'ptr' where non-null expected
audit-userspace-4.1.2/auparse/interpret.c:3414:7: enter_function: entry to 'auparse_do_interpretation'
audit-userspace-4.1.2/auparse/interpret.c:3540:31: call_function: calling 'print_proctitle' from 'auparse_do_interpretation'
# 1076|   		// We need to write over the NUL bytes with a space
# 1077|   		// so that we can see the arguments
# 1078|-> 		while ((ptr  = STRCHR(ptr, '\0'))) {
# 1079|   			if (ptr >= end)
# 1080|   				break;

Error: COMPILER_WARNING (CWE-704): [#def121]
audit-userspace-4.1.2/auparse/interpret.c: scope_hint: In function 'auparse_do_interpretation'
audit-userspace-4.1.2/auparse/interpret.c:3588:29: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type
# 3588 |                         str = strchr(out, AUDIT_KEY_SEPARATOR);
#      |                             ^
# 3586|   			// The audit key separator causes a false
# 3587|   			// positive in deciding to escape.
# 3588|-> 			str = strchr(out, AUDIT_KEY_SEPARATOR);
# 3589|   		}
# 3590|   		if (str == NULL) {

Error: COMPILER_WARNING (CWE-704): [#def122]
audit-userspace-4.1.2/auparse/interpret.c:3588:29: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type
# 3586|   			// The audit key separator causes a false
# 3587|   			// positive in deciding to escape.
# 3588|-> 			str = strchr(out, AUDIT_KEY_SEPARATOR);
# 3589|   		}
# 3590|   		if (str == NULL) {

Error: COMPILER_WARNING (CWE-704): [#def123]
audit-userspace-4.1.2/auparse/interpret.c:3635:45: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type
# 3635 |                                         str = strchr(out, AUDIT_KEY_SEPARATOR);
#      |                                             ^
# 3633|   					// This is likely fuzzer induced.
# 3634|   					char tmp;
# 3635|-> 					str = strchr(out, AUDIT_KEY_SEPARATOR);
# 3636|   					if (str) {
# 3637|   						tmp = *str;

Error: COMPILER_WARNING (CWE-704): [#def124]
audit-userspace-4.1.2/auparse/interpret.c:3635:45: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type
# 3633|   					// This is likely fuzzer induced.
# 3634|   					char tmp;
# 3635|-> 					str = strchr(out, AUDIT_KEY_SEPARATOR);
# 3636|   					if (str) {
# 3637|   						tmp = *str;

Error: GCC_ANALYZER_WARNING (CWE-835): [#def125]
audit-userspace-4.1.2/auparse/lru.c:137:16: warning[-Wanalyzer-infinite-loop]: infinite loop
#  135|   	// remove_node, end is updated to a prior node as part of detaching
#  136|   	// the current end node.
#  137|-> 	while (queue->count)
#  138|   		dequeue(queue);
#  139|   

Error: GCC_ANALYZER_WARNING (CWE-404): [#def126]
audit-userspace-4.1.2/auparse/message.c:51:17: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
audit-userspace-4.1.2/auparse/message.c:43:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/message.c:46:12: branch_false: ...to here
audit-userspace-4.1.2/auparse/message.c:49:9: acquire_resource: 'va_start' called here
audit-userspace-4.1.2/auparse/message.c:50:12: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/message.c:51:17: branch_true: ...to here
audit-userspace-4.1.2/auparse/message.c:51:17: throw: if 'vsyslog' throws an exception...
audit-userspace-4.1.2/auparse/message.c:51:17: danger: missing call to 'va_end' to match 'va_start' at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   49|           va_start(ap, fmt);
#   50|           if (au->message_mode == MSG_SYSLOG)
#   51|->                 vsyslog(priority, fmt, ap);
#   52|           else {
#   53|                   vfprintf(stderr, fmt, ap);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def127]
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:16:9: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(3, &buf1)’
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:14:31: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:15:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:16:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:16:9: throw: if ‘auparse_next_event’ throws an exception...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:16:9: danger: ‘auparse_init(3, &buf1)’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#   14|   	auparse_state_t *au = auparse_init(AUSOURCE_BUFFER, buf1);
#   15|   	assert(au != NULL);
#   16|-> 	assert(auparse_next_event(au) > 0);
#   17|   	assert(auparse_get_type(au) == AUDIT_LOGIN);
#   18|   	assert(auparse_new_buffer(au, buf2, strlen(buf2)) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def128]
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:36:9: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(7, 0)’
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:34:31: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:35:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:36:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:36:9: throw: if ‘auparse_add_callback’ throws an exception...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:36:9: danger: ‘auparse_init(7, 0)’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#   34|   	auparse_state_t *au = auparse_init(AUSOURCE_FEED, NULL);
#   35|   	assert(au != NULL);
#   36|-> 	auparse_add_callback(au, ready_cb, NULL, NULL);
#   37|   	assert(auparse_feed_has_data(au) == 0);
#   38|   	assert(auparse_feed(au, buf, strlen(buf)) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def129]
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:49:9: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(1, "./test.log")’
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:47:31: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:48:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:49:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:49:9: throw: if ‘auparse_next_event’ throws an exception...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:49:9: danger: ‘auparse_init(1, "./test.log")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#   47|   	auparse_state_t *au = auparse_init(AUSOURCE_FILE, "./test.log");
#   48|   	assert(au != NULL);
#   49|-> 	assert(auparse_next_event(au) > 0);
#   50|   	assert(auparse_normalize(au, NORM_OPT_ALL) == 0);
#   51|   	const char *kind = auparse_normalize_get_event_kind(au);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def130]
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:64:9: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(1, "./test.log")’
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:62:31: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:63:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:64:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:64:9: throw: if ‘auparse_next_event’ throws an exception...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:64:9: danger: ‘auparse_init(1, "./test.log")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
#   62|   	auparse_state_t *au = auparse_init(AUSOURCE_FILE, "./test.log");
#   63|   	assert(au != NULL);
#   64|-> 	assert(auparse_next_event(au) > 0);
#   65|   	const au_event_t *e1 = auparse_get_timestamp(au);
#   66|   	assert(e1 != NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def131]
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:88:14: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(1, "./test.log")’
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:85:14: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:86:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:88:14: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:88:14: throw: if ‘ausearch_add_expression’ throws an exception...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:88:14: danger: ‘auparse_init(1, "./test.log")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
#   86|   	assert(au != NULL);
#   87|   
#   88|-> 	rc = ausearch_add_expression(au,
#   89|   				"\\timestamp == ts:1.999",
#   90|   				&err, AUSEARCH_RULE_CLEAR);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def132]
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:120:14: warning[-Wanalyzer-malloc-leak]: leak of ‘id.cwd’
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:117:18: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:118:21: branch_true: following ‘true’ branch (when ‘i != 9’)...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:119:17: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:120:14: throw: if ‘auparse_init’ throws an exception...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:120:14: danger: ‘id.cwd’ leaks here; was allocated at [(1)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/0)
#  118|   	for (i = 0; i < sizeof(fuzz) - 1; i++)
#  119|   		seeds *= 3;
#  120|-> 	au = auparse_init(AUSOURCE_FILE, "/dev/null");
#  121|   	assert(au != NULL);
#  122|   	for (unsigned s = 0; s < seeds; s++) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def133]
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:125:41: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(1, "/dev/null")’
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:118:21: branch_true: following ‘true’ branch (when ‘i != 9’)...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:119:17: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:120:14: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:121:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:121:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:122:30: branch_true: following ‘true’ branch (when ‘seeds > s’)...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:122:30: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:124:29: branch_true: following ‘true’ branch (when ‘i != 9’)...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:125:41: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:124:29: branch_true: following ‘true’ branch (when ‘i != 9’)...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:125:41: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:128:17: throw: if ‘audit_encode_value’ throws an exception...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:125:41: danger: ‘auparse_init(1, "/dev/null")’ leaks here; was allocated at [(3)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/2)
#  123|   		unsigned k = s;
#  124|   		for (i = 0; i < sizeof(fuzz) - 1; i++, k /= 3)
#  125|-> 			fuzz[i] = chars[k % 3];
#  126|   
#  127|   		fuzz[sizeof(fuzz) - 1] = '\0';

Error: GCC_ANALYZER_WARNING (CWE-401): [#def134]
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:128:17: warning[-Wanalyzer-malloc-leak]: leak of ‘id.cwd’
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:117:18: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:118:21: branch_true: following ‘true’ branch (when ‘i != 9’)...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:119:17: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:121:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:121:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:122:30: branch_true: following ‘true’ branch (when ‘seeds > s’)...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:122:30: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:124:29: branch_true: following ‘true’ branch (when ‘i != 9’)...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:125:41: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:124:29: branch_true: following ‘true’ branch (when ‘i != 9’)...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:125:41: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:128:17: throw: if ‘audit_encode_value’ throws an exception...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:128:17: danger: ‘id.cwd’ leaks here; was allocated at [(1)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/0)
#  126|   
#  127|   		fuzz[sizeof(fuzz) - 1] = '\0';
#  128|-> 		audit_encode_value(val, fuzz, sizeof(fuzz));
#  129|   		id.val = val;
#  130|   		out = auparse_do_interpretation(au, AUPARSE_TYPE_ESCAPED_FILE,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def135]
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:130:23: warning[-Wanalyzer-malloc-leak]: leak of ‘id.cwd’
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:117:18: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:118:21: branch_true: following ‘true’ branch (when ‘i != 9’)...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:119:17: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:121:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:121:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:122:30: branch_true: following ‘true’ branch (when ‘seeds > s’)...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:122:30: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:124:29: branch_true: following ‘true’ branch (when ‘i != 9’)...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:125:41: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:124:29: branch_true: following ‘true’ branch (when ‘i != 9’)...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:125:41: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:130:23: throw: if ‘auparse_do_interpretation’ throws an exception...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:130:23: danger: ‘id.cwd’ leaks here; was allocated at [(1)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/0)
#  128|   		audit_encode_value(val, fuzz, sizeof(fuzz));
#  129|   		id.val = val;
#  130|-> 		out = auparse_do_interpretation(au, AUPARSE_TYPE_ESCAPED_FILE,
#  131|   						&id, AUPARSE_ESC_RAW);
#  132|   		assert(out != NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def136]
audit-userspace-4.1.2/auparse/test/auparse_test.c:128:13: warning[-Wanalyzer-malloc-leak]: leak of ‘au’
audit-userspace-4.1.2/auparse/test/auparse_test.c:117:12: branch_true: following ‘true’ branch (when ‘source == 1’)...
audit-userspace-4.1.2/auparse/test/auparse_test.c:118:22: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_test.c:118:22: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparse_test.c:124:12: branch_false: following ‘false’ branch (when ‘au’ is non-NULL)...
audit-userspace-4.1.2/auparse/test/auparse_test.c:128:13: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparse_test.c:128:13: throw: if ‘ausearch_add_item’ throws an exception...
audit-userspace-4.1.2/auparse/test/auparse_test.c:128:13: danger: ‘au’ leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#  126|   		exit(1);
#  127|   	}
#  128|-> 	if (ausearch_add_item(au, "auid", "=", val, AUSEARCH_RULE_CLEAR)){
#  129|   		printf("ausearch_add_item error - %s\n", strerror(errno));
#  130|   		exit(1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def137]
audit-userspace-4.1.2/auparse/test/auparse_test.c:154:21: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(1, "./test.log")’
audit-userspace-4.1.2/auparse/test/auparse_test.c:148:14: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparse_test.c:149:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparse_test.c:153:12: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparse_test.c:153:12: branch_true: following ‘true’ branch (when ‘how == 2’)...
audit-userspace-4.1.2/auparse/test/auparse_test.c:154:21: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_test.c:154:21: throw: if ‘ausearch_add_item’ throws an exception...
audit-userspace-4.1.2/auparse/test/auparse_test.c:154:21: danger: ‘auparse_init(1, "./test.log")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  152|   	}
#  153|   	if (how == AUSEARCH_RULE_AND) {
#  154|-> 		if (ausearch_add_item(au, "uid", "=", "0",
#  155|   							 AUSEARCH_RULE_CLEAR)){
#  156|   			printf("ausearch_add_item 1 error - %s\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def138]
audit-userspace-4.1.2/auparse/test/auparse_test.c:171:21: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(1, "./test.log")’
audit-userspace-4.1.2/auparse/test/auparse_test.c:148:14: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparse_test.c:149:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparse_test.c:153:12: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparse_test.c:153:12: branch_false: following ‘false’ branch (when ‘how != 2’)...
audit-userspace-4.1.2/auparse/test/auparse_test.c:171:21: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparse_test.c:171:21: throw: if ‘ausearch_add_item’ throws an exception...
audit-userspace-4.1.2/auparse/test/auparse_test.c:171:21: danger: ‘auparse_init(1, "./test.log")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#  169|   		}
#  170|   	} else {
#  171|-> 		if (ausearch_add_item(au, "auid", "=", "42",
#  172|   							 AUSEARCH_RULE_CLEAR)){
#  173|   			printf("ausearch_add_item 4 error - %s\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def139]
audit-userspace-4.1.2/auparse/test/auparse_test.c:211:13: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(4, &buf)’
audit-userspace-4.1.2/auparse/test/auparse_test.c:206:14: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparse_test.c:207:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparse_test.c:211:13: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparse_test.c:211:13: throw: if ‘ausearch_add_regex’ throws an exception...
audit-userspace-4.1.2/auparse/test/auparse_test.c:211:13: danger: ‘auparse_init(4, &buf)’ leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
#  209|   		exit(1);
#  210|   	}
#  211|-> 	if (ausearch_add_regex(au, expr)){
#  212|   		printf("ausearch_add_regex error - %s\n", strerror(errno));
#  213|   		exit(1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def140]
audit-userspace-4.1.2/auparse/test/auparse_test.c:300:16: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(4, &buf)’
audit-userspace-4.1.2/auparse/test/auparse_test.c:293:14: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparse_test.c:294:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparse_test.c:299:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparse_test.c:300:16: throw: if ‘auparse_next_event’ throws an exception...
audit-userspace-4.1.2/auparse/test/auparse_test.c:300:16: danger: ‘auparse_init(4, &buf)’ leaks here; was allocated at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
#  298|   
#  299|   	printf("Starting Test 1, iterate...\n");
#  300|-> 	while (auparse_next_event(au) > 0) {
#  301|   		if (auparse_find_field(au, "auid")) {
#  302|   			printf("%s=%s\n", auparse_get_field_name(au),

Error: GCC_ANALYZER_WARNING (CWE-775): [#def141]
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: warning[-Wanalyzer-file-leak]: leak of FILE ‘fd’
audit-userspace-4.1.2/auparse/test/auparselol_test.c:203:9: branch_false: following ‘false’ branch (when ‘filename’ is NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:22: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:8: branch_false: following ‘false’ branch (when ‘event_cnt’ is non-NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: acquire_resource: opened here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: throw: if ‘auparse_init’ throws an exception...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: danger: ‘fd’ leaks here; was opened at [(9)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/8)
#  233|       }
#  234|   
#  235|->     au = auparse_init(AUSOURCE_FEED, NULL);
#  236|       *event_cnt = 1;
#  237|       auparse_add_callback(au, auparse_callback, event_cnt, free);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def142]
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: warning[-Wanalyzer-malloc-leak]: leak of ‘event_cnt’
audit-userspace-4.1.2/auparse/test/auparselol_test.c:203:9: branch_false: following ‘false’ branch (when ‘filename’ is NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:22: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:22: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:8: branch_false: following ‘false’ branch (when ‘event_cnt’ is non-NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:225:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: throw: if ‘auparse_init’ throws an exception...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: danger: ‘event_cnt’ leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  233|       }
#  234|   
#  235|->     au = auparse_init(AUSOURCE_FEED, NULL);
#  236|       *event_cnt = 1;
#  237|       auparse_add_callback(au, auparse_callback, event_cnt, free);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def143]
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: warning[-Wanalyzer-malloc-leak]: leak of ‘fd’
audit-userspace-4.1.2/auparse/test/auparselol_test.c:203:9: branch_false: following ‘false’ branch (when ‘filename’ is NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:22: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:8: branch_false: following ‘false’ branch (when ‘event_cnt’ is non-NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: throw: if ‘auparse_init’ throws an exception...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: danger: ‘fd’ leaks here; was allocated at [(9)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/8)
#  233|       }
#  234|   
#  235|->     au = auparse_init(AUSOURCE_FEED, NULL);
#  236|       *event_cnt = 1;
#  237|       auparse_add_callback(au, auparse_callback, event_cnt, free);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def144]
audit-userspace-4.1.2/auparse/test/auparselol_test.c:237:5: warning[-Wanalyzer-file-leak]: leak of FILE ‘fd’
audit-userspace-4.1.2/auparse/test/auparselol_test.c:203:9: branch_false: following ‘false’ branch (when ‘filename’ is NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:22: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:8: branch_false: following ‘false’ branch (when ‘event_cnt’ is non-NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: acquire_resource: opened here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:237:5: throw: if ‘auparse_add_callback’ throws an exception...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:237:5: danger: ‘fd’ leaks here; was opened at [(9)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/8)
#  235|       au = auparse_init(AUSOURCE_FEED, NULL);
#  236|       *event_cnt = 1;
#  237|->     auparse_add_callback(au, auparse_callback, event_cnt, free);
#  238|       i = 0;
#  239|       while ((len = fread(buf, 1, sizeof(buf), fd))) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def145]
audit-userspace-4.1.2/auparse/test/auparselol_test.c:237:5: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(7, 0)’
audit-userspace-4.1.2/auparse/test/auparselol_test.c:203:9: branch_false: following ‘false’ branch (when ‘filename’ is NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:22: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:8: branch_false: following ‘false’ branch (when ‘event_cnt’ is non-NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:225:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:237:5: throw: if ‘auparse_add_callback’ throws an exception...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:237:5: danger: ‘auparse_init(7, 0)’ leaks here; was allocated at [(9)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/8)
#  235|       au = auparse_init(AUSOURCE_FEED, NULL);
#  236|       *event_cnt = 1;
#  237|->     auparse_add_callback(au, auparse_callback, event_cnt, free);
#  238|       i = 0;
#  239|       while ((len = fread(buf, 1, sizeof(buf), fd))) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def146]
audit-userspace-4.1.2/auparse/test/auparselol_test.c:237:5: warning[-Wanalyzer-malloc-leak]: leak of ‘event_cnt’
audit-userspace-4.1.2/auparse/test/auparselol_test.c:203:9: branch_false: following ‘false’ branch (when ‘filename’ is NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:22: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:22: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:8: branch_false: following ‘false’ branch (when ‘event_cnt’ is non-NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:225:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:237:5: throw: if ‘auparse_add_callback’ throws an exception...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:237:5: danger: ‘event_cnt’ leaks here; was allocated at [(5)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/4)
#  235|       au = auparse_init(AUSOURCE_FEED, NULL);
#  236|       *event_cnt = 1;
#  237|->     auparse_add_callback(au, auparse_callback, event_cnt, free);
#  238|       i = 0;
#  239|       while ((len = fread(buf, 1, sizeof(buf), fd))) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def147]
audit-userspace-4.1.2/auparse/test/auparselol_test.c:237:5: warning[-Wanalyzer-malloc-leak]: leak of ‘fd’
audit-userspace-4.1.2/auparse/test/auparselol_test.c:203:9: branch_false: following ‘false’ branch (when ‘filename’ is NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:22: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:8: branch_false: following ‘false’ branch (when ‘event_cnt’ is non-NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:237:5: throw: if ‘auparse_add_callback’ throws an exception...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:237:5: danger: ‘fd’ leaks here; was allocated at [(9)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/8)
#  235|       au = auparse_init(AUSOURCE_FEED, NULL);
#  236|       *event_cnt = 1;
#  237|->     auparse_add_callback(au, auparse_callback, event_cnt, free);
#  238|       i = 0;
#  239|       while ((len = fread(buf, 1, sizeof(buf), fd))) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def148]
audit-userspace-4.1.2/auparse/test/auparselol_test.c:241:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘fd’
audit-userspace-4.1.2/auparse/test/auparselol_test.c:203:9: branch_false: following ‘false’ branch (when ‘filename’ is NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:22: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:8: branch_false: following ‘false’ branch (when ‘event_cnt’ is non-NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: acquire_resource: opened here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:239:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:241:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:241:9: throw: if ‘auparse_feed’ throws an exception...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:241:9: danger: ‘fd’ leaks here; was opened at [(9)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/8)
#  239|       while ((len = fread(buf, 1, sizeof(buf), fd))) {
#  240|   
#  241|->         auparse_feed(au, buf, len);
#  242|           i++;
#  243|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def149]
audit-userspace-4.1.2/auparse/test/auparselol_test.c:241:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fd’
audit-userspace-4.1.2/auparse/test/auparselol_test.c:203:9: branch_false: following ‘false’ branch (when ‘filename’ is NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:22: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:8: branch_false: following ‘false’ branch (when ‘event_cnt’ is non-NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:239:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:241:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:241:9: throw: if ‘auparse_feed’ throws an exception...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:241:9: danger: ‘fd’ leaks here; was allocated at [(9)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/8)
#  239|       while ((len = fread(buf, 1, sizeof(buf), fd))) {
#  240|   
#  241|->         auparse_feed(au, buf, len);
#  242|           i++;
#  243|       }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def150]
audit-userspace-4.1.2/auparse/test/auparselol_test.c:244:5: warning[-Wanalyzer-file-leak]: leak of FILE ‘fd’
audit-userspace-4.1.2/auparse/test/auparselol_test.c:203:9: branch_false: following ‘false’ branch (when ‘filename’ is NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:22: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:8: branch_false: following ‘false’ branch (when ‘event_cnt’ is non-NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: acquire_resource: opened here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:239:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:244:5: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:244:5: throw: if ‘auparse_flush_feed’ throws an exception...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:244:5: danger: ‘fd’ leaks here; was opened at [(9)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/8)
#  242|           i++;
#  243|       }
#  244|->     auparse_flush_feed(au);
#  245|       auparse_destroy(au);        /* this also free's event_cnt */
#  246|       if (!(flags & F_USESTDIN))

Error: GCC_ANALYZER_WARNING (CWE-401): [#def151]
audit-userspace-4.1.2/auparse/test/auparselol_test.c:244:5: warning[-Wanalyzer-malloc-leak]: leak of ‘fd’
audit-userspace-4.1.2/auparse/test/auparselol_test.c:203:9: branch_false: following ‘false’ branch (when ‘filename’ is NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:22: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:8: branch_false: following ‘false’ branch (when ‘event_cnt’ is non-NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:239:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:244:5: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:244:5: throw: if ‘auparse_flush_feed’ throws an exception...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:244:5: danger: ‘fd’ leaks here; was allocated at [(9)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/8)
#  242|           i++;
#  243|       }
#  244|->     auparse_flush_feed(au);
#  245|       auparse_destroy(au);        /* this also free's event_cnt */
#  246|       if (!(flags & F_USESTDIN))

Error: GCC_ANALYZER_WARNING (CWE-775): [#def152]
audit-userspace-4.1.2/auparse/test/auparselol_test.c:245:5: warning[-Wanalyzer-file-leak]: leak of FILE ‘fd’
audit-userspace-4.1.2/auparse/test/auparselol_test.c:203:9: branch_false: following ‘false’ branch (when ‘filename’ is NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:22: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:8: branch_false: following ‘false’ branch (when ‘event_cnt’ is non-NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: acquire_resource: opened here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:245:5: throw: if ‘auparse_destroy’ throws an exception...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:245:5: danger: ‘fd’ leaks here; was opened at [(9)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/8)
#  243|       }
#  244|       auparse_flush_feed(au);
#  245|->     auparse_destroy(au);        /* this also free's event_cnt */
#  246|       if (!(flags & F_USESTDIN))
#  247|           fclose(fd);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def153]
audit-userspace-4.1.2/auparse/test/auparselol_test.c:245:5: warning[-Wanalyzer-malloc-leak]: leak of ‘fd’
audit-userspace-4.1.2/auparse/test/auparselol_test.c:203:9: branch_false: following ‘false’ branch (when ‘filename’ is NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:22: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:8: branch_false: following ‘false’ branch (when ‘event_cnt’ is non-NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:245:5: throw: if ‘auparse_destroy’ throws an exception...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:245:5: danger: ‘fd’ leaks here; was allocated at [(9)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/8)
#  243|       }
#  244|       auparse_flush_feed(au);
#  245|->     auparse_destroy(au);        /* this also free's event_cnt */
#  246|       if (!(flags & F_USESTDIN))
#  247|           fclose(fd);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def154]
audit-userspace-4.1.2/auparse/test/databuf_test.c:17:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
audit-userspace-4.1.2/auparse/test/databuf_test.c:7:13: enter_function: entry to ‘test_basic’
audit-userspace-4.1.2/auparse/test/databuf_test.c:14:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:15:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:15:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:16:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:16:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:17:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:17:9: danger: dereference of NULL ‘<unknown>’
#   15|   	assert(databuf_append(&db, data1, sizeof(data1) - 1) == 1);
#   16|   	assert(db.len == 4 && db.offset == 0);
#   17|-> 	assert(memcmp(databuf_beg(&db), "abcd", 4) == 0);
#   18|   
#   19|   	assert(databuf_append(&db, data2, sizeof(data2) - 1) == 1);

Error: GCC_ANALYZER_WARNING (CWE-688): [#def155]
audit-userspace-4.1.2/auparse/test/databuf_test.c:21:9: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
audit-userspace-4.1.2/auparse/test/databuf_test.c:7:13: enter_function: entry to ‘test_basic’
audit-userspace-4.1.2/auparse/test/databuf_test.c:14:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:15:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:15:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:16:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:16:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:17:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:19:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:19:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:20:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:20:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:21:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:21:9: danger: argument 1 (‘<unknown>’) NULL where non-null expected
#   19|   	assert(databuf_append(&db, data2, sizeof(data2) - 1) == 1);
#   20|   	assert(db.len == 6 && db.offset == 0);
#   21|-> 	assert(memcmp(databuf_beg(&db), "abcdef", 6) == 0);
#   22|   
#   23|   	assert(databuf_advance(&db, 3) == 1);

Error: GCC_ANALYZER_WARNING (CWE-688): [#def156]
audit-userspace-4.1.2/auparse/test/databuf_test.c:25:9: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
audit-userspace-4.1.2/auparse/test/databuf_test.c:7:13: enter_function: entry to ‘test_basic’
audit-userspace-4.1.2/auparse/test/databuf_test.c:14:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:15:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:15:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:16:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:16:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:17:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:19:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:19:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:20:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:20:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:21:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:23:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:23:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:24:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:24:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:25:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:25:9: danger: argument 1 (‘<unknown>’) NULL where non-null expected
#   23|   	assert(databuf_advance(&db, 3) == 1);
#   24|   	assert(db.offset == 3 && db.len == 3);
#   25|-> 	assert(memcmp(databuf_beg(&db), "def", 3) == 0);
#   26|   
#   27|   	assert(databuf_append(&db, data3, sizeof(data3) - 1) == 1);

Error: GCC_ANALYZER_WARNING (CWE-688): [#def157]
audit-userspace-4.1.2/auparse/test/databuf_test.c:29:9: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
audit-userspace-4.1.2/auparse/test/databuf_test.c:7:13: enter_function: entry to ‘test_basic’
audit-userspace-4.1.2/auparse/test/databuf_test.c:14:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:15:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:15:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:16:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:16:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:17:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:19:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:19:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:20:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:20:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:21:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:23:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:23:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:24:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:24:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:25:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:27:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:27:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:28:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:28:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:29:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:29:9: danger: argument 1 (‘<unknown>’) NULL where non-null expected
#   27|   	assert(databuf_append(&db, data3, sizeof(data3) - 1) == 1);
#   28|   	assert(db.offset == 0 && db.len == 7);
#   29|-> 	assert(memcmp(databuf_beg(&db), "defghij", 7) == 0);
#   30|   
#   31|   	databuf_free(&db);

Error: GCC_ANALYZER_WARNING (CWE-688): [#def158]
audit-userspace-4.1.2/auparse/test/databuf_test.c:49:9: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
audit-userspace-4.1.2/auparse/test/databuf_test.c:34:13: enter_function: entry to ‘test_preserve’
audit-userspace-4.1.2/auparse/test/databuf_test.c:41:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:42:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:42:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:43:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:43:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:44:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:44:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:45:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:45:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:47:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:48:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:48:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:49:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:49:9: danger: argument 1 (‘<unknown>’) NULL where non-null expected
#   47|   	assert(databuf_reset(&db) == 1);
#   48|   	assert(db.offset == 0 && db.len == 6);
#   49|-> 	assert(memcmp(databuf_beg(&db), "abcdef", 6) == 0);
#   50|   
#   51|   	assert(databuf_replace(&db, "xy", 2) == 1);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def159]
audit-userspace-4.1.2/auparse/test/databuf_test.c:58:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
audit-userspace-4.1.2/auparse/test/databuf_test.c:34:13: enter_function: entry to ‘test_preserve’
audit-userspace-4.1.2/auparse/test/databuf_test.c:41:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:42:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:42:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:43:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:43:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:44:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:44:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:45:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:45:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:47:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:48:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:48:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:49:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:51:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:51:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:52:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:52:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:53:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:53:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:54:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:54:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:56:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:57:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:57:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:58:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:58:9: danger: dereference of NULL ‘<unknown>’
#   56|   	assert(databuf_reset(&db) == 1);
#   57|   	assert(db.offset == 0 && db.len == 8);
#   58|-> 	assert(memcmp(databuf_beg(&db), "xy012345", 8) == 0);
#   59|   
#   60|   	databuf_free(&db);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def160]
audit-userspace-4.1.2/auplugin/auplugin.c:139:41: warning[-Wanalyzer-malloc-leak]: leak of 'e'
audit-userspace-4.1.2/auplugin/auplugin.c:109:17: branch_true: following 'true' branch (when '__i != 16')...
audit-userspace-4.1.2/auplugin/auplugin.c:109:17: branch_true: ...to here
audit-userspace-4.1.2/auplugin/auplugin.c:125:20: branch_true: following 'true' branch...
audit-userspace-4.1.2/auplugin/auplugin.c:125:20: branch_true: ...to here
audit-userspace-4.1.2/auplugin/auplugin.c:128:28: branch_true: following 'true' branch...
audit-userspace-4.1.2/auplugin/auplugin.c:131:57: branch_true: ...to here
audit-userspace-4.1.2/auplugin/auplugin.c:131:57: acquire_memory: allocated here
audit-userspace-4.1.2/auplugin/auplugin.c:133:36: branch_true: following 'true' branch (when 'e' is non-NULL)...
audit-userspace-4.1.2/auplugin/auplugin.c:134:49: branch_true: ...to here
audit-userspace-4.1.2/auplugin/auplugin.c:139:41: throw: if 'enqueue' throws an exception...
audit-userspace-4.1.2/auplugin/auplugin.c:139:41: danger: 'e' leaks here; was allocated at [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6)
#  137|   					e->hdr.size = len;
#  138|   					e->hdr.ver = AUDISP_PROTOCOL_VER2;
#  139|-> 					enqueue(e, &q_config);
#  140|   				}
#  141|   			} else if (len < 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def161]
audit-userspace-4.1.2/auplugin/auplugin.c:202:9: warning[-Wanalyzer-malloc-leak]: leak of 'auparse_init(7, 0)'
audit-userspace-4.1.2/auplugin/auplugin.c:194:12: branch_false: following 'false' branch (when 'callback' is non-NULL)...
audit-userspace-4.1.2/auplugin/auplugin.c:197:31: branch_false: ...to here
audit-userspace-4.1.2/auplugin/auplugin.c:197:31: acquire_memory: allocated here
audit-userspace-4.1.2/auplugin/auplugin.c:198:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auplugin/auplugin.c:202:9: branch_false: ...to here
audit-userspace-4.1.2/auplugin/auplugin.c:202:9: throw: if 'auparse_set_eoe_timeout' throws an exception...
audit-userspace-4.1.2/auplugin/auplugin.c:202:9: danger: 'auparse_init(7, 0)' leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#  200|                   return -1;
#  201|           }
#  202|->         auparse_set_eoe_timeout(2);
#  203|           auparse_add_callback(au, callback, NULL, NULL);
#  204|   	timer_interval = t_interval;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def162]
audit-userspace-4.1.2/auplugin/auplugin.c:203:9: warning[-Wanalyzer-malloc-leak]: leak of 'auparse_init(7, 0)'
audit-userspace-4.1.2/auplugin/auplugin.c:194:12: branch_false: following 'false' branch (when 'callback' is non-NULL)...
audit-userspace-4.1.2/auplugin/auplugin.c:197:31: branch_false: ...to here
audit-userspace-4.1.2/auplugin/auplugin.c:197:31: acquire_memory: allocated here
audit-userspace-4.1.2/auplugin/auplugin.c:198:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auplugin/auplugin.c:202:9: branch_false: ...to here
audit-userspace-4.1.2/auplugin/auplugin.c:203:9: throw: if 'auparse_add_callback' throws an exception...
audit-userspace-4.1.2/auplugin/auplugin.c:203:9: danger: 'auparse_init(7, 0)' leaks here; was allocated at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#  201|           }
#  202|           auparse_set_eoe_timeout(2);
#  203|->         auparse_add_callback(au, callback, NULL, NULL);
#  204|   	timer_interval = t_interval;
#  205|   	timer_cb = t_cb;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def163]
audit-userspace-4.1.2/bindings/python/auparse_python.c:474:30: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
audit-userspace-4.1.2/bindings/python/auparse_python.c:339:8: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:341:5: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:458:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:19: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:19: acquire_memory: allocated here
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:12: branch_false: following 'false' branch (when 'fp' is non-NULL)...
audit-userspace-4.1.2/bindings/python/auparse_python.c:474:30: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:474:30: throw: if 'PyObject_GetAttrString' throws an exception...
audit-userspace-4.1.2/bindings/python/auparse_python.c:474:30: danger: 'fp' leaks here; was allocated at [(7)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/6)
#  472|   #else
#  473|           /* In Python 3 obtain the name attribute if possible */
#  474|->         PyObject *name_obj = PyObject_GetAttrString(source, "name");
#  475|           if (name_obj && PYSTR_CHECK(name_obj))
#  476|               filename = PYSTR_ASSTRING(name_obj);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def164]
audit-userspace-4.1.2/bindings/python/auparse_python.c:476:24: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
audit-userspace-4.1.2/bindings/python/auparse_python.c:328:1: enter_function: entry to 'AuParser_init'
audit-userspace-4.1.2/bindings/python/auparse_python.c:339:8: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:341:5: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:458:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:19: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:19: acquire_memory: allocated here
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:12: branch_false: following 'false' branch (when 'fp' is non-NULL)...
audit-userspace-4.1.2/bindings/python/auparse_python.c:474:30: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:475:12: branch_true: following 'true' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:475:25: call_function: inlined call to '_Py_TYPE' from 'AuParser_init'
audit-userspace-4.1.2/bindings/python/auparse_python.c:475:13: branch_true: following 'true' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:476:24: branch_true: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:476:24: throw: if 'PyUnicode_AsUTF8' throws an exception...
audit-userspace-4.1.2/bindings/python/auparse_python.c:476:24: danger: 'fp' leaks here; was allocated at [(8)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/7)
#  474|           PyObject *name_obj = PyObject_GetAttrString(source, "name");
#  475|           if (name_obj && PYSTR_CHECK(name_obj))
#  476|->             filename = PYSTR_ASSTRING(name_obj);
#  477|   	Py_XDECREF(name_obj);
#  478|   #endif

Error: GCC_ANALYZER_WARNING (CWE-401): [#def165]
audit-userspace-4.1.2/bindings/python/auparse_python.c:479:25: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
audit-userspace-4.1.2/bindings/python/auparse_python.c:339:8: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:341:5: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:458:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:19: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:19: acquire_memory: allocated here
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:12: branch_false: following 'false' branch (when 'fp' is non-NULL)...
audit-userspace-4.1.2/bindings/python/auparse_python.c:474:30: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:479:25: throw: if 'auparse_init' throws an exception...
audit-userspace-4.1.2/bindings/python/auparse_python.c:479:25: danger: 'fp' leaks here; was allocated at [(7)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/6)
#  477|   	Py_XDECREF(name_obj);
#  478|   #endif
#  479|->         if ((self->au = auparse_init(source_type, fp)) == NULL) {
#  480|               if (filename)
#  481|                   PyErr_SetFromErrnoWithFilename(PyExc_IOError, filename);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def166]
audit-userspace-4.1.2/bindings/python/auparse_python.c:481:17: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
audit-userspace-4.1.2/bindings/python/auparse_python.c:328:1: enter_function: entry to 'AuParser_init'
audit-userspace-4.1.2/bindings/python/auparse_python.c:339:8: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:341:5: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:458:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:19: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:19: acquire_memory: allocated here
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:12: branch_false: following 'false' branch (when 'fp' is non-NULL)...
audit-userspace-4.1.2/bindings/python/auparse_python.c:474:30: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:475:12: branch_true: following 'true' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:475:25: call_function: inlined call to '_Py_TYPE' from 'AuParser_init'
audit-userspace-4.1.2/bindings/python/auparse_python.c:475:13: branch_true: following 'true' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:476:24: branch_true: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:477:9: call_function: calling 'Py_XDECREF' from 'AuParser_init'
audit-userspace-4.1.2/bindings/python/auparse_python.c:477:9: return_function: returning to 'AuParser_init' from 'Py_XDECREF'
audit-userspace-4.1.2/bindings/python/auparse_python.c:479:12: branch_true: following 'true' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:480:16: branch_true: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:480:16: branch_true: following 'true' branch (when 'filename' is non-NULL)...
audit-userspace-4.1.2/bindings/python/auparse_python.c:481:17: branch_true: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:481:17: throw: if 'PyErr_SetFromErrnoWithFilename' throws an exception...
audit-userspace-4.1.2/bindings/python/auparse_python.c:481:17: danger: 'fp' leaks here; was allocated at [(8)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/7)
#  479|           if ((self->au = auparse_init(source_type, fp)) == NULL) {
#  480|               if (filename)
#  481|->                 PyErr_SetFromErrnoWithFilename(PyExc_IOError, filename);
#  482|               else
#  483|                   PyErr_SetFromErrno(PyExc_IOError);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def167]
audit-userspace-4.1.2/bindings/python/auparse_python.c:483:17: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
audit-userspace-4.1.2/bindings/python/auparse_python.c:339:8: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:341:5: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:458:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:19: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:19: acquire_memory: allocated here
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:12: branch_false: following 'false' branch (when 'fp' is non-NULL)...
audit-userspace-4.1.2/bindings/python/auparse_python.c:474:30: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:479:12: branch_true: following 'true' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:480:16: branch_true: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:480:16: branch_false: following 'false' branch (when 'filename' is NULL)...
audit-userspace-4.1.2/bindings/python/auparse_python.c:483:17: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:483:17: throw: if 'PyErr_SetFromErrno' throws an exception...
audit-userspace-4.1.2/bindings/python/auparse_python.c:483:17: danger: 'fp' leaks here; was allocated at [(7)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/6)
#  481|                   PyErr_SetFromErrnoWithFilename(PyExc_IOError, filename);
#  482|               else
#  483|->                 PyErr_SetFromErrno(PyExc_IOError);
#  484|               return -1;
#  485|           }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def168]
audit-userspace-4.1.2/bindings/python/auparse_python.c:779:21: warning[-Wanalyzer-malloc-leak]: leak of 'auparse_metrics(*self.au)'
audit-userspace-4.1.2/bindings/python/auparse_python.c:773:5: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:774:13: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:774:13: acquire_memory: allocated here
audit-userspace-4.1.2/bindings/python/auparse_python.c:775:8: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:779:21: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:779:21: throw: if 'Py_BuildValue' throws an exception...
audit-userspace-4.1.2/bindings/python/auparse_python.c:779:21: danger: 'auparse_metrics(*self.au)' leaks here; was allocated at [(3)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/2)
#  777|           return NULL;
#  778|       }
#  779|->     PyObject *obj = Py_BuildValue("s", value);
#  780|       free(value);
#  781|       return obj;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def169]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:724:9: warning[-Wanalyzer-null-dereference]: dereference of NULL 'iter'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:6369:22: enter_function: entry to '_wrap_audit_msg_type_to_name'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:6378:6: branch_false: following 'false' branch (when 'args' is non-NULL)...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:6380:12: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:6380:12: call_function: calling 'SWIG_AsVal_int' from '_wrap_audit_msg_type_to_name'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:6380:12: return_function: returning to '_wrap_audit_msg_type_to_name' from 'SWIG_AsVal_int'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:6381:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:6384:3: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:6386:15: call_function: calling 'SWIG_FromCharPtr' from '_wrap_audit_msg_type_to_name'
#  722|     swig_module_info *iter = start;
#  723|     do {
#  724|->     if (iter->size) {
#  725|         size_t l = 0;
#  726|         size_t r = iter->size - 1;

Error: CPPCHECK_WARNING (CWE-457): [#def170]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:872: warning[uninitvar]: Uninitialized variable: buff
#  870|       *r = 0;
#  871|     }
#  872|->   return buff;
#  873|   }
#  874|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def171]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:1452:39: warning[-Wanalyzer-malloc-leak]: leak of 'result'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5448:22: enter_function: entry to '_wrap_new_audit_rule_data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5453:8: call_function: calling 'SWIG_Python_UnpackTuple' from '_wrap_new_audit_rule_data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5453:8: return_function: returning to '_wrap_new_audit_rule_data' from 'SWIG_Python_UnpackTuple'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5453:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5454:38: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5454:38: acquire_memory: allocated here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5455:15: call_function: calling 'SWIG_Python_NewPointerObj' from '_wrap_new_audit_rule_data'
# 1450|       /* free-threading note: the GIL is always enabled when this function is first called
# 1451|          by SWIG_init, so there's no risk of race conditions */
# 1452|->     Swig_runtime_data_module_global = PyImport_AddModuleRef(SWIG_RUNTIME_MODULE);
# 1453|   #elif PY_VERSION_HEX >= 0x03000000
# 1454|       Swig_runtime_data_module_global = PyImport_AddModule(SWIG_RUNTIME_MODULE);

Error: CPPCHECK_WARNING (CWE-476): [#def172]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:1901: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: data
# 1899|       SwigPyClientData *data = (SwigPyClientData *)malloc(sizeof(SwigPyClientData));
# 1900|       /* the klass element */
# 1901|->     data->klass = obj;
# 1902|       SWIG_Py_INCREF(data->klass);
# 1903|       /* the newraw method and newargs arguments used to create a new raw instance */

Error: GCC_ANALYZER_WARNING (CWE-476): [#def173]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:1901:5: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5485:22: enter_function: entry to 'audit_rule_data_swigregister'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:8: call_function: calling 'SWIG_Python_UnpackTuple' from 'audit_rule_data_swigregister'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:8: return_function: returning to 'audit_rule_data_swigregister' from 'SWIG_Python_UnpackTuple'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5488:3: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5488:54: call_function: calling 'SwigPyClientData_New' from 'audit_rule_data_swigregister'
# 1899|       SwigPyClientData *data = (SwigPyClientData *)malloc(sizeof(SwigPyClientData));
# 1900|       /* the klass element */
# 1901|->     data->klass = obj;
# 1902|       SWIG_Py_INCREF(data->klass);
# 1903|       /* the newraw method and newargs arguments used to create a new raw instance */

Error: CPPCHECK_WARNING (CWE-476): [#def174]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:1902: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: data
# 1900|       /* the klass element */
# 1901|       data->klass = obj;
# 1902|->     SWIG_Py_INCREF(data->klass);
# 1903|       /* the newraw method and newargs arguments used to create a new raw instance */
# 1904|       if (PyClass_Check(obj)) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def175]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:1904:9: warning[-Wanalyzer-malloc-leak]: leak of 'data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5485:22: enter_function: entry to 'audit_rule_data_swigregister'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:8: call_function: calling 'SWIG_Python_UnpackTuple' from 'audit_rule_data_swigregister'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:8: return_function: returning to 'audit_rule_data_swigregister' from 'SWIG_Python_UnpackTuple'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5488:3: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5488:54: call_function: calling 'SwigPyClientData_New' from 'audit_rule_data_swigregister'
# 1902|       SWIG_Py_INCREF(data->klass);
# 1903|       /* the newraw method and newargs arguments used to create a new raw instance */
# 1904|->     if (PyClass_Check(obj)) {
# 1905|         data->newraw = 0;
# 1906|         SWIG_Py_INCREF(obj);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def176]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:1909:22: warning[-Wanalyzer-malloc-leak]: leak of 'data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5485:22: enter_function: entry to 'audit_rule_data_swigregister'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:8: call_function: calling 'SWIG_Python_UnpackTuple' from 'audit_rule_data_swigregister'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:8: return_function: returning to 'audit_rule_data_swigregister' from 'SWIG_Python_UnpackTuple'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5488:3: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5488:54: call_function: calling 'SwigPyClientData_New' from 'audit_rule_data_swigregister'
# 1907|         data->newargs = obj;
# 1908|       } else {
# 1909|->       data->newraw = PyObject_GetAttrString(data->klass, "__new__");
# 1910|         if (data->newraw) {
# 1911|           data->newargs = PyTuple_New(1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def177]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:1911:25: warning[-Wanalyzer-malloc-leak]: leak of 'data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5485:22: enter_function: entry to 'audit_rule_data_swigregister'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:8: call_function: calling 'SWIG_Python_UnpackTuple' from 'audit_rule_data_swigregister'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:8: return_function: returning to 'audit_rule_data_swigregister' from 'SWIG_Python_UnpackTuple'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5488:3: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5488:54: call_function: calling 'SwigPyClientData_New' from 'audit_rule_data_swigregister'
# 1909|         data->newraw = PyObject_GetAttrString(data->klass, "__new__");
# 1910|         if (data->newraw) {
# 1911|->         data->newargs = PyTuple_New(1);
# 1912|           if (data->newargs) {
# 1913|             SWIG_Py_INCREF(obj);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def178]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:1927:21: warning[-Wanalyzer-malloc-leak]: leak of 'data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5485:22: enter_function: entry to 'audit_rule_data_swigregister'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:8: call_function: calling 'SWIG_Python_UnpackTuple' from 'audit_rule_data_swigregister'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:8: return_function: returning to 'audit_rule_data_swigregister' from 'SWIG_Python_UnpackTuple'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5488:3: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5488:54: call_function: calling 'SwigPyClientData_New' from 'audit_rule_data_swigregister'
# 1925|       }
# 1926|       /* the destroy method, aka as the C++ delete method */
# 1927|->     data->destroy = PyObject_GetAttrString(data->klass, "__swig_destroy__");
# 1928|       if (PyErr_Occurred()) {
# 1929|         PyErr_Clear();

Error: GCC_ANALYZER_WARNING (CWE-401): [#def179]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:1928:9: warning[-Wanalyzer-malloc-leak]: leak of 'data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5485:22: enter_function: entry to 'audit_rule_data_swigregister'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:8: call_function: calling 'SWIG_Python_UnpackTuple' from 'audit_rule_data_swigregister'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:8: return_function: returning to 'audit_rule_data_swigregister' from 'SWIG_Python_UnpackTuple'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5488:3: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5488:54: call_function: calling 'SwigPyClientData_New' from 'audit_rule_data_swigregister'
# 1926|       /* the destroy method, aka as the C++ delete method */
# 1927|       data->destroy = PyObject_GetAttrString(data->klass, "__swig_destroy__");
# 1928|->     if (PyErr_Occurred()) {
# 1929|         PyErr_Clear();
# 1930|         data->destroy = 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def180]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:1929:7: warning[-Wanalyzer-malloc-leak]: leak of 'data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5485:22: enter_function: entry to 'audit_rule_data_swigregister'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:8: call_function: calling 'SWIG_Python_UnpackTuple' from 'audit_rule_data_swigregister'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:8: return_function: returning to 'audit_rule_data_swigregister' from 'SWIG_Python_UnpackTuple'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5488:3: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5488:54: call_function: calling 'SwigPyClientData_New' from 'audit_rule_data_swigregister'
# 1927|       data->destroy = PyObject_GetAttrString(data->klass, "__swig_destroy__");
# 1928|       if (PyErr_Occurred()) {
# 1929|->       PyErr_Clear();
# 1930|         data->destroy = 0;
# 1931|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def181]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:2440:22: warning[-Wanalyzer-malloc-leak]: leak of 'result'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5448:22: enter_function: entry to '_wrap_new_audit_rule_data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5453:8: call_function: calling 'SWIG_Python_UnpackTuple' from '_wrap_new_audit_rule_data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5453:8: return_function: returning to '_wrap_new_audit_rule_data' from 'SWIG_Python_UnpackTuple'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5453:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5454:38: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5454:38: acquire_memory: allocated here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5455:15: call_function: calling 'SWIG_Python_NewPointerObj' from '_wrap_new_audit_rule_data'
# 2438|       slots
# 2439|     };
# 2440|->   PyObject *pytype = PyType_FromSpec(&spec);
# 2441|     PyObject *runtime_data_module = SWIG_runtime_data_module();
# 2442|   #if !defined(Py_LIMITED_API)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def182]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:2453:17: warning[-Wanalyzer-malloc-leak]: leak of 'result'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5448:22: enter_function: entry to '_wrap_new_audit_rule_data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5453:8: call_function: calling 'SWIG_Python_UnpackTuple' from '_wrap_new_audit_rule_data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5453:8: return_function: returning to '_wrap_new_audit_rule_data' from 'SWIG_Python_UnpackTuple'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5453:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5454:38: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5454:38: acquire_memory: allocated here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5455:15: call_function: calling 'SWIG_Python_NewPointerObj' from '_wrap_new_audit_rule_data'
# 2451|   #endif
# 2452|   #endif
# 2453|->   if (pytype && PyModule_AddObject(runtime_data_module, "SwigPyObject", pytype) == 0)
# 2454|       SWIG_Py_INCREF(pytype);
# 2455|     return (PyTypeObject *)pytype;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def183]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:2462:24: warning[-Wanalyzer-malloc-leak]: leak of 'result'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5448:22: enter_function: entry to '_wrap_new_audit_rule_data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5453:8: call_function: calling 'SWIG_Python_UnpackTuple' from '_wrap_new_audit_rule_data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5453:8: return_function: returning to '_wrap_new_audit_rule_data' from 'SWIG_Python_UnpackTuple'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5453:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5454:38: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5454:38: acquire_memory: allocated here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5455:15: call_function: calling 'SWIG_Python_NewPointerObj' from '_wrap_new_audit_rule_data'
# 2460|   SwigPyObject_New(void *ptr, swig_type_info *ty, int own)
# 2461|   {
# 2462|->   SwigPyObject *sobj = PyObject_New(SwigPyObject, SwigPyObject_Type());
# 2463|     if (sobj) {
# 2464|       sobj->ptr  = ptr;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def184]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:3136:16: warning[-Wanalyzer-malloc-leak]: leak of 'result'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5448:22: enter_function: entry to '_wrap_new_audit_rule_data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5453:8: call_function: calling 'SWIG_Python_UnpackTuple' from '_wrap_new_audit_rule_data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5453:8: return_function: returning to '_wrap_new_audit_rule_data' from 'SWIG_Python_UnpackTuple'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5453:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5454:38: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5454:38: acquire_memory: allocated here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5455:15: call_function: calling 'SWIG_Python_NewPointerObj' from '_wrap_new_audit_rule_data'
# 3134|         }
# 3135|       } else {
# 3136|->       newobj = PyObject_New(SwigPyObject, clientdata->pytype);
# 3137|         if (newobj) {
# 3138|           newobj->swigdict = 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def185]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4527:15: warning[-Wanalyzer-malloc-leak]: leak of 'result'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4520:22: enter_function: entry to '_wrap_new_audit_status'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4525:8: call_function: calling 'SWIG_Python_UnpackTuple' from '_wrap_new_audit_status'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4525:8: return_function: returning to '_wrap_new_audit_status' from 'SWIG_Python_UnpackTuple'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4525:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4526:35: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4526:35: acquire_memory: allocated here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4527:15: call_function: calling 'SWIG_Python_NewPointerObj' from '_wrap_new_audit_status'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4527:15: return_function: returning to '_wrap_new_audit_status' from 'SWIG_Python_NewPointerObj'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4527:15: danger: 'result' leaks here; was allocated at [(9)](sarif:/runs/0/results/31/codeFlows/0/threadFlows/0/locations/8)
# 4525|     if (!SWIG_Python_UnpackTuple(args, "new_audit_status", 0, 0, 0)) SWIG_fail;
# 4526|     result = (struct audit_status *)calloc(1, sizeof(struct audit_status));
# 4527|->   resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_audit_status, SWIG_POINTER_NEW |  0 );
# 4528|     return resultobj;
# 4529|   fail:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def186]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4791:15: warning[-Wanalyzer-malloc-leak]: leak of 'result'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4784:22: enter_function: entry to '_wrap_new_audit_features'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4789:8: call_function: calling 'SWIG_Python_UnpackTuple' from '_wrap_new_audit_features'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4789:8: return_function: returning to '_wrap_new_audit_features' from 'SWIG_Python_UnpackTuple'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4789:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4790:37: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4790:37: acquire_memory: allocated here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4791:15: call_function: calling 'SWIG_Python_NewPointerObj' from '_wrap_new_audit_features'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4791:15: return_function: returning to '_wrap_new_audit_features' from 'SWIG_Python_NewPointerObj'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4791:15: danger: 'result' leaks here; was allocated at [(9)](sarif:/runs/0/results/32/codeFlows/0/threadFlows/0/locations/8)
# 4789|     if (!SWIG_Python_UnpackTuple(args, "new_audit_features", 0, 0, 0)) SWIG_fail;
# 4790|     result = (struct audit_features *)calloc(1, sizeof(struct audit_features));
# 4791|->   resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_audit_features, SWIG_POINTER_NEW |  0 );
# 4792|     return resultobj;
# 4793|   fail:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def187]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4947:15: warning[-Wanalyzer-malloc-leak]: leak of 'result'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4940:22: enter_function: entry to '_wrap_new_audit_tty_status'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4945:8: call_function: calling 'SWIG_Python_UnpackTuple' from '_wrap_new_audit_tty_status'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4945:8: return_function: returning to '_wrap_new_audit_tty_status' from 'SWIG_Python_UnpackTuple'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4945:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4946:39: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4946:39: acquire_memory: allocated here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4947:15: call_function: calling 'SWIG_Python_NewPointerObj' from '_wrap_new_audit_tty_status'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4947:15: return_function: returning to '_wrap_new_audit_tty_status' from 'SWIG_Python_NewPointerObj'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4947:15: danger: 'result' leaks here; was allocated at [(9)](sarif:/runs/0/results/33/codeFlows/0/threadFlows/0/locations/8)
# 4945|     if (!SWIG_Python_UnpackTuple(args, "new_audit_tty_status", 0, 0, 0)) SWIG_fail;
# 4946|     result = (struct audit_tty_status *)calloc(1, sizeof(struct audit_tty_status));
# 4947|->   resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_audit_tty_status, SWIG_POINTER_NEW |  0 );
# 4948|     return resultobj;
# 4949|   fail:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def188]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5455:15: warning[-Wanalyzer-malloc-leak]: leak of 'result'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5448:22: enter_function: entry to '_wrap_new_audit_rule_data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5453:8: call_function: calling 'SWIG_Python_UnpackTuple' from '_wrap_new_audit_rule_data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5453:8: return_function: returning to '_wrap_new_audit_rule_data' from 'SWIG_Python_UnpackTuple'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5453:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5454:38: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5454:38: acquire_memory: allocated here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5455:15: call_function: calling 'SWIG_Python_NewPointerObj' from '_wrap_new_audit_rule_data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5455:15: return_function: returning to '_wrap_new_audit_rule_data' from 'SWIG_Python_NewPointerObj'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5455:15: danger: 'result' leaks here; was allocated at [(9)](sarif:/runs/0/results/34/codeFlows/0/threadFlows/0/locations/8)
# 5453|     if (!SWIG_Python_UnpackTuple(args, "new_audit_rule_data", 0, 0, 0)) SWIG_fail;
# 5454|     result = (struct audit_rule_data *)calloc(1, sizeof(struct audit_rule_data));
# 5455|->   resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_audit_rule_data, SWIG_POINTER_NEW |  0 );
# 5456|     return resultobj;
# 5457|   fail:

Error: GCC_ANALYZER_WARNING (CWE-775): [#def189]
audit-userspace-4.1.2/common/common.c:81:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open("/dev/console", 1)'
audit-userspace-4.1.2/common/common.c:77:19: acquire_resource: opened here
audit-userspace-4.1.2/common/common.c:77:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/common/common.c:80:9: branch_false: ...to here
audit-userspace-4.1.2/common/common.c:81:13: throw: if 'vdprintf' throws an exception...
audit-userspace-4.1.2/common/common.c:81:13: danger: 'open("/dev/console", 1)' leaks here; was opened at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#   79|   
#   80|   	va_start(args, fmt);
#   81|-> 	if (vdprintf(fd, fmt, args) < 0)
#   82|   		res = 0;
#   83|   

Error: GCC_ANALYZER_WARNING (CWE-404): [#def190]
audit-userspace-4.1.2/common/common.c:81:13: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
audit-userspace-4.1.2/common/common.c:77:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/common/common.c:80:9: branch_false: ...to here
audit-userspace-4.1.2/common/common.c:80:9: acquire_resource: 'va_start' called here
audit-userspace-4.1.2/common/common.c:81:13: throw: if 'vdprintf' throws an exception...
audit-userspace-4.1.2/common/common.c:81:13: danger: missing call to 'va_end' to match 'va_start' at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#   79|   
#   80|   	va_start(args, fmt);
#   81|-> 	if (vdprintf(fd, fmt, args) < 0)
#   82|   		res = 0;
#   83|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def191]
audit-userspace-4.1.2/common/common.c:114:33: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open(&tty_path, 257)'
audit-userspace-4.1.2/common/common.c:105:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/common/common.c:107:21: branch_true: ...to here
audit-userspace-4.1.2/common/common.c:112:30: acquire_resource: opened here
audit-userspace-4.1.2/common/common.c:114:33: throw: if 'dprintf' throws an exception...
audit-userspace-4.1.2/common/common.c:114:33: danger: 'open(&tty_path, 257)' leaks here; was opened at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#  112|   			fd = open(tty_path, O_WRONLY | O_NOCTTY);
#  113|   			if (fd != -1) {
#  114|-> 				dprintf(fd, "\nBroadcast message from audit daemon:\n%s\n", message);
#  115|   				close(fd);
#  116|   			}

Error: GCC_ANALYZER_WARNING (CWE-404): [#def192]
audit-userspace-4.1.2/common/message.c:55:17: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
audit-userspace-4.1.2/common/message.c:47:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/common/message.c:50:12: branch_false: ...to here
audit-userspace-4.1.2/common/message.c:53:9: acquire_resource: 'va_start' called here
audit-userspace-4.1.2/common/message.c:54:12: branch_true: following 'true' branch...
audit-userspace-4.1.2/common/message.c:55:17: branch_true: ...to here
audit-userspace-4.1.2/common/message.c:55:17: throw: if 'vsyslog' throws an exception...
audit-userspace-4.1.2/common/message.c:55:17: danger: missing call to 'va_end' to match 'va_start' at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   53|           va_start(ap, fmt);
#   54|           if (message_mode == MSG_SYSLOG)
#   55|->                 vsyslog(priority, fmt, ap);
#   56|           else {
#   57|                   vfprintf(stderr, fmt, ap);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def193]
audit-userspace-4.1.2/lib/libaudit.c:160:15: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/lib/libaudit.c:218:12: enter_function: entry to 'load_libaudit_config'
audit-userspace-4.1.2/lib/libaudit.c:227:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:242:9: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:243:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:249:13: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:249:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:254:13: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:259:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:264:14: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:264:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:271:13: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:271:13: acquire_memory: allocated here
audit-userspace-4.1.2/lib/libaudit.c:272:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
audit-userspace-4.1.2/lib/libaudit.c:272:12: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:279:16: call_function: calling 'get_line' from 'load_libaudit_config'
audit-userspace-4.1.2/lib/libaudit.c:279:16: return_function: returning to 'load_libaudit_config' from 'get_line'
audit-userspace-4.1.2/lib/libaudit.c:279:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/lib/libaudit.c:283:22: branch_true: ...to here
audit-userspace-4.1.2/lib/libaudit.c:283:22: call_function: calling 'nv_split' from 'load_libaudit_config'
#  158|   	nv->name = NULL;
#  159|   	nv->value = NULL;
#  160|-> 	ptr = audit_strsplit_r(buf, &saved);
#  161|   	if (ptr == NULL)
#  162|   		return 0; /* If there's nothing, go to next line */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def194]
audit-userspace-4.1.2/lib/libaudit.c:168:15: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/lib/libaudit.c:218:12: enter_function: entry to 'load_libaudit_config'
audit-userspace-4.1.2/lib/libaudit.c:227:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:242:9: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:243:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:249:13: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:249:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:254:13: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:259:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:264:14: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:264:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:271:13: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:271:13: acquire_memory: allocated here
audit-userspace-4.1.2/lib/libaudit.c:272:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
audit-userspace-4.1.2/lib/libaudit.c:272:12: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:279:16: call_function: calling 'get_line' from 'load_libaudit_config'
audit-userspace-4.1.2/lib/libaudit.c:279:16: return_function: returning to 'load_libaudit_config' from 'get_line'
audit-userspace-4.1.2/lib/libaudit.c:279:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/lib/libaudit.c:283:22: branch_true: ...to here
audit-userspace-4.1.2/lib/libaudit.c:283:22: call_function: calling 'nv_split' from 'load_libaudit_config'
#  166|   
#  167|   	/* Check for a '=' */
#  168|-> 	ptr = audit_strsplit_r(NULL, &saved);
#  169|   	if (ptr == NULL)
#  170|   		return 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def195]
audit-userspace-4.1.2/lib/libaudit.c:175:15: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/lib/libaudit.c:218:12: enter_function: entry to 'load_libaudit_config'
audit-userspace-4.1.2/lib/libaudit.c:227:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:242:9: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:243:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:249:13: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:249:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:254:13: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:259:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:264:14: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:264:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:271:13: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:271:13: acquire_memory: allocated here
audit-userspace-4.1.2/lib/libaudit.c:272:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
audit-userspace-4.1.2/lib/libaudit.c:272:12: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:279:16: call_function: calling 'get_line' from 'load_libaudit_config'
audit-userspace-4.1.2/lib/libaudit.c:279:16: return_function: returning to 'load_libaudit_config' from 'get_line'
audit-userspace-4.1.2/lib/libaudit.c:279:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/lib/libaudit.c:283:22: branch_true: ...to here
audit-userspace-4.1.2/lib/libaudit.c:283:22: call_function: calling 'nv_split' from 'load_libaudit_config'
#  173|   
#  174|   	/* get the value */
#  175|-> 	ptr = audit_strsplit_r(NULL, &saved);
#  176|   	if (ptr == NULL)
#  177|   		return 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def196]
audit-userspace-4.1.2/lib/libaudit.c:181:15: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/lib/libaudit.c:218:12: enter_function: entry to 'load_libaudit_config'
audit-userspace-4.1.2/lib/libaudit.c:227:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:242:9: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:243:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:249:13: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:249:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:254:13: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:259:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:264:14: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:264:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:271:13: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:271:13: acquire_memory: allocated here
audit-userspace-4.1.2/lib/libaudit.c:272:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
audit-userspace-4.1.2/lib/libaudit.c:272:12: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:279:16: call_function: calling 'get_line' from 'load_libaudit_config'
audit-userspace-4.1.2/lib/libaudit.c:279:16: return_function: returning to 'load_libaudit_config' from 'get_line'
audit-userspace-4.1.2/lib/libaudit.c:279:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/lib/libaudit.c:283:22: branch_true: ...to here
audit-userspace-4.1.2/lib/libaudit.c:283:22: call_function: calling 'nv_split' from 'load_libaudit_config'
#  179|   
#  180|   	/* Make sure there's nothing else */
#  181|-> 	ptr = audit_strsplit_r(NULL, &saved);
#  182|   	if (ptr)
#  183|   		return 1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def197]
audit-userspace-4.1.2/lib/libaudit.c:242:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open(path, 655360)'
audit-userspace-4.1.2/lib/libaudit.c:226:14: acquire_resource: opened here
audit-userspace-4.1.2/lib/libaudit.c:227:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:242:9: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:242:9: throw: if 'audit_msg' throws an exception...
audit-userspace-4.1.2/lib/libaudit.c:242:9: danger: 'open(path, 655360)' leaks here; was opened at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
#  240|   	 * not symlink.
#  241|   	 */
#  242|-> 	audit_msg(LOG_DEBUG, "Config file %s opened for parsing", path);
#  243|   	if (fstat(fd, &st) < 0) {
#  244|   		audit_msg(LOG_ERR, "Error fstat'ing %s (%s)",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def198]
audit-userspace-4.1.2/lib/libaudit.c:288:33: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/lib/libaudit.c:218:12: enter_function: entry to 'load_libaudit_config'
audit-userspace-4.1.2/lib/libaudit.c:227:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:242:9: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:243:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:249:13: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:249:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:254:13: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:259:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:264:14: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:264:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:271:13: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:271:13: acquire_memory: allocated here
audit-userspace-4.1.2/lib/libaudit.c:272:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
audit-userspace-4.1.2/lib/libaudit.c:272:12: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:279:16: call_function: calling 'get_line' from 'load_libaudit_config'
audit-userspace-4.1.2/lib/libaudit.c:279:16: return_function: returning to 'load_libaudit_config' from 'get_line'
audit-userspace-4.1.2/lib/libaudit.c:279:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/lib/libaudit.c:283:22: branch_true: ...to here
audit-userspace-4.1.2/lib/libaudit.c:283:22: call_function: calling 'nv_split' from 'load_libaudit_config'
audit-userspace-4.1.2/lib/libaudit.c:283:22: return_function: returning to 'load_libaudit_config' from 'nv_split'
audit-userspace-4.1.2/lib/libaudit.c:288:33: throw: if 'audit_msg' throws an exception...
audit-userspace-4.1.2/lib/libaudit.c:288:33: danger: 'f' leaks here; was allocated at [(12)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/11)
#  286|   				break;
#  287|   			case 1: // not the right number of tokens.
#  288|-> 				audit_msg(LOG_ERR,
#  289|   				"Wrong number of arguments for line %d in %s",
#  290|   					lineno, path);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def199]
audit-userspace-4.1.2/lib/libaudit.c:293:33: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/lib/libaudit.c:218:12: enter_function: entry to 'load_libaudit_config'
audit-userspace-4.1.2/lib/libaudit.c:227:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:242:9: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:243:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:249:13: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:249:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:254:13: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:259:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:264:14: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:264:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:271:13: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:271:13: acquire_memory: allocated here
audit-userspace-4.1.2/lib/libaudit.c:272:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
audit-userspace-4.1.2/lib/libaudit.c:272:12: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:279:16: call_function: calling 'get_line' from 'load_libaudit_config'
audit-userspace-4.1.2/lib/libaudit.c:279:16: return_function: returning to 'load_libaudit_config' from 'get_line'
audit-userspace-4.1.2/lib/libaudit.c:279:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/lib/libaudit.c:283:22: branch_true: ...to here
audit-userspace-4.1.2/lib/libaudit.c:283:22: call_function: calling 'nv_split' from 'load_libaudit_config'
audit-userspace-4.1.2/lib/libaudit.c:283:22: return_function: returning to 'load_libaudit_config' from 'nv_split'
audit-userspace-4.1.2/lib/libaudit.c:293:33: throw: if 'audit_msg' throws an exception...
audit-userspace-4.1.2/lib/libaudit.c:293:33: danger: 'f' leaks here; was allocated at [(12)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/11)
#  291|   				break;
#  292|   			case 2: // no '=' sign
#  293|-> 				audit_msg(LOG_ERR,
#  294|   					"Missing equal sign for line %d in %s",
#  295|   					lineno, path);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def200]
audit-userspace-4.1.2/lib/libaudit.c:323:22: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/lib/libaudit.c:218:12: enter_function: entry to 'load_libaudit_config'
audit-userspace-4.1.2/lib/libaudit.c:227:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:242:9: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:243:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:249:13: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:249:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:254:13: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:259:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:264:14: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:264:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:271:13: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:271:13: acquire_memory: allocated here
audit-userspace-4.1.2/lib/libaudit.c:272:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
audit-userspace-4.1.2/lib/libaudit.c:272:12: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:279:16: call_function: calling 'get_line' from 'load_libaudit_config'
audit-userspace-4.1.2/lib/libaudit.c:279:16: return_function: returning to 'load_libaudit_config' from 'get_line'
audit-userspace-4.1.2/lib/libaudit.c:279:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/lib/libaudit.c:283:22: branch_true: ...to here
audit-userspace-4.1.2/lib/libaudit.c:283:22: call_function: calling 'nv_split' from 'load_libaudit_config'
audit-userspace-4.1.2/lib/libaudit.c:283:22: return_function: returning to 'load_libaudit_config' from 'nv_split'
audit-userspace-4.1.2/lib/libaudit.c:303:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:307:21: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:307:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:313:22: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:313:22: call_function: calling 'kw_lookup' from 'load_libaudit_config'
audit-userspace-4.1.2/lib/libaudit.c:313:22: return_function: returning to 'load_libaudit_config' from 'kw_lookup'
audit-userspace-4.1.2/lib/libaudit.c:314:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:323:22: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:323:22: throw: if the called function throws an exception...
audit-userspace-4.1.2/lib/libaudit.c:323:22: danger: 'f' leaks here; was allocated at [(12)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/11)
#  321|   
#  322|   		/* dispatch to keyword's local parser */
#  323|-> 		rc = kw->parser(nv.value, lineno);
#  324|   		if (rc != 0) {
#  325|   			fclose(f);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def201]
audit-userspace-4.1.2/lib/libaudit.c:914:14: warning[-Wanalyzer-malloc-leak]: leak of 'cmd'
audit-userspace-4.1.2/lib/libaudit.c:902:18: acquire_memory: allocated here
audit-userspace-4.1.2/lib/libaudit.c:904:12: branch_false: following 'false' branch (when 'cmd' is non-NULL)...
audit-userspace-4.1.2/lib/libaudit.c:909:9: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:914:14: throw: if 'audit_send' throws an exception...
audit-userspace-4.1.2/lib/libaudit.c:914:14: danger: 'cmd' leaks here; was allocated at [(1)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/0)
#  912|   	memcpy(&cmd->buf[len1], subtree, len2);
#  913|   
#  914|-> 	rc = audit_send(fd, AUDIT_MAKE_EQUIV, cmd, sizeof(*cmd) + len1 + len2);
#  915|   	if (rc < 0)
#  916|   		audit_msg(audit_priority(errno),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def202]
audit-userspace-4.1.2/lib/libaudit.c:916:17: warning[-Wanalyzer-malloc-leak]: leak of 'cmd'
audit-userspace-4.1.2/lib/libaudit.c:902:18: acquire_memory: allocated here
audit-userspace-4.1.2/lib/libaudit.c:904:12: branch_false: following 'false' branch (when 'cmd' is non-NULL)...
audit-userspace-4.1.2/lib/libaudit.c:909:9: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:915:12: branch_true: following 'true' branch...
audit-userspace-4.1.2/lib/libaudit.c:916:17: branch_true: ...to here
audit-userspace-4.1.2/lib/libaudit.c:916:17: throw: if 'audit_msg' throws an exception...
audit-userspace-4.1.2/lib/libaudit.c:916:17: danger: 'cmd' leaks here; was allocated at [(1)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/0)
#  914|   	rc = audit_send(fd, AUDIT_MAKE_EQUIV, cmd, sizeof(*cmd) + len1 + len2);
#  915|   	if (rc < 0)
#  916|-> 		audit_msg(audit_priority(errno),
#  917|   			"Error sending make_equivalent command (%s)",
#  918|   			strerror(-rc));

Error: GCC_ANALYZER_WARNING (CWE-775): [#def203]
audit-userspace-4.1.2/lib/libaudit.c:941:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open("/proc/self/loginuid", 655360)'
audit-userspace-4.1.2/lib/libaudit.c:935:14: acquire_resource: opened here
audit-userspace-4.1.2/lib/libaudit.c:936:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:936:12: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:941:9: danger: 'open("/proc/self/loginuid", 655360)' leaks here; was opened at [(1)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/0)
#  939|   		len = read(in, buf, sizeof(buf));
#  940|   	} while (len < 0 && errno == EINTR);
#  941|-> 	close(in);
#  942|   	if (len < 0 || (size_t)len >= sizeof(buf))
#  943|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def204]
audit-userspace-4.1.2/lib/libaudit.c:968:33: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open("/proc/self/loginuid", 655873)'
audit-userspace-4.1.2/lib/libaudit.c:963:13: acquire_resource: opened here
audit-userspace-4.1.2/lib/libaudit.c:964:12: branch_true: following 'true' branch...
audit-userspace-4.1.2/lib/libaudit.c:964:12: branch_true: ...to here
audit-userspace-4.1.2/lib/libaudit.c:967:24: branch_true: following 'true' branch (when 'count > 0')...
audit-userspace-4.1.2/lib/libaudit.c:968:33: branch_true: ...to here
audit-userspace-4.1.2/lib/libaudit.c:968:33: throw: if 'write' throws an exception...
audit-userspace-4.1.2/lib/libaudit.c:968:33: danger: 'open("/proc/self/loginuid", 655873)' leaks here; was opened at [(1)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/0)
#  966|   
#  967|   		while (count > 0) {
#  968|-> 			block = write(o, &loginuid[offset], (unsigned)count);
#  969|   
#  970|   			if (block < 0) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def205]
audit-userspace-4.1.2/lib/libaudit.c:980:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open("/proc/self/loginuid", 655873)'
audit-userspace-4.1.2/lib/libaudit.c:963:13: acquire_resource: opened here
audit-userspace-4.1.2/lib/libaudit.c:964:12: branch_true: following 'true' branch...
audit-userspace-4.1.2/lib/libaudit.c:964:12: branch_true: ...to here
audit-userspace-4.1.2/lib/libaudit.c:980:17: danger: 'open("/proc/self/loginuid", 655873)' leaks here; was opened at [(1)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/0)
#  978|   			count -= block;
#  979|   		}
#  980|-> 		close(o);
#  981|   	} else {
#  982|   		audit_msg(LOG_ERR, "Error opening /proc/self/loginuid");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def206]
audit-userspace-4.1.2/lib/libaudit.c:1006:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open("/proc/self/sessionid", 655360)'
audit-userspace-4.1.2/lib/libaudit.c:1000:14: acquire_resource: opened here
audit-userspace-4.1.2/lib/libaudit.c:1001:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:1001:12: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:1006:9: danger: 'open("/proc/self/sessionid", 655360)' leaks here; was opened at [(1)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/0)
# 1004|   		len = read(in, buf, sizeof(buf));
# 1005|   	} while (len < 0 && errno == EINTR);
# 1006|-> 	close(in);
# 1007|   	if (len < 0 || (size_t)len >= sizeof(buf))
# 1008|   		return -2;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def207]
audit-userspace-4.1.2/lib/libaudit.c:1557:21: warning[-Wanalyzer-malloc-leak]: leak of 'syscalls_copy'
audit-userspace-4.1.2/lib/libaudit.c:1541:12: branch_false: following 'false' branch (when 'syscalls' is non-NULL)...
audit-userspace-4.1.2/lib/libaudit.c:1545:14: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:1549:31: acquire_memory: allocated here
audit-userspace-4.1.2/lib/libaudit.c:1550:12: branch_false: following 'false' branch (when 'syscalls_copy' is non-NULL)...
audit-userspace-4.1.2/lib/libaudit.c:1553:23: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:1556:16: branch_true: following 'true' branch (when 'token' is non-NULL)...
audit-userspace-4.1.2/lib/libaudit.c:1557:21: branch_true: ...to here
audit-userspace-4.1.2/lib/libaudit.c:1557:21: throw: if 'audit_name_to_syscall' throws an exception...
audit-userspace-4.1.2/lib/libaudit.c:1557:21: danger: 'syscalls_copy' leaks here; was allocated at [(3)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/2)
# 1555|   
# 1556|   	while (token != NULL) {
# 1557|-> 		if (audit_name_to_syscall(token, machine) != -1) {
# 1558|   			if (!first)
# 1559|   				*ptr++ = ',';

Error: GCC_ANALYZER_WARNING (CWE-401): [#def208]
audit-userspace-4.1.2/lib/libaudit.c:2067:14: warning[-Wanalyzer-malloc-leak]: leak of 'buf'
audit-userspace-4.1.2/lib/libaudit.c:2062:15: acquire_memory: allocated here
audit-userspace-4.1.2/lib/libaudit.c:2063:12: branch_false: following 'false' branch (when 'buf' is non-NULL)...
audit-userspace-4.1.2/lib/libaudit.c:2066:9: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:2067:14: throw: if 'getpwnam_r' throws an exception...
audit-userspace-4.1.2/lib/libaudit.c:2067:14: danger: 'buf' leaks here; was allocated at [(1)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/0)
# 2065|   
# 2066|   	errno = 0;
# 2067|-> 	rc = getpwnam_r(name, &pwd, buf, bufsize, &result);
# 2068|   	if (rc == ERANGE) {
# 2069|   		free(buf);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def209]
audit-userspace-4.1.2/lib/libaudit.c:2112:14: warning[-Wanalyzer-malloc-leak]: leak of 'buf'
audit-userspace-4.1.2/lib/libaudit.c:2107:15: acquire_memory: allocated here
audit-userspace-4.1.2/lib/libaudit.c:2108:12: branch_false: following 'false' branch (when 'buf' is non-NULL)...
audit-userspace-4.1.2/lib/libaudit.c:2111:9: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:2112:14: throw: if 'getgrnam_r' throws an exception...
audit-userspace-4.1.2/lib/libaudit.c:2112:14: danger: 'buf' leaks here; was allocated at [(1)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/0)
# 2110|   
# 2111|   	errno = 0;
# 2112|-> 	rc = getgrnam_r(name, &gr, buf, bufsize, &result);
# 2113|   	if (rc == ERANGE) {
# 2114|   		free(buf);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def210]
audit-userspace-4.1.2/src/auditctl.c:100:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fields’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1623:26: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1640:21: call_function: calling ‘reset_vars’ from ‘fileopt’
#   98|   	multiple = 0;
#   99|   
#  100|-> 	audit_rule_free_data(rule_new);
#  101|   	rule_new = audit_rule_create_data();
#  102|   	if (fd < 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def211]
audit-userspace-4.1.2/src/auditctl.c:100:9: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1591:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1640:21: call_function: calling ‘reset_vars’ from ‘fileopt’
#   98|   	multiple = 0;
#   99|   
#  100|-> 	audit_rule_free_data(rule_new);
#  101|   	rule_new = audit_rule_create_data();
#  102|   	if (fd < 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def212]
audit-userspace-4.1.2/src/auditctl.c:101:20: warning[-Wanalyzer-malloc-leak]: leak of ‘fields’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1623:26: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1640:21: call_function: calling ‘reset_vars’ from ‘fileopt’
#   99|   
#  100|   	audit_rule_free_data(rule_new);
#  101|-> 	rule_new = audit_rule_create_data();
#  102|   	if (fd < 0) {
#  103|   		if ((fd = audit_open()) < 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def213]
audit-userspace-4.1.2/src/auditctl.c:101:20: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1591:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1640:21: call_function: calling ‘reset_vars’ from ‘fileopt’
#   99|   
#  100|   	audit_rule_free_data(rule_new);
#  101|-> 	rule_new = audit_rule_create_data();
#  102|   	if (fd < 0) {
#  103|   		if ((fd = audit_open()) < 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def214]
audit-userspace-4.1.2/src/auditctl.c:103:27: warning[-Wanalyzer-malloc-leak]: leak of ‘fields’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1623:26: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1640:21: call_function: calling ‘reset_vars’ from ‘fileopt’
#  101|   	rule_new = audit_rule_create_data();
#  102|   	if (fd < 0) {
#  103|-> 		if ((fd = audit_open()) < 0) {
#  104|   			audit_msg(LOG_ERR, "Cannot open netlink audit socket");
#  105|   			return 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def215]
audit-userspace-4.1.2/src/auditctl.c:103:27: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1591:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1640:21: call_function: calling ‘reset_vars’ from ‘fileopt’
#  101|   	rule_new = audit_rule_create_data();
#  102|   	if (fd < 0) {
#  103|-> 		if ((fd = audit_open()) < 0) {
#  104|   			audit_msg(LOG_ERR, "Cannot open netlink audit socket");
#  105|   			return 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def216]
audit-userspace-4.1.2/src/auditctl.c:104:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fields’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1623:26: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1640:21: call_function: calling ‘reset_vars’ from ‘fileopt’
#  102|   	if (fd < 0) {
#  103|   		if ((fd = audit_open()) < 0) {
#  104|-> 			audit_msg(LOG_ERR, "Cannot open netlink audit socket");
#  105|   			return 1;
#  106|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def217]
audit-userspace-4.1.2/src/auditctl.c:104:25: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1591:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1640:21: call_function: calling ‘reset_vars’ from ‘fileopt’
#  102|   	if (fd < 0) {
#  103|   		if ((fd = audit_open()) < 0) {
#  104|-> 			audit_msg(LOG_ERR, "Cannot open netlink audit socket");
#  105|   			return 1;
#  106|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def218]
audit-userspace-4.1.2/src/auditctl.c:1356:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fields’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1623:26: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1640:21: call_function: calling ‘reset_vars’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1640:21: return_function: returning to ‘fileopt’ from ‘reset_vars’
audit-userspace-4.1.2/src/auditctl.c:1640:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1645:22: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1645:22: call_function: calling ‘setopt’ from ‘fileopt’
# 1354|   		bad_opt = " ";
# 1355|   	if (args->lineno)
# 1356|-> 		audit_msg(LOG_ERR,
# 1357|   			"Option %s on line %d is invalid", bad_opt, args->lineno);
# 1358|   	else

Error: GCC_ANALYZER_WARNING (CWE-401): [#def219]
audit-userspace-4.1.2/src/auditctl.c:1356:17: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1591:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1640:21: call_function: calling ‘reset_vars’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1640:21: return_function: returning to ‘fileopt’ from ‘reset_vars’
audit-userspace-4.1.2/src/auditctl.c:1640:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1645:22: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1645:22: call_function: calling ‘setopt’ from ‘fileopt’
# 1354|   		bad_opt = " ";
# 1355|   	if (args->lineno)
# 1356|-> 		audit_msg(LOG_ERR,
# 1357|   			"Option %s on line %d is invalid", bad_opt, args->lineno);
# 1358|   	else

Error: GCC_ANALYZER_WARNING (CWE-401): [#def220]
audit-userspace-4.1.2/src/auditctl.c:1407:32: warning[-Wanalyzer-malloc-leak]: leak of ‘fields’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1623:26: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1640:21: call_function: calling ‘reset_vars’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1640:21: return_function: returning to ‘fileopt’ from ‘reset_vars’
audit-userspace-4.1.2/src/auditctl.c:1640:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1645:22: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1645:22: call_function: calling ‘setopt’ from ‘fileopt’
# 1405|   	for (size_t i = 0; i < NUM_HANDLERS; i++) {
# 1406|   		if (opt_handlers[i].option == option) {
# 1407|-> 			return opt_handlers[i].handler(args);
# 1408|   		}
# 1409|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def221]
audit-userspace-4.1.2/src/auditctl.c:1407:32: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1591:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1640:21: call_function: calling ‘reset_vars’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1640:21: return_function: returning to ‘fileopt’ from ‘reset_vars’
audit-userspace-4.1.2/src/auditctl.c:1640:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1645:22: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1645:22: call_function: calling ‘setopt’ from ‘fileopt’
# 1405|   	for (size_t i = 0; i < NUM_HANDLERS; i++) {
# 1406|   		if (opt_handlers[i].option == option) {
# 1407|-> 			return opt_handlers[i].handler(args);
# 1408|   		}
# 1409|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def222]
audit-userspace-4.1.2/src/auditctl.c:1443:17: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1591:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1640:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1645:22: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1645:22: call_function: calling ‘setopt’ from ‘fileopt’
# 1441|   		retval = OPT_ERROR_NO_REPLY;
# 1442|   	else if ((optind < count) && (retval != OPT_ERROR_NO_REPLY)) {
# 1443|-> 		audit_msg(LOG_ERR, "parameter passed without an option given");
# 1444|   		retval = OPT_ERROR_NO_REPLY;
# 1445|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def223]
audit-userspace-4.1.2/src/auditctl.c:1613:23: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1591:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1613:23: throw: if ‘audit_strsplit’ throws an exception...
audit-userspace-4.1.2/src/auditctl.c:1613:23: danger: ‘f’ leaks here; was allocated at [(8)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/7)
# 1611|   
# 1612|   		preprocess(buf);
# 1613|-> 		ptr = audit_strsplit(buf);
# 1614|   		if (ptr == NULL)
# 1615|   			break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def224]
audit-userspace-4.1.2/src/auditctl.c:1625:25: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1591:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_true: following ‘true’ branch (when ‘fields’ is NULL)...
audit-userspace-4.1.2/src/auditctl.c:1625:25: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1625:25: throw: if ‘audit_msg’ throws an exception...
audit-userspace-4.1.2/src/auditctl.c:1625:25: danger: ‘f’ leaks here; was allocated at [(8)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/7)
# 1623|   		fields = malloc(nf * sizeof(char *));
# 1624|   		if (fields == NULL) {
# 1625|-> 			audit_msg(LOG_ERR, "Out of memory. Check %s file, %d line", __FILE__, __LINE__);
# 1626|   			fclose(f);
# 1627|   			return 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def225]
audit-userspace-4.1.2/src/auditctl.c:1632:29: warning[-Wanalyzer-malloc-leak]: leak of ‘fields’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1623:26: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1632:29: throw: if ‘audit_strsplit’ throws an exception...
audit-userspace-4.1.2/src/auditctl.c:1632:29: danger: ‘fields’ leaks here; was allocated at [(22)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/21)
# 1630|   		fields[i++] = "auditctl";
# 1631|   		fields[i++] = ptr;
# 1632|-> 		while( (ptr=audit_strsplit(NULL)) && (i < nf-1)) {
# 1633|   		        postprocess(ptr);
# 1634|   			fields[i++] = ptr;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def226]
audit-userspace-4.1.2/src/auditctl.c:1632:29: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1591:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1632:29: throw: if ‘audit_strsplit’ throws an exception...
audit-userspace-4.1.2/src/auditctl.c:1632:29: danger: ‘f’ leaks here; was allocated at [(8)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/7)
# 1630|   		fields[i++] = "auditctl";
# 1631|   		fields[i++] = ptr;
# 1632|-> 		while( (ptr=audit_strsplit(NULL)) && (i < nf-1)) {
# 1633|   		        postprocess(ptr);
# 1634|   			fields[i++] = ptr;

Error: GCC_ANALYZER_WARNING (CWE-688): [#def227]
audit-userspace-4.1.2/src/auditd-config.c:369:14: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘config_file’ where non-null expected
audit-userspace-4.1.2/src/auditd-config.c:362:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-config.c:363:31: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-config.c:363:31: acquire_memory: this call could return NULL
audit-userspace-4.1.2/src/auditd-config.c:369:14: danger: argument 1 (‘config_file’) from [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2) could be NULL where non-null expected
#  367|   	if (allow_links == 0)
#  368|   		mode |= O_NOFOLLOW;
#  369|-> 	rc = open(config_file, mode);
#  370|   	if (rc < 0) {
#  371|   		if (errno != ENOENT) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def228]
audit-userspace-4.1.2/src/auditd-config.c:385:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(config_file,  mode)’
audit-userspace-4.1.2/src/auditd-config.c:362:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:367:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:369:14: acquire_resource: opened here
audit-userspace-4.1.2/src/auditd-config.c:370:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:385:9: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:385:9: throw: if ‘audit_msg’ throws an exception...
audit-userspace-4.1.2/src/auditd-config.c:385:9: danger: ‘open(config_file,  mode)’ leaks here; was opened at [(3)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/2)
#  383|   	 * not symlink.
#  384|   	 */
#  385|-> 	audit_msg(LOG_DEBUG, "Config file %s opened for parsing", 
#  386|   			config_file);
#  387|   	if (fstat(fd, &st) < 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def229]
audit-userspace-4.1.2/src/auditd-config.c:430:33: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditd-config.c:353:5: enter_function: entry to ‘load_config’
audit-userspace-4.1.2/src/auditd-config.c:370:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:385:9: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:387:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:393:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:393:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:399:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:399:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:405:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:405:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:413:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:413:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd-config.c:414:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/src/auditd-config.c:414:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:421:16: call_function: calling ‘get_line’ from ‘load_config’
audit-userspace-4.1.2/src/auditd-config.c:421:16: return_function: returning to ‘load_config’ from ‘get_line’
audit-userspace-4.1.2/src/auditd-config.c:421:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-config.c:425:22: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-config.c:425:22: call_function: calling ‘nv_split’ from ‘load_config’
audit-userspace-4.1.2/src/auditd-config.c:425:22: return_function: returning to ‘load_config’ from ‘nv_split’
audit-userspace-4.1.2/src/auditd-config.c:430:33: throw: if ‘audit_msg’ throws an exception...
audit-userspace-4.1.2/src/auditd-config.c:430:33: danger: ‘f’ leaks here; was allocated at [(12)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/11)
#  428|   				break;
#  429|   			case 1: // not the right number of tokens.
#  430|-> 				audit_msg(LOG_ERR, 
#  431|   				"Wrong number of arguments for line %d in %s", 
#  432|   					lineno, config_file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def230]
audit-userspace-4.1.2/src/auditd-config.c:435:33: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditd-config.c:353:5: enter_function: entry to ‘load_config’
audit-userspace-4.1.2/src/auditd-config.c:370:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:385:9: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:387:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:393:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:393:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:399:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:399:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:405:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:405:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:413:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:413:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd-config.c:414:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/src/auditd-config.c:414:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:421:16: call_function: calling ‘get_line’ from ‘load_config’
audit-userspace-4.1.2/src/auditd-config.c:421:16: return_function: returning to ‘load_config’ from ‘get_line’
audit-userspace-4.1.2/src/auditd-config.c:421:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-config.c:425:22: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-config.c:425:22: call_function: calling ‘nv_split’ from ‘load_config’
audit-userspace-4.1.2/src/auditd-config.c:425:22: return_function: returning to ‘load_config’ from ‘nv_split’
audit-userspace-4.1.2/src/auditd-config.c:435:33: throw: if ‘audit_msg’ throws an exception...
audit-userspace-4.1.2/src/auditd-config.c:435:33: danger: ‘f’ leaks here; was allocated at [(12)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/11)
#  433|   				break;
#  434|   			case 2: // no '=' sign
#  435|-> 				audit_msg(LOG_ERR, 
#  436|   					"Missing equal sign for line %d in %s", 
#  437|   					lineno, config_file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def231]
audit-userspace-4.1.2/src/auditd-config.c:512:33: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditd-config.c:353:5: enter_function: entry to ‘load_config’
audit-userspace-4.1.2/src/auditd-config.c:370:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:385:9: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:387:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:393:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:393:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:399:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:399:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:405:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:405:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:413:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:413:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd-config.c:414:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/src/auditd-config.c:414:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:421:16: call_function: calling ‘get_line’ from ‘load_config’
#  510|   			// Only output 1 warning
#  511|   			if (!too_long)
#  512|-> 				audit_msg(LOG_ERR,
#  513|   					"Skipping line %d in %s: too long",
#  514|   					*lineno, file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def232]
audit-userspace-4.1.2/src/auditd-config.c:530:15: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditd-config.c:353:5: enter_function: entry to ‘load_config’
audit-userspace-4.1.2/src/auditd-config.c:370:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:385:9: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:387:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:393:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:393:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:399:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:399:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:405:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:405:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:413:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:413:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd-config.c:414:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/src/auditd-config.c:414:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:421:16: call_function: calling ‘get_line’ from ‘load_config’
audit-userspace-4.1.2/src/auditd-config.c:421:16: return_function: returning to ‘load_config’ from ‘get_line’
audit-userspace-4.1.2/src/auditd-config.c:421:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-config.c:425:22: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-config.c:425:22: call_function: calling ‘nv_split’ from ‘load_config’
#  528|   	nv->value = NULL;
#  529|   	nv->option = NULL;
#  530|-> 	ptr = audit_strsplit(buf);
#  531|   	if (ptr == NULL)
#  532|   		return 0; /* If there's nothing, go to next line */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def233]
audit-userspace-4.1.2/src/auditd-config.c:538:15: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditd-config.c:353:5: enter_function: entry to ‘load_config’
audit-userspace-4.1.2/src/auditd-config.c:370:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:385:9: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:387:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:393:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:393:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:399:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:399:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:405:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:405:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:413:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:413:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd-config.c:414:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/src/auditd-config.c:414:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:421:16: call_function: calling ‘get_line’ from ‘load_config’
audit-userspace-4.1.2/src/auditd-config.c:421:16: return_function: returning to ‘load_config’ from ‘get_line’
audit-userspace-4.1.2/src/auditd-config.c:421:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-config.c:425:22: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-config.c:425:22: call_function: calling ‘nv_split’ from ‘load_config’
#  536|   
#  537|   	/* Check for a '=' */
#  538|-> 	ptr = audit_strsplit(NULL);
#  539|   	if (ptr == NULL)
#  540|   		return 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def234]
audit-userspace-4.1.2/src/auditd-config.c:545:15: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditd-config.c:353:5: enter_function: entry to ‘load_config’
audit-userspace-4.1.2/src/auditd-config.c:370:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:385:9: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:387:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:393:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:393:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:399:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:399:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:405:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:405:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:413:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:413:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd-config.c:414:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/src/auditd-config.c:414:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:421:16: call_function: calling ‘get_line’ from ‘load_config’
audit-userspace-4.1.2/src/auditd-config.c:421:16: return_function: returning to ‘load_config’ from ‘get_line’
audit-userspace-4.1.2/src/auditd-config.c:421:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-config.c:425:22: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-config.c:425:22: call_function: calling ‘nv_split’ from ‘load_config’
#  543|   
#  544|   	/* get the value */
#  545|-> 	ptr = audit_strsplit(NULL);
#  546|   	if (ptr == NULL)
#  547|   		return 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def235]
audit-userspace-4.1.2/src/auditd-config.c:551:15: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditd-config.c:353:5: enter_function: entry to ‘load_config’
audit-userspace-4.1.2/src/auditd-config.c:370:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:385:9: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:387:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:393:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:393:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:399:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:399:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:405:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:405:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:413:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:413:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd-config.c:414:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/src/auditd-config.c:414:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:421:16: call_function: calling ‘get_line’ from ‘load_config’
audit-userspace-4.1.2/src/auditd-config.c:421:16: return_function: returning to ‘load_config’ from ‘get_line’
audit-userspace-4.1.2/src/auditd-config.c:421:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-config.c:425:22: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-config.c:425:22: call_function: calling ‘nv_split’ from ‘load_config’
#  549|   
#  550|   	/* See if there's an option */
#  551|-> 	ptr = audit_strsplit(NULL);
#  552|   	if (ptr) {
#  553|   		nv->option = ptr;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def236]
audit-userspace-4.1.2/src/auditd-config.c:556:23: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditd-config.c:353:5: enter_function: entry to ‘load_config’
audit-userspace-4.1.2/src/auditd-config.c:370:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:385:9: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:387:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:393:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:393:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:399:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:399:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:405:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:405:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:413:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:413:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd-config.c:414:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
audit-userspace-4.1.2/src/auditd-config.c:414:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:421:16: call_function: calling ‘get_line’ from ‘load_config’
audit-userspace-4.1.2/src/auditd-config.c:421:16: return_function: returning to ‘load_config’ from ‘get_line’
audit-userspace-4.1.2/src/auditd-config.c:421:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-config.c:425:22: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-config.c:425:22: call_function: calling ‘nv_split’ from ‘load_config’
#  554|   
#  555|   		/* Make sure there's nothing else */
#  556|-> 		ptr = audit_strsplit(NULL);
#  557|   		if (ptr)
#  558|   			return 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def237]
audit-userspace-4.1.2/src/auditd-config.c:643:9: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(dir)’
audit-userspace-4.1.2/src/auditd-config.c:624:12: branch_true: following ‘true’ branch (when ‘tdir’ is non-NULL)...
audit-userspace-4.1.2/src/auditd-config.c:625:23: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-config.c:626:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:635:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd-config.c:636:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:642:9: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:643:9: danger: ‘opendir(dir)’ leaks here; was allocated at [(5)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/4)
#  641|   	}
#  642|   	free((void *)tdir);
#  643|-> 	closedir(d);
#  644|   
#  645|   	/* if the file exists, see that its regular, owned by root, 

Error: GCC_ANALYZER_WARNING (CWE-401): [#def238]
audit-userspace-4.1.2/src/auditd-config.c:1080:17: warning[-Wanalyzer-malloc-leak]: leak of ‘tmail’
audit-userspace-4.1.2/src/auditd-config.c:1134:12: enter_function: entry to ‘action_mail_acct_parser’
audit-userspace-4.1.2/src/auditd-config.c:1141:17: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd-config.c:1142:12: branch_false: following ‘false’ branch (when ‘tmail’ is non-NULL)...
audit-userspace-4.1.2/src/auditd-config.c:1145:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:1145:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-config.c:1145:37: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-config.c:1145:37: call_function: calling ‘validate_email’ from ‘action_mail_acct_parser’
# 1078|   	len = strlen(acct);
# 1079|   	if (len < 2) {
# 1080|-> 		audit_msg(LOG_ERR,
# 1081|   		    "email: %s is too short, expecting at least 2 characters",
# 1082|   			 acct);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def239]
audit-userspace-4.1.2/src/auditd-config.c:1091:25: warning[-Wanalyzer-malloc-leak]: leak of ‘tmail’
audit-userspace-4.1.2/src/auditd-config.c:1134:12: enter_function: entry to ‘action_mail_acct_parser’
audit-userspace-4.1.2/src/auditd-config.c:1141:17: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd-config.c:1142:12: branch_false: following ‘false’ branch (when ‘tmail’ is non-NULL)...
audit-userspace-4.1.2/src/auditd-config.c:1145:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:1145:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-config.c:1145:37: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-config.c:1145:37: call_function: calling ‘validate_email’ from ‘action_mail_acct_parser’
# 1089|   				(acct[i]=='.') || (acct[i]=='-') ||
# 1090|   				(acct[i] == '_') || (acct[i] == '+')) ) {
# 1091|-> 			audit_msg(LOG_ERR, "email: %s has illegal character",
# 1092|   				acct);
# 1093|   			return 2;

Error: COMPILER_WARNING (CWE-704): [#def240]
audit-userspace-4.1.2/src/auditd-config.c: scope_hint: In function ‘validate_email’
audit-userspace-4.1.2/src/auditd-config.c:1097:19: warning[-Wdiscarded-qualifiers]: assignment discards ‘const’ qualifier from pointer target type
# 1097 |         if ((ptr1 = strchr(acct, '@'))) {
#      |                   ^
# 1095|   	}
# 1096|   
# 1097|-> 	if ((ptr1 = strchr(acct, '@'))) {
# 1098|   		char *ptr2;
# 1099|   		int rc2;

Error: COMPILER_WARNING (CWE-704): [#def241]
audit-userspace-4.1.2/src/auditd-config.c:1097:19: warning[-Wdiscarded-qualifiers]: assignment discards ‘const’ qualifier from pointer target type
# 1095|   	}
# 1096|   
# 1097|-> 	if ((ptr1 = strchr(acct, '@'))) {
# 1098|   		char *ptr2;
# 1099|   		int rc2;

Error: COMPILER_WARNING (CWE-704): [#def242]
audit-userspace-4.1.2/src/auditd-config.c:1103:22: warning[-Wdiscarded-qualifiers]: assignment discards ‘const’ qualifier from pointer target type
# 1103 |                 ptr2 = strrchr(acct, '.');        // get last dot - sb after @
#      |                      ^
# 1101|   		struct addrinfo hints;
# 1102|   
# 1103|-> 		ptr2 = strrchr(acct, '.');        // get last dot - sb after @
# 1104|   		if ((ptr2 == NULL) || (ptr1 > ptr2)) {
# 1105|   			audit_msg(LOG_ERR, "email: %s should have . after @",

Error: COMPILER_WARNING (CWE-704): [#def243]
audit-userspace-4.1.2/src/auditd-config.c:1103:22: warning[-Wdiscarded-qualifiers]: assignment discards ‘const’ qualifier from pointer target type
# 1101|   		struct addrinfo hints;
# 1102|   
# 1103|-> 		ptr2 = strrchr(acct, '.');        // get last dot - sb after @
# 1104|   		if ((ptr2 == NULL) || (ptr1 > ptr2)) {
# 1105|   			audit_msg(LOG_ERR, "email: %s should have . after @",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def244]
audit-userspace-4.1.2/src/auditd-config.c:1105:25: warning[-Wanalyzer-malloc-leak]: leak of ‘tmail’
audit-userspace-4.1.2/src/auditd-config.c:1134:12: enter_function: entry to ‘action_mail_acct_parser’
audit-userspace-4.1.2/src/auditd-config.c:1141:17: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd-config.c:1142:12: branch_false: following ‘false’ branch (when ‘tmail’ is non-NULL)...
audit-userspace-4.1.2/src/auditd-config.c:1145:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:1145:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-config.c:1145:37: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-config.c:1145:37: call_function: calling ‘validate_email’ from ‘action_mail_acct_parser’
# 1103|   		ptr2 = strrchr(acct, '.');        // get last dot - sb after @
# 1104|   		if ((ptr2 == NULL) || (ptr1 > ptr2)) {
# 1105|-> 			audit_msg(LOG_ERR, "email: %s should have . after @",
# 1106|   				acct);
# 1107|   			return 2;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def245]
audit-userspace-4.1.2/src/auditd-config.c:1115:23: warning[-Wanalyzer-malloc-leak]: leak of ‘tmail’
audit-userspace-4.1.2/src/auditd-config.c:1134:12: enter_function: entry to ‘action_mail_acct_parser’
audit-userspace-4.1.2/src/auditd-config.c:1141:17: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd-config.c:1142:12: branch_false: following ‘false’ branch (when ‘tmail’ is non-NULL)...
audit-userspace-4.1.2/src/auditd-config.c:1145:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:1145:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-config.c:1145:37: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-config.c:1145:37: call_function: calling ‘validate_email’ from ‘action_mail_acct_parser’
# 1113|   
# 1114|   		h_errno = 0;
# 1115|-> 		rc2 = getaddrinfo(ptr1+1, NULL, &hints, &ai);
# 1116|   		if (rc2 != 0) {
# 1117|   			if ((h_errno == HOST_NOT_FOUND) ||

Error: GCC_ANALYZER_WARNING (CWE-401): [#def246]
audit-userspace-4.1.2/src/auditd-dispatch.c:98:16: warning[-Wanalyzer-malloc-leak]: leak of ‘e’
audit-userspace-4.1.2/src/auditd-dispatch.c:75:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-dispatch.c:79:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-dispatch.c:79:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd-dispatch.c:80:12: branch_false: following ‘false’ branch (when ‘e’ is non-NULL)...
audit-userspace-4.1.2/src/auditd-dispatch.c:83:9: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-dispatch.c:88:12: branch_true: following ‘true’ branch (when ‘protocol_ver == 0’)...
audit-userspace-4.1.2/src/auditd-dispatch.c:89:31: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-dispatch.c:98:16: throw: if ‘libdisp_enqueue’ throws an exception...
audit-userspace-4.1.2/src/auditd-dispatch.c:98:16: danger: ‘e’ leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   96|   		return 0;
#   97|   	}
#   98|-> 	return libdisp_enqueue(e);
#   99|   }
#  100|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def247]
audit-userspace-4.1.2/src/auditd-event.c:1246:17: warning[-Wanalyzer-malloc-leak]: leak of ‘oldname’
audit-userspace-4.1.2/src/auditd-event.c:833:13: enter_function: entry to ‘check_space_left’
audit-userspace-4.1.2/src/auditd-event.c:842:12: branch_true: following ‘true’ branch (when ‘rc == 0’)...
audit-userspace-4.1.2/src/auditd-event.c:843:21: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-event.c:843:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-event.c:845:25: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-event.c:846:25: call_function: calling ‘do_disk_full_action’ from ‘check_space_left’
# 1244|   	newname = (char *)malloc(len);
# 1245|   	if (newname == NULL) { /* Not fatal - just messy */
# 1246|-> 		audit_msg(LOG_ERR, "No memory rotating logs");
# 1247|   		free(oldname);
# 1248|   		logging_suspended = 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def248]
audit-userspace-4.1.2/src/auditd-event.c:1288:17: warning[-Wanalyzer-malloc-leak]: leak of ‘oldname’
audit-userspace-4.1.2/src/auditd-event.c:833:13: enter_function: entry to ‘check_space_left’
audit-userspace-4.1.2/src/auditd-event.c:842:12: branch_true: following ‘true’ branch (when ‘rc == 0’)...
audit-userspace-4.1.2/src/auditd-event.c:843:21: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-event.c:843:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-event.c:845:25: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-event.c:846:25: call_function: calling ‘do_disk_full_action’ from ‘check_space_left’
# 1286|   		// Likely errors: ENOSPC, ENOMEM, EBUSY
# 1287|   		int saved_errno = errno;
# 1288|-> 		audit_msg(LOG_ERR, "Error rotating logs from %s to %s (%s)",
# 1289|   			config->log_file, newname, strerror(errno));
# 1290|   		if (saved_errno == ENOSPC && fs_space_left == 1) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def249]
audit-userspace-4.1.2/src/auditd-listen.c:515:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘utok.value’
audit-userspace-4.1.2/src/auditd-listen.c:513:30: acquire_memory: this call could return NULL
audit-userspace-4.1.2/src/auditd-listen.c:515:17: danger: ‘malloc((long unsigned int)(mlen + 16) + 1)’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  513|   		utok.value = malloc(utok.length + 1);
#  514|   
#  515|-> 		memcpy(utok.value, header, AUDIT_RMW_HEADER_SIZE);
#  516|   		memcpy(utok.value+AUDIT_RMW_HEADER_SIZE, msg, mlen);
#  517|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def250]
audit-userspace-4.1.2/src/auditd-listen.c:522:32: warning[-Wanalyzer-malloc-leak]: leak of ‘utok.value’
audit-userspace-4.1.2/src/auditd-listen.c:513:30: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd-listen.c:522:32: throw: if ‘gss_wrap’ throws an exception...
audit-userspace-4.1.2/src/auditd-listen.c:522:32: danger: ‘utok.value’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  520|   		   the token.  */
#  521|   
#  522|-> 		major_status = gss_wrap(&minor_status,
#  523|   					 io->gss_context,
#  524|   					 1,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def251]
audit-userspace-4.1.2/src/auditd-reconfig.c:109:17: warning[-Wanalyzer-malloc-leak]: leak of ‘new_config.sender_ctx’
audit-userspace-4.1.2/src/auditd-reconfig.c:97:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-reconfig.c:99:41: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-reconfig.c:101:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-reconfig.c:105:49: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-reconfig.c:105:49: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd-reconfig.c:109:17: throw: if ‘reconfig_ready’ throws an exception...
audit-userspace-4.1.2/src/auditd-reconfig.c:109:17: danger: ‘new_config.sender_ctx’ leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  107|   		e->reply.conf = (struct daemon_conf *)e->reply.msg.data;
#  108|   		e->reply.type = AUDIT_DAEMON_RECONFIG;
#  109|-> 		reconfig_ready();
#  110|   	} else {
#  111|   		// need to send a failed event message

Error: GCC_ANALYZER_WARNING (CWE-775): [#def252]
audit-userspace-4.1.2/src/auditd-sendmail.c:87:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipe_fd[0]’
audit-userspace-4.1.2/src/auditd-sendmail.c:79:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:85:16: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:86:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:87:17: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:87:17: throw: if ‘close’ throws an exception...
audit-userspace-4.1.2/src/auditd-sendmail.c:87:17: danger: ‘pipe_fd[0]’ leaks here
#   85|   	*pid = fork();
#   86|   	if (*pid < 0) {
#   87|-> 		close(pipe_fd[0]);
#   88|   		close(pipe_fd[1]);
#   89|   		audit_msg(LOG_ALERT,

Error: GCC_ANALYZER_WARNING (CWE-775): [#def253]
audit-userspace-4.1.2/src/auditd-sendmail.c:87:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipe_fd[1]’
audit-userspace-4.1.2/src/auditd-sendmail.c:79:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:85:16: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:86:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:87:17: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:87:17: throw: if ‘close’ throws an exception...
audit-userspace-4.1.2/src/auditd-sendmail.c:87:17: danger: ‘pipe_fd[1]’ leaks here
#   85|   	*pid = fork();
#   86|   	if (*pid < 0) {
#   87|-> 		close(pipe_fd[0]);
#   88|   		close(pipe_fd[1]);
#   89|   		audit_msg(LOG_ALERT,

Error: GCC_ANALYZER_WARNING (CWE-775): [#def254]
audit-userspace-4.1.2/src/auditd-sendmail.c:88:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipe_fd[1]’
audit-userspace-4.1.2/src/auditd-sendmail.c:79:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:85:16: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:86:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:87:17: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:88:17: throw: if ‘close’ throws an exception...
audit-userspace-4.1.2/src/auditd-sendmail.c:88:17: danger: ‘pipe_fd[1]’ leaks here
#   86|   	if (*pid < 0) {
#   87|   		close(pipe_fd[0]);
#   88|-> 		close(pipe_fd[1]);
#   89|   		audit_msg(LOG_ALERT,
#   90|   		    "Audit daemon failed to fork while sending email alert");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def255]
audit-userspace-4.1.2/src/auditd-sendmail.c:94:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipe_fd[0]’
audit-userspace-4.1.2/src/auditd-sendmail.c:79:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:85:16: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:86:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:93:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:93:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:94:17: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:94:17: throw: if ‘close’ throws an exception...
audit-userspace-4.1.2/src/auditd-sendmail.c:94:17: danger: ‘pipe_fd[0]’ leaks here
#   92|   	}
#   93|   	if (*pid) {       /* Parent */
#   94|-> 		close(pipe_fd[0]);	// adjust pipe
#   95|   		return pipe_fd[1];
#   96|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def256]
audit-userspace-4.1.2/src/auditd-sendmail.c:94:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipe_fd[1]’
audit-userspace-4.1.2/src/auditd-sendmail.c:79:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:85:16: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:86:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:93:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:93:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:94:17: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:94:17: throw: if ‘close’ throws an exception...
audit-userspace-4.1.2/src/auditd-sendmail.c:94:17: danger: ‘pipe_fd[1]’ leaks here
#   92|   	}
#   93|   	if (*pid) {       /* Parent */
#   94|-> 		close(pipe_fd[0]);	// adjust pipe
#   95|   		return pipe_fd[1];
#   96|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def257]
audit-userspace-4.1.2/src/auditd-sendmail.c:101:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipe_fd[0]’
audit-userspace-4.1.2/src/auditd-sendmail.c:79:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:85:16: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:86:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:93:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:93:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:98:9: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:101:9: throw: if ‘close’ throws an exception...
audit-userspace-4.1.2/src/auditd-sendmail.c:101:9: danger: ‘pipe_fd[0]’ leaks here
#   99|   	sigprocmask (SIG_UNBLOCK, &sa.sa_mask, 0);
#  100|   
#  101|-> 	close(pipe_fd[1]);	// adjust pipe
#  102|   	dup2(pipe_fd[0], 0);
#  103|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def258]
audit-userspace-4.1.2/src/auditd-sendmail.c:101:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipe_fd[1]’
audit-userspace-4.1.2/src/auditd-sendmail.c:79:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:85:16: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:86:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:93:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:93:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:98:9: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:101:9: throw: if ‘close’ throws an exception...
audit-userspace-4.1.2/src/auditd-sendmail.c:101:9: danger: ‘pipe_fd[1]’ leaks here
#   99|   	sigprocmask (SIG_UNBLOCK, &sa.sa_mask, 0);
#  100|   
#  101|-> 	close(pipe_fd[1]);	// adjust pipe
#  102|   	dup2(pipe_fd[0], 0);
#  103|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def259]
audit-userspace-4.1.2/src/auditd-sendmail.c:113:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipe_fd[0]’
audit-userspace-4.1.2/src/auditd-sendmail.c:79:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:85:16: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:86:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:93:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:93:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:98:9: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:113:9: throw: if ‘audit_msg’ throws an exception...
audit-userspace-4.1.2/src/auditd-sendmail.c:113:9: danger: ‘pipe_fd[0]’ leaks here
#  111|   	argv[3] = NULL;
#  112|   	execve(email_command, argv, NULL);
#  113|-> 	audit_msg(LOG_ALERT, "Audit daemon failed to exec %s", email_command);
#  114|   	exit(1);
#  115|   }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def260]
audit-userspace-4.1.2/src/auditd.c:242:38: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(state_file, "w")’
audit-userspace-4.1.2/src/auditd.c:235:19: acquire_resource: opened here
audit-userspace-4.1.2/src/auditd.c:237:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd.c:240:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditd.c:241:12: branch_true: following ‘true’ branch (when ‘sr_fd > 0’)...
audit-userspace-4.1.2/src/auditd.c:242:38: branch_true: ...to here
audit-userspace-4.1.2/src/auditd.c:242:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd.c:245:38: branch_true: ...to here
audit-userspace-4.1.2/src/auditd.c:243:25: throw: if ‘audit_msg’ throws an exception...
audit-userspace-4.1.2/src/auditd.c:242:38: danger: ‘fopen(state_file, "w")’ leaks here; was opened at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  240|   	int sr_fd = fileno(f);
#  241|   	if (sr_fd > 0)
#  242|-> 		if (fchown(sr_fd, 0, config.log_group)) {
#  243|   			audit_msg(LOG_INFO,
#  244|   			    "fchown on state report failed (%s) continuing",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def261]
audit-userspace-4.1.2/src/auditd.c:242:38: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(state_file, "w")’
audit-userspace-4.1.2/src/auditd.c:235:19: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd.c:237:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd.c:240:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditd.c:241:12: branch_true: following ‘true’ branch (when ‘sr_fd > 0’)...
audit-userspace-4.1.2/src/auditd.c:242:38: branch_true: ...to here
audit-userspace-4.1.2/src/auditd.c:242:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd.c:245:38: branch_true: ...to here
audit-userspace-4.1.2/src/auditd.c:243:25: throw: if ‘audit_msg’ throws an exception...
audit-userspace-4.1.2/src/auditd.c:242:38: danger: ‘fopen(state_file, "w")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#  240|   	int sr_fd = fileno(f);
#  241|   	if (sr_fd > 0)
#  242|-> 		if (fchown(sr_fd, 0, config.log_group)) {
#  243|   			audit_msg(LOG_INFO,
#  244|   			    "fchown on state report failed (%s) continuing",

Error: GCC_ANALYZER_WARNING (CWE-775): [#def262]
audit-userspace-4.1.2/src/auditd.c:252:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(state_file, "w")’
audit-userspace-4.1.2/src/auditd.c:235:19: acquire_resource: opened here
audit-userspace-4.1.2/src/auditd.c:237:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd.c:240:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditd.c:252:9: throw: if ‘write_logging_state’ throws an exception...
audit-userspace-4.1.2/src/auditd.c:252:9: danger: ‘fopen(state_file, "w")’ leaks here; was opened at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
#  250|   	fprintf(f, "current time = %s\n", buf);
#  251|   	fprintf(f, "process priority = %d\n", getpriority(PRIO_PROCESS, 0));
#  252|-> 	write_logging_state(f);
#  253|   	libdisp_write_queue_state(f);
#  254|   #ifdef USE_LISTENER

Error: GCC_ANALYZER_WARNING (CWE-401): [#def263]
audit-userspace-4.1.2/src/auditd.c:252:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(state_file, "w")’
audit-userspace-4.1.2/src/auditd.c:235:19: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd.c:237:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd.c:240:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditd.c:252:9: throw: if ‘write_logging_state’ throws an exception...
audit-userspace-4.1.2/src/auditd.c:252:9: danger: ‘fopen(state_file, "w")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
#  250|   	fprintf(f, "current time = %s\n", buf);
#  251|   	fprintf(f, "process priority = %d\n", getpriority(PRIO_PROCESS, 0));
#  252|-> 	write_logging_state(f);
#  253|   	libdisp_write_queue_state(f);
#  254|   #ifdef USE_LISTENER

Error: COMPILER_WARNING (CWE-704): [#def264]
audit-userspace-4.1.2/src/auditd.c: scope_hint: In function ‘extract_type’
audit-userspace-4.1.2/src/auditd.c:288:21: warning[-Wdiscarded-qualifiers]: assignment discards ‘const’ qualifier from pointer target type
#  288 |                 ptr = strchr(str+1, ' ');
#      |                     ^
#  286|   	int type;
#  287|   	if (*str == 'n') {
#  288|-> 		ptr = strchr(str+1, ' ');
#  289|   		if (ptr == NULL)
#  290|   			return -1; // Malformed - bomb out

Error: COMPILER_WARNING (CWE-704): [#def265]
audit-userspace-4.1.2/src/auditd.c:288:21: warning[-Wdiscarded-qualifiers]: assignment discards ‘const’ qualifier from pointer target type
#  286|   	int type;
#  287|   	if (*str == 'n') {
#  288|-> 		ptr = strchr(str+1, ' ');
#  289|   		if (ptr == NULL)
#  290|   			return -1; // Malformed - bomb out

Error: GCC_ANALYZER_WARNING (CWE-775): [#def266]
audit-userspace-4.1.2/src/auditd.c:472:14: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘oomfd’
audit-userspace-4.1.2/src/auditd.c:460:22: acquire_resource: opened here
audit-userspace-4.1.2/src/auditd.c:460:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd.c:471:15: branch_true: ...to here
audit-userspace-4.1.2/src/auditd.c:472:14: throw: if ‘write’ throws an exception...
audit-userspace-4.1.2/src/auditd.c:472:14: danger: ‘oomfd’ leaks here; was opened at [(1)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/0)
#  470|   
#  471|   	len = strlen(score);
#  472|-> 	rc = write(oomfd, score, len);
#  473|   	if (rc != len)
#  474|   		audit_msg(LOG_NOTICE, "Unable to adjust out of memory score");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def267]
audit-userspace-4.1.2/src/auditd.c:474:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘oomfd’
audit-userspace-4.1.2/src/auditd.c:460:22: acquire_resource: opened here
audit-userspace-4.1.2/src/auditd.c:460:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd.c:471:15: branch_true: ...to here
audit-userspace-4.1.2/src/auditd.c:473:12: branch_true: following ‘true’ branch (when ‘len != rc’)...
audit-userspace-4.1.2/src/auditd.c:474:17: branch_true: ...to here
audit-userspace-4.1.2/src/auditd.c:474:17: throw: if ‘audit_msg’ throws an exception...
audit-userspace-4.1.2/src/auditd.c:474:17: danger: ‘oomfd’ leaks here; was opened at [(1)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/0)
#  472|   	rc = write(oomfd, score, len);
#  473|   	if (rc != len)
#  474|-> 		audit_msg(LOG_NOTICE, "Unable to adjust out of memory score");
#  475|   
#  476|   	close(oomfd);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def268]
audit-userspace-4.1.2/src/auditd.c:476:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘oomfd’
audit-userspace-4.1.2/src/auditd.c:460:22: acquire_resource: opened here
audit-userspace-4.1.2/src/auditd.c:460:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd.c:471:15: branch_true: ...to here
audit-userspace-4.1.2/src/auditd.c:476:9: throw: if ‘close’ throws an exception...
audit-userspace-4.1.2/src/auditd.c:476:9: danger: ‘oomfd’ leaks here; was opened at [(1)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/0)
#  474|   		audit_msg(LOG_NOTICE, "Unable to adjust out of memory score");
#  475|   
#  476|-> 	close(oomfd);
#  477|   }
#  478|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def269]
audit-userspace-4.1.2/src/auditd.c:516:28: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(open("/dev/null", 2), 0)’
audit-userspace-4.1.2/src/auditd.c:512:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd.c:516:30: branch_false: ...to here
audit-userspace-4.1.2/src/auditd.c:516:30: acquire_resource: opened here
audit-userspace-4.1.2/src/auditd.c:516:28: danger: ‘dup2(open("/dev/null", 2), 0)’ leaks here; was opened at [(3)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/2)
#  514|   				return -1;
#  515|   			}
#  516|-> 			if ((dup2(nfd, 0) < 0) || (dup2(nfd, 1) < 0) ||
#  517|   							(dup2(nfd, 2) < 0)) {
#  518|   				audit_msg(LOG_ERR,

Error: GCC_ANALYZER_WARNING (CWE-775): [#def270]
audit-userspace-4.1.2/src/auditd.c:516:29: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(open("/dev/null", 2), 1)’
audit-userspace-4.1.2/src/auditd.c:512:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd.c:516:30: branch_false: ...to here
audit-userspace-4.1.2/src/auditd.c:516:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd.c:516:52: branch_false: ...to here
audit-userspace-4.1.2/src/auditd.c:516:52: acquire_resource: opened here
audit-userspace-4.1.2/src/auditd.c:516:29: danger: ‘dup2(open("/dev/null", 2), 1)’ leaks here; was opened at [(5)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/4)
#  514|   				return -1;
#  515|   			}
#  516|-> 			if ((dup2(nfd, 0) < 0) || (dup2(nfd, 1) < 0) ||
#  517|   							(dup2(nfd, 2) < 0)) {
#  518|   				audit_msg(LOG_ERR,

Error: GCC_ANALYZER_WARNING (CWE-775): [#def271]
audit-userspace-4.1.2/src/auditd.c:516:29: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(open("/dev/null", 2), 2)’
audit-userspace-4.1.2/src/auditd.c:512:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd.c:516:30: branch_false: ...to here
audit-userspace-4.1.2/src/auditd.c:516:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd.c:517:58: acquire_resource: opened here
audit-userspace-4.1.2/src/auditd.c:516:29: danger: ‘dup2(open("/dev/null", 2), 2)’ leaks here; was opened at [(5)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/4)
#  514|   				return -1;
#  515|   			}
#  516|-> 			if ((dup2(nfd, 0) < 0) || (dup2(nfd, 1) < 0) ||
#  517|   							(dup2(nfd, 2) < 0)) {
#  518|   				audit_msg(LOG_ERR,

Error: GCC_ANALYZER_WARNING (CWE-775): [#def272]
audit-userspace-4.1.2/src/auditd.c:518:33: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/dev/null", 2)’
audit-userspace-4.1.2/src/auditd.c:511:31: acquire_resource: opened here
audit-userspace-4.1.2/src/auditd.c:512:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd.c:516:30: branch_false: ...to here
audit-userspace-4.1.2/src/auditd.c:518:33: throw: if ‘audit_msg’ throws an exception...
audit-userspace-4.1.2/src/auditd.c:518:33: danger: ‘open("/dev/null", 2)’ leaks here; was opened at [(1)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/0)
#  516|   			if ((dup2(nfd, 0) < 0) || (dup2(nfd, 1) < 0) ||
#  517|   							(dup2(nfd, 2) < 0)) {
#  518|-> 				audit_msg(LOG_ERR,
#  519|   				    "Cannot reassign descriptors to /dev/null");
#  520|   				close(nfd);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def273]
audit-userspace-4.1.2/src/auditd.c:520:33: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/dev/null", 2)’
audit-userspace-4.1.2/src/auditd.c:511:31: acquire_resource: opened here
audit-userspace-4.1.2/src/auditd.c:512:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd.c:516:30: branch_false: ...to here
audit-userspace-4.1.2/src/auditd.c:520:33: danger: ‘open("/dev/null", 2)’ leaks here; was opened at [(1)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/0)
#  518|   				audit_msg(LOG_ERR,
#  519|   				    "Cannot reassign descriptors to /dev/null");
#  520|-> 				close(nfd);
#  521|   				return -1;
#  522|   			}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def274]
audit-userspace-4.1.2/src/auditd.c:523:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/dev/null", 2)’
audit-userspace-4.1.2/src/auditd.c:511:31: acquire_resource: opened here
audit-userspace-4.1.2/src/auditd.c:512:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd.c:516:30: branch_false: ...to here
audit-userspace-4.1.2/src/auditd.c:516:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd.c:523:25: danger: ‘open("/dev/null", 2)’ leaks here; was opened at [(1)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/0)
#  521|   				return -1;
#  522|   			}
#  523|-> 			close(nfd);
#  524|   
#  525|   			/* Change to '/' */

Error: GCC_ANALYZER_WARNING (CWE-775): [#def275]
audit-userspace-4.1.2/src/auditd.c:1244:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(&filename, 0)’
audit-userspace-4.1.2/src/auditd.c:1236:15: acquire_resource: opened here
audit-userspace-4.1.2/src/auditd.c:1237:11: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd.c:1237:11: branch_false: ...to here
audit-userspace-4.1.2/src/auditd.c:1244:9: danger: ‘open(&filename, 0)’ leaks here; was opened at [(1)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/0)
# 1242|   		num_read = read(sfd, dsubj, SUBJ_LEN-1);
# 1243|   	} while (num_read < 0 && errno == EINTR);
# 1244|-> 	close(sfd);
# 1245|   	if(num_read <= 0) {
# 1246|   		dsubj[0] = 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def276]
audit-userspace-4.1.2/src/aureport-options.c:699:33: warning[-Wanalyzer-malloc-leak]: leak of ‘sn.str’
audit-userspace-4.1.2/src/aureport-options.c:246:5: enter_function: entry to ‘check_params’
audit-userspace-4.1.2/src/aureport-options.c:252:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/aureport-options.c:254:21: branch_true: ...to here
audit-userspace-4.1.2/src/aureport-options.c:262:25: call_function: calling ‘audit_lookup_option’ from ‘check_params’
audit-userspace-4.1.2/src/aureport-options.c:262:25: return_function: returning to ‘check_params’ from ‘audit_lookup_option’
audit-userspace-4.1.2/src/aureport-options.c:678:28: branch_false: following ‘false’ branch (when ‘optarg’ is non-NULL)...
audit-userspace-4.1.2/src/aureport-options.c:687:37: branch_false: ...to here
audit-userspace-4.1.2/src/aureport-options.c:696:42: acquire_memory: allocated here
audit-userspace-4.1.2/src/aureport-options.c:699:33: throw: if ‘slist_append’ throws an exception...
audit-userspace-4.1.2/src/aureport-options.c:699:33: danger: ‘sn.str’ leaks here; was allocated at [(11)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/10)
#  697|   				sn.key = NULL;
#  698|   				sn.hits=0;
#  699|-> 				slist_append(event_node_list, &sn);
#  700|   			}
#  701|   			break;

Error: GCC_ANALYZER_WARNING (CWE-688): [#def277]
audit-userspace-4.1.2/src/aureport.c:193:15: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘config.log_file’ where non-null expected
audit-userspace-4.1.2/src/aureport.c:179:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/aureport.c:189:33: acquire_memory: this call could return NULL
audit-userspace-4.1.2/src/aureport.c:193:15: danger: argument 1 (‘config.log_file’) from [(4)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/3) could be NULL where non-null expected
#  191|   	}
#  192|   
#  193|-> 	len = strlen(config.log_file) + 16;
#  194|   	filename = malloc(len);
#  195|   	if (!filename) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def278]
audit-userspace-4.1.2/src/aureport.c:202:13: warning[-Wanalyzer-malloc-leak]: leak of ‘filename’
audit-userspace-4.1.2/src/aureport.c:194:20: acquire_memory: allocated here
audit-userspace-4.1.2/src/aureport.c:195:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
audit-userspace-4.1.2/src/aureport.c:202:13: branch_false: ...to here
audit-userspace-4.1.2/src/aureport.c:202:13: throw: if ‘audit_log_list’ throws an exception...
audit-userspace-4.1.2/src/aureport.c:202:13: danger: ‘filename’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  200|   
#  201|   	/* Count the logs */
#  202|-> 	if (audit_log_list(config.log_file, &logs, &log_cnt)) {
#  203|   		fprintf(stderr, "No memory\n");
#  204|   		free(filename);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def279]
audit-userspace-4.1.2/src/aureport.c:218:28: warning[-Wanalyzer-malloc-leak]: leak of ‘filename’
audit-userspace-4.1.2/src/aureport.c:194:20: acquire_memory: allocated here
audit-userspace-4.1.2/src/aureport.c:195:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
audit-userspace-4.1.2/src/aureport.c:202:13: branch_false: ...to here
audit-userspace-4.1.2/src/aureport.c:202:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/aureport.c:209:13: branch_false: ...to here
audit-userspace-4.1.2/src/aureport.c:209:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/aureport.c:218:28: branch_false: ...to here
audit-userspace-4.1.2/src/aureport.c:218:28: throw: if ‘audit_log_find_start’ throws an exception...
audit-userspace-4.1.2/src/aureport.c:218:28: danger: ‘filename’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#  216|   
#  217|   	/* Locate the starting file that is in range */
#  218|-> 	files_to_process = audit_log_find_start(logs, log_cnt, start_time);
#  219|   	audit_log_free(logs, log_cnt);
#  220|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def280]
audit-userspace-4.1.2/src/aureport.c:219:9: warning[-Wanalyzer-malloc-leak]: leak of ‘filename’
audit-userspace-4.1.2/src/aureport.c:194:20: acquire_memory: allocated here
audit-userspace-4.1.2/src/aureport.c:195:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
audit-userspace-4.1.2/src/aureport.c:202:13: branch_false: ...to here
audit-userspace-4.1.2/src/aureport.c:202:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/aureport.c:209:13: branch_false: ...to here
audit-userspace-4.1.2/src/aureport.c:209:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/aureport.c:218:28: branch_false: ...to here
audit-userspace-4.1.2/src/aureport.c:219:9: throw: if ‘audit_log_free’ throws an exception...
audit-userspace-4.1.2/src/aureport.c:219:9: danger: ‘filename’ leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
#  217|   	/* Locate the starting file that is in range */
#  218|   	files_to_process = audit_log_find_start(logs, log_cnt, start_time);
#  219|-> 	audit_log_free(logs, log_cnt);
#  220|   
#  221|   	/* Got it, now process logs from last to first */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def281]
audit-userspace-4.1.2/src/aureport.c:372:29: warning[-Wanalyzer-malloc-leak]: leak of ‘buff’
audit-userspace-4.1.2/src/aureport.c:360:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/aureport.c:360:12: branch_false: ...to here
audit-userspace-4.1.2/src/aureport.c:364:20: branch_true: following ‘true’ branch (when ‘buff’ is NULL)...
audit-userspace-4.1.2/src/aureport.c:365:32: branch_true: ...to here
audit-userspace-4.1.2/src/aureport.c:365:32: acquire_memory: allocated here
audit-userspace-4.1.2/src/aureport.c:366:28: branch_false: following ‘false’ branch (when ‘buff’ is non-NULL)...
audit-userspace-4.1.2/src/aureport.c:369:22: branch_false: ...to here
audit-userspace-4.1.2/src/aureport.c:371:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/aureport.c:372:29: branch_true: ...to here
audit-userspace-4.1.2/src/aureport.c:372:29: throw: if ‘lol_add_record’ throws an exception...
audit-userspace-4.1.2/src/aureport.c:372:29: danger: ‘buff’ leaks here; was allocated at [(5)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/4)
#  370|   					log_fd);
#  371|   		if (rc) {
#  372|-> 			if (lol_add_record(&lo, buff)) {
#  373|   				*l = get_ready_event(&lo);
#  374|   				if (*l)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def282]
audit-userspace-4.1.2/src/ausearch-lookup.c:251:13: warning[-Wanalyzer-malloc-leak]: leak of ‘nv.name’
audit-userspace-4.1.2/src/ausearch-lookup.c:217:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-lookup.c:221:12: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-lookup.c:221:12: branch_false: following ‘false’ branch (when ‘uid != 4294967295’)...
audit-userspace-4.1.2/src/ausearch-lookup.c:226:16: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-lookup.c:227:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-lookup.c:234:13: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-lookup.c:240:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-lookup.c:246:22: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-lookup.c:247:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-lookup.c:249:42: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-lookup.c:249:35: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-lookup.c:251:13: throw: if ‘search_list_append’ throws an exception...
audit-userspace-4.1.2/src/ausearch-lookup.c:251:13: danger: ‘nv.name’ leaks here; was allocated at [(11)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/10)
#  249|   			nv.name = strdup(pw->pw_name);
#  250|   			nv.val = uid;
#  251|->             search_list_append(&uid_nvl, &nv);
#  252|   			name = uid_nvl.cur->name;
#  253|   		}

Error: COMPILER_WARNING (CWE-704): [#def283]
audit-userspace-4.1.2/src/ausearch-lookup.c: scope_hint: In function ‘x2c’
audit-userspace-4.1.2/src/ausearch-lookup.c:290:13: warning[-Wdiscarded-qualifiers]: assignment discards ‘const’ qualifier from pointer target type
#  290 |         ptr = strchr(AsciiArray, (char)toupper(buf[0]));
#      |             ^
#  288|   	unsigned char total=0;
#  289|   
#  290|-> 	ptr = strchr(AsciiArray, (char)toupper(buf[0]));
#  291|   	if (ptr)
#  292|   		total = (unsigned char)(((ptr-AsciiArray) & 0x0F)<<4);

Error: COMPILER_WARNING (CWE-704): [#def284]
audit-userspace-4.1.2/src/ausearch-lookup.c:290:13: warning[-Wdiscarded-qualifiers]: assignment discards ‘const’ qualifier from pointer target type
#  288|   	unsigned char total=0;
#  289|   
#  290|-> 	ptr = strchr(AsciiArray, (char)toupper(buf[0]));
#  291|   	if (ptr)
#  292|   		total = (unsigned char)(((ptr-AsciiArray) & 0x0F)<<4);

Error: COMPILER_WARNING (CWE-704): [#def285]
audit-userspace-4.1.2/src/ausearch-lookup.c:293:13: warning[-Wdiscarded-qualifiers]: assignment discards ‘const’ qualifier from pointer target type
#  293 |         ptr = strchr(AsciiArray, (char)toupper(buf[1]));
#      |             ^
#  291|   	if (ptr)
#  292|   		total = (unsigned char)(((ptr-AsciiArray) & 0x0F)<<4);
#  293|-> 	ptr = strchr(AsciiArray, (char)toupper(buf[1]));
#  294|   	if (ptr)
#  295|   		total += (unsigned char)((ptr-AsciiArray) & 0x0F);

Error: COMPILER_WARNING (CWE-704): [#def286]
audit-userspace-4.1.2/src/ausearch-lookup.c:293:13: warning[-Wdiscarded-qualifiers]: assignment discards ‘const’ qualifier from pointer target type
#  291|   	if (ptr)
#  292|   		total = (unsigned char)(((ptr-AsciiArray) & 0x0F)<<4);
#  293|-> 	ptr = strchr(AsciiArray, (char)toupper(buf[1]));
#  294|   	if (ptr)
#  295|   		total += (unsigned char)((ptr-AsciiArray) & 0x0F);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def287]
audit-userspace-4.1.2/src/ausearch-options.c:786:33: warning[-Wanalyzer-malloc-leak]: leak of ‘sn.str’
audit-userspace-4.1.2/src/ausearch-options.c:309:5: enter_function: entry to ‘check_params’
audit-userspace-4.1.2/src/ausearch-options.c:315:12: branch_false: following ‘false’ branch (when ‘count > 1’)...
audit-userspace-4.1.2/src/ausearch-options.c:315:12: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-options.c:319:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-options.c:321:21: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-options.c:329:25: call_function: calling ‘audit_lookup_option’ from ‘check_params’
audit-userspace-4.1.2/src/ausearch-options.c:329:25: return_function: returning to ‘check_params’ from ‘audit_lookup_option’
audit-userspace-4.1.2/src/ausearch-options.c:765:28: branch_false: following ‘false’ branch (when ‘optarg’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-options.c:774:37: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-options.c:783:42: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-options.c:786:33: throw: if ‘slist_append’ throws an exception...
audit-userspace-4.1.2/src/ausearch-options.c:786:33: danger: ‘sn.str’ leaks here; was allocated at [(13)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/12)
#  784|   				sn.key = NULL;
#  785|   				sn.hits=0;
#  786|-> 				slist_append(event_node_list, &sn);
#  787|   			}
#  788|   			break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def288]
audit-userspace-4.1.2/src/ausearch-parse.c:77:17: warning[-Wanalyzer-malloc-leak]: leak of ‘an.avc_class’
audit-userspace-4.1.2/src/ausearch-parse.c:1950:12: enter_function: entry to ‘parse_avc’
audit-userspace-4.1.2/src/ausearch-parse.c:1961:12: branch_false: following ‘false’ branch (when ‘str’ is NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1996:1: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1998:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2012:13: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2113:12: branch_false: following ‘false’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2117:9: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2119:12: branch_false: following ‘false’ branch (when ‘term’ is NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2121:24: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2121:24: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:2122:12: branch_false: following ‘false’ branch (when ‘term’ is NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2126:13: call_function: inlined call to ‘audit_avc_init’ from ‘parse_avc’
#   75|   		if (s->avc == NULL)
#   76|   			return -1;
#   77|-> 		alist_create(s->avc);
#   78|   	}
#   79|   	return 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def289]
audit-userspace-4.1.2/src/ausearch-parse.c:252:13: warning[-Wanalyzer-malloc-leak]: leak of ‘nv.name’
audit-userspace-4.1.2/src/ausearch-parse.c:230:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:232:12: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:232:12: branch_false: following ‘false’ branch (when ‘uid != 0’)...
audit-userspace-4.1.2/src/ausearch-parse.c:234:17: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:234:17: branch_false: following ‘false’ branch (when ‘uid != 4294967295’)...
audit-userspace-4.1.2/src/ausearch-parse.c:237:13: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:243:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:247:22: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:248:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:250:42: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:250:35: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:252:13: throw: if ‘search_list_append’ throws an exception...
audit-userspace-4.1.2/src/ausearch-parse.c:252:13: danger: ‘nv.name’ leaks here; was allocated at [(11)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/10)
#  250|   			nv.name = strdup(pw->pw_name);
#  251|   			nv.val = uid;
#  252|->             search_list_append(&uid_nvl, &nv);
#  253|   			return strdup(pw->pw_name);
#  254|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def290]
audit-userspace-4.1.2/src/ausearch-parse.c:493:33: warning[-Wanalyzer-malloc-leak]: leak of ‘an.scontext’
audit-userspace-4.1.2/src/ausearch-parse.c:306:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:328:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:370:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:479:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:481:23: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:482:20: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:483:25: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:485:28: branch_false: following ‘false’ branch (when ‘term’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:487:25: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:492:47: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:493:33: throw: if ‘alist_append’ throws an exception...
audit-userspace-4.1.2/src/ausearch-parse.c:493:33: danger: ‘an.scontext’ leaks here; was allocated at [(15)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/14)
#  491|   				anode_init(&an);
#  492|   				an.scontext = strdup(str);
#  493|-> 				alist_append(s->avc, &an);
#  494|   				*term = ' ';
#  495|   			} else

Error: GCC_ANALYZER_WARNING (CWE-401): [#def291]
audit-userspace-4.1.2/src/ausearch-parse.c:757:25: warning[-Wanalyzer-malloc-leak]: leak of ‘sn.str’
audit-userspace-4.1.2/src/ausearch-parse.c:727:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:729:17: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:731:20: branch_false: following ‘false’ branch (when ‘term’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:733:17: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:734:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:737:34: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:737:34: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:738:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:742:25: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:757:25: throw: if ‘slist_append’ throws an exception...
audit-userspace-4.1.2/src/ausearch-parse.c:757:25: danger: ‘sn.str’ leaks here; was allocated at [(8)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/7)
#  755|   				sn.str = tmp;
#  756|   			}
#  757|-> 			slist_append(s->filename, &sn);
#  758|   		}
#  759|   		*term = '"';

Error: GCC_ANALYZER_WARNING (CWE-401): [#def292]
audit-userspace-4.1.2/src/ausearch-parse.c:798:25: warning[-Wanalyzer-malloc-leak]: leak of ‘sn.str’
audit-userspace-4.1.2/src/ausearch-parse.c:727:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:761:21: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:761:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:764:25: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:766:28: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:767:42: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:767:42: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:798:25: throw: if ‘slist_append’ throws an exception...
audit-userspace-4.1.2/src/ausearch-parse.c:798:25: danger: ‘sn.str’ leaks here; was allocated at [(7)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/6)
#  796|   			}
#  797|   append:
#  798|-> 			slist_append(s->filename, &sn);
#  799|   		}
#  800|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def293]
audit-userspace-4.1.2/src/ausearch-parse.c:864:33: warning[-Wanalyzer-malloc-leak]: leak of ‘an.tcontext’
audit-userspace-4.1.2/src/ausearch-parse.c:821:12: enter_function: entry to ‘parse_path’
audit-userspace-4.1.2/src/ausearch-parse.c:828:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:830:13: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:851:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:853:23: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:854:20: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:855:25: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:857:28: branch_false: following ‘false’ branch (when ‘term’ is NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:859:29: call_function: inlined call to ‘audit_avc_init’ from ‘parse_path’
audit-userspace-4.1.2/src/ausearch-parse.c:863:47: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:864:33: throw: if ‘alist_append’ throws an exception...
audit-userspace-4.1.2/src/ausearch-parse.c:864:33: danger: ‘an.tcontext’ leaks here; was allocated at [(13)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/12)
#  862|   				anode_init(&an);
#  863|   				an.tcontext = strdup(str);
#  864|-> 				alist_append(s->avc, &an);
#  865|   				if (term)
#  866|   					*term = ' ';

Error: GCC_ANALYZER_WARNING (CWE-401): [#def294]
audit-userspace-4.1.2/src/ausearch-parse.c:892:33: warning[-Wanalyzer-malloc-leak]: leak of ‘an.tcontext’
audit-userspace-4.1.2/src/ausearch-parse.c:874:12: enter_function: entry to ‘parse_obj’
audit-userspace-4.1.2/src/ausearch-parse.c:879:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:881:23: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:882:20: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:883:25: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:885:28: branch_false: following ‘false’ branch (when ‘term’ is NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:887:29: call_function: inlined call to ‘audit_avc_init’ from ‘parse_obj’
audit-userspace-4.1.2/src/ausearch-parse.c:891:47: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:892:33: throw: if ‘alist_append’ throws an exception...
audit-userspace-4.1.2/src/ausearch-parse.c:892:33: danger: ‘an.tcontext’ leaks here; was allocated at [(11)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/10)
#  890|   				anode_init(&an);
#  891|   				an.tcontext = strdup(str);
#  892|-> 				alist_append(s->avc, &an);
#  893|   				if (term)
#  894|   					*term = ' ';

Error: GCC_ANALYZER_WARNING (CWE-401): [#def295]
audit-userspace-4.1.2/src/ausearch-parse.c:995:33: warning[-Wanalyzer-malloc-leak]: leak of ‘an.scontext’
audit-userspace-4.1.2/src/ausearch-parse.c:902:12: enter_function: entry to ‘parse_user’
audit-userspace-4.1.2/src/ausearch-parse.c:925:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:942:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:978:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:980:23: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:981:20: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:982:25: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:984:28: branch_false: following ‘false’ branch (when ‘term’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:986:25: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:987:28: branch_false: following ‘false’ branch (when ‘avc’ is NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:990:36: call_function: inlined call to ‘audit_avc_init’ from ‘parse_user’
audit-userspace-4.1.2/src/ausearch-parse.c:994:47: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:995:33: throw: if ‘alist_append’ throws an exception...
audit-userspace-4.1.2/src/ausearch-parse.c:995:33: danger: ‘an.scontext’ leaks here; was allocated at [(17)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/16)
#  993|   				anode_init(&an);
#  994|   				an.scontext = strdup(str);
#  995|-> 				alist_append(s->avc, &an);
#  996|   				*term = ' ';
#  997|   			} else

Error: GCC_ANALYZER_WARNING (CWE-401): [#def296]
audit-userspace-4.1.2/src/ausearch-parse.c:1095:41: warning[-Wanalyzer-malloc-leak]: leak of ‘an.scontext’
audit-userspace-4.1.2/src/ausearch-parse.c:925:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:942:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:981:20: branch_false: following ‘false’ branch (when ‘str’ is NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1002:12: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1081:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1082:21: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1082:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1083:31: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1084:28: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1085:33: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1087:36: branch_false: following ‘false’ branch (when ‘term’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1089:33: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1094:55: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:1095:41: throw: if ‘alist_append’ throws an exception...
audit-userspace-4.1.2/src/ausearch-parse.c:1095:41: danger: ‘an.scontext’ leaks here; was allocated at [(18)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/17)
# 1093|   					anode_init(&an);
# 1094|   					an.scontext = strdup(str);
# 1095|-> 					alist_append(s->avc, &an);
# 1096|   					*term = ' ';
# 1097|   				} else

Error: GCC_ANALYZER_WARNING (CWE-401): [#def297]
audit-userspace-4.1.2/src/ausearch-parse.c:1114:41: warning[-Wanalyzer-malloc-leak]: leak of ‘an.tcontext’
audit-userspace-4.1.2/src/ausearch-parse.c:925:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:942:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1081:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1082:21: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1101:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1102:31: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1103:28: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1104:33: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1106:36: branch_false: following ‘false’ branch (when ‘term’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1108:33: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1113:55: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:1114:41: throw: if ‘alist_append’ throws an exception...
audit-userspace-4.1.2/src/ausearch-parse.c:1114:41: danger: ‘an.tcontext’ leaks here; was allocated at [(15)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/14)
# 1112|   					anode_init(&an);
# 1113|   					an.tcontext = strdup(str);
# 1114|-> 					alist_append(s->avc, &an);
# 1115|   					*term = ' ';
# 1116|   				} else

Error: GCC_ANALYZER_WARNING (CWE-401): [#def298]
audit-userspace-4.1.2/src/ausearch-parse.c:1441:33: warning[-Wanalyzer-malloc-leak]: leak of ‘an.scontext’
audit-userspace-4.1.2/src/ausearch-parse.c:1411:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1428:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1429:23: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1430:20: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1431:25: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1433:28: branch_false: following ‘false’ branch (when ‘term’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1435:25: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1440:47: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:1441:33: throw: if ‘alist_append’ throws an exception...
audit-userspace-4.1.2/src/ausearch-parse.c:1441:33: danger: ‘an.scontext’ leaks here; was allocated at [(11)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/10)
# 1439|   				anode_init(&an);
# 1440|   				an.scontext = strdup(str);
# 1441|-> 				alist_append(s->avc, &an);
# 1442|   				*term = ' ';
# 1443|   			} else

Error: GCC_ANALYZER_WARNING (CWE-401): [#def299]
audit-userspace-4.1.2/src/ausearch-parse.c:1620:33: warning[-Wanalyzer-malloc-leak]: leak of ‘an.scontext’
audit-userspace-4.1.2/src/ausearch-parse.c:1521:12: enter_function: entry to ‘parse_daemon1’
audit-userspace-4.1.2/src/ausearch-parse.c:1527:12: branch_true: following ‘true’ branch (when ‘mptr’ is NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1527:12: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1532:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1607:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1609:23: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1610:20: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1611:25: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1613:28: branch_false: following ‘false’ branch (when ‘term’ is NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1615:29: call_function: inlined call to ‘audit_avc_init’ from ‘parse_daemon1’
audit-userspace-4.1.2/src/ausearch-parse.c:1619:47: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:1620:33: throw: if ‘alist_append’ throws an exception...
audit-userspace-4.1.2/src/ausearch-parse.c:1620:33: danger: ‘an.scontext’ leaks here; was allocated at [(16)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/15)
# 1618|   				anode_init(&an);
# 1619|   				an.scontext = strdup(str);
# 1620|-> 				alist_append(s->avc, &an);
# 1621|   			} else
# 1622|   				return 11;

Error: CPPCHECK_WARNING (CWE-401): [#def300]
audit-userspace-4.1.2/src/ausearch-parse.c:1764: error[memleak]: Memory leak: sn.str
# 1762|   							strdup(un->sun_path+1);
# 1763|   						else
# 1764|-> 							return 6;
# 1765|   
# 1766|   						sn.key = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def301]
audit-userspace-4.1.2/src/ausearch-parse.c:1768:49: warning[-Wanalyzer-malloc-leak]: leak of ‘sn.str’
audit-userspace-4.1.2/src/ausearch-parse.c:1701:20: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1706:25: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1710:36: branch_true: following ‘true’ branch (when ‘ptr2’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1711:47: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1718:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1721:29: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1721:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1728:35: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1728:35: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1735:35: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1735:35: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1738:37: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1738:36: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1745:37: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1745:36: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1746:46: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1746:44: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1754:45: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1754:44: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1757:53: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1757:52: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1759:64: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1759:57: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:1768:49: throw: if ‘slist_append’ throws an exception...
audit-userspace-4.1.2/src/ausearch-parse.c:1768:49: danger: ‘sn.str’ leaks here; was allocated at [(25)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/24)
# 1766|   						sn.key = NULL;
# 1767|   						sn.hits = 1;
# 1768|-> 						slist_append(s->filename, &sn);
# 1769|   					}
# 1770|   					free(s->hostname);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def302]
audit-userspace-4.1.2/src/ausearch-parse.c:1890:33: warning[-Wanalyzer-malloc-leak]: leak of ‘an.scontext’
audit-userspace-4.1.2/src/ausearch-parse.c:1810:12: branch_false: following ‘false’ branch (when ‘str’ is NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1824:13: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1876:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1878:23: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1879:20: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1880:25: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1882:28: branch_false: following ‘false’ branch (when ‘term’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1884:25: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1889:47: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:1890:33: throw: if ‘alist_append’ throws an exception...
audit-userspace-4.1.2/src/ausearch-parse.c:1890:33: danger: ‘an.scontext’ leaks here; was allocated at [(12)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/11)
# 1888|   				anode_init(&an);
# 1889|   				an.scontext = strdup(str);
# 1890|-> 				alist_append(s->avc, &an);
# 1891|   				*term = ' ';
# 1892|   			} else

Error: GCC_ANALYZER_WARNING (CWE-401): [#def303]
audit-userspace-4.1.2/src/ausearch-parse.c:2127:17: warning[-Wanalyzer-malloc-leak]: leak of ‘an.avc_class’
audit-userspace-4.1.2/src/ausearch-parse.c:1950:12: enter_function: entry to ‘parse_avc’
audit-userspace-4.1.2/src/ausearch-parse.c:1961:12: branch_false: following ‘false’ branch (when ‘str’ is NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1996:1: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1998:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2012:13: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2032:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2035:20: branch_false: following ‘false’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2039:17: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2040:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2051:35: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2052:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2056:25: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2113:12: branch_false: following ‘false’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2117:9: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2119:12: branch_false: following ‘false’ branch (when ‘term’ is NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2121:24: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2121:24: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:2122:12: branch_false: following ‘false’ branch (when ‘term’ is NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2126:13: call_function: inlined call to ‘audit_avc_init’ from ‘parse_avc’
audit-userspace-4.1.2/src/ausearch-parse.c:2127:17: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2127:17: throw: if ‘alist_append’ throws an exception...
audit-userspace-4.1.2/src/ausearch-parse.c:2127:17: danger: ‘an.avc_class’ leaks here; was allocated at [(22)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/21)
# 2125|   	// This can be called multiple times. Only first time it initializes.
# 2126|   	if (audit_avc_init(s) == 0) {
# 2127|-> 		alist_append(s->avc, &an);
# 2128|   	} else {
# 2129|   		rc = 10;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def304]
audit-userspace-4.1.2/src/ausearch-parse.c:2233:33: warning[-Wanalyzer-malloc-leak]: leak of ‘an.scontext’
audit-userspace-4.1.2/src/ausearch-parse.c:2144:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2216:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2219:13: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2219:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2221:23: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2222:20: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2223:25: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2225:28: branch_false: following ‘false’ branch (when ‘term’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2227:25: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2232:47: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:2233:33: throw: if ‘alist_append’ throws an exception...
audit-userspace-4.1.2/src/ausearch-parse.c:2233:33: danger: ‘an.scontext’ leaks here; was allocated at [(13)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/12)
# 2231|   				anode_init(&an);
# 2232|   				an.scontext = strdup(str);
# 2233|-> 				alist_append(s->avc, &an);
# 2234|   				*term = ' ';
# 2235|   			} else

Error: GCC_ANALYZER_WARNING (CWE-401): [#def305]
audit-userspace-4.1.2/src/ausearch-parse.c:2406:33: warning[-Wanalyzer-malloc-leak]: leak of ‘an.scontext’
audit-userspace-4.1.2/src/ausearch-parse.c:2347:12: enter_function: entry to ‘parse_simple_message’
audit-userspace-4.1.2/src/ausearch-parse.c:2393:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2395:23: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2396:20: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2397:25: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2399:28: branch_false: following ‘false’ branch (when ‘term’ is NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2401:29: call_function: inlined call to ‘audit_avc_init’ from ‘parse_simple_message’
audit-userspace-4.1.2/src/ausearch-parse.c:2405:47: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:2406:33: throw: if ‘alist_append’ throws an exception...
audit-userspace-4.1.2/src/ausearch-parse.c:2406:33: danger: ‘an.scontext’ leaks here; was allocated at [(11)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/10)
# 2404|   				anode_init(&an);
# 2405|   				an.scontext = strdup(str);
# 2406|-> 				alist_append(s->avc, &an);
# 2407|   				if (term)
# 2408|   					*term = ' ';

Error: GCC_ANALYZER_WARNING (CWE-401): [#def306]
audit-userspace-4.1.2/src/ausearch-parse.c:2438:49: warning[-Wanalyzer-malloc-leak]: leak of ‘sn.str’
audit-userspace-4.1.2/src/ausearch-parse.c:2416:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2417:23: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2418:20: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2419:30: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2427:28: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2428:33: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2430:36: branch_true: following ‘true’ branch (when ‘term’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2431:41: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2432:44: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2435:58: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2435:58: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:2438:49: throw: if ‘slist_append’ throws an exception...
audit-userspace-4.1.2/src/ausearch-parse.c:2438:49: danger: ‘sn.str’ leaks here; was allocated at [(13)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/12)
# 2436|   						sn.key = NULL;
# 2437|   						sn.hits = 1;
# 2438|-> 						slist_append(s->key, &sn);
# 2439|   					}
# 2440|   					*term = '"';

Error: GCC_ANALYZER_WARNING (CWE-401): [#def307]
audit-userspace-4.1.2/src/ausearch-parse.c:2457:49: warning[-Wanalyzer-malloc-leak]: leak of ‘sn.str’
audit-userspace-4.1.2/src/ausearch-parse.c:2416:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2417:23: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2418:20: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2419:30: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2427:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2444:37: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2444:36: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2446:56: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2447:44: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2449:54: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2451:48: branch_true: following ‘true’ branch (when ‘kptr’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2454:58: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2454:58: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:2457:49: throw: if ‘slist_append’ throws an exception...
audit-userspace-4.1.2/src/ausearch-parse.c:2457:49: danger: ‘sn.str’ leaks here; was allocated at [(14)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/13)
# 2455|   						sn.key = NULL;
# 2456|   						sn.hits = 1;
# 2457|-> 						slist_append(s->key, &sn);
# 2458|   						kptr = strtok_r(NULL,
# 2459|   							key_sep, &saved);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def308]
audit-userspace-4.1.2/src/ausearch-parse.c:2642:33: warning[-Wanalyzer-malloc-leak]: leak of ‘an.tcontext’
audit-userspace-4.1.2/src/ausearch-parse.c:2611:12: enter_function: entry to ‘parse_pkt’
audit-userspace-4.1.2/src/ausearch-parse.c:2630:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2631:23: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2632:20: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2633:25: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2635:28: branch_false: following ‘false’ branch (when ‘term’ is NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2637:29: call_function: inlined call to ‘audit_avc_init’ from ‘parse_pkt’
audit-userspace-4.1.2/src/ausearch-parse.c:2640:33: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2641:47: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:2642:33: throw: if ‘alist_append’ throws an exception...
audit-userspace-4.1.2/src/ausearch-parse.c:2642:33: danger: ‘an.tcontext’ leaks here; was allocated at [(13)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/12)
# 2640|   				anode_init(&an);
# 2641|   				an.tcontext = strdup(str);
# 2642|-> 				alist_append(s->avc, &an);
# 2643|   				if (term)
# 2644|   					*term = ' ';

Error: GCC_ANALYZER_WARNING (CWE-401): [#def309]
audit-userspace-4.1.2/src/ausearch-parse.c:2764:33: warning[-Wanalyzer-malloc-leak]: leak of ‘an.scontext’
audit-userspace-4.1.2/src/ausearch-parse.c:2750:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2753:20: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2754:25: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2756:28: branch_false: following ‘false’ branch (when ‘term’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2758:25: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2763:47: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:2764:33: throw: if ‘alist_append’ throws an exception...
audit-userspace-4.1.2/src/ausearch-parse.c:2764:33: danger: ‘an.scontext’ leaks here; was allocated at [(9)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/8)
# 2762|   				anode_init(&an);
# 2763|   				an.scontext = strdup(str);
# 2764|-> 				alist_append(s->avc, &an);
# 2765|   				*term = ' ';
# 2766|   			} else

Error: GCC_ANALYZER_WARNING (CWE-401): [#def310]
audit-userspace-4.1.2/src/ausearch-parse.c:2902:23: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
audit-userspace-4.1.2/src/ausearch-parse.c:2879:5: enter_function: entry to ‘audit_log_list’
audit-userspace-4.1.2/src/ausearch-parse.c:2889:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2892:9: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2898:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2900:21: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2900:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2901:25: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2903:20: branch_false: following ‘false’ branch (when ‘tmp’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2909:21: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2909:34: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:2910:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2915:17: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2898:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2900:21: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2900:21: call_function: calling ‘read_first_ts’ from ‘audit_log_list’
audit-userspace-4.1.2/src/ausearch-parse.c:2900:21: return_function: returning to ‘audit_log_list’ from ‘read_first_ts’
audit-userspace-4.1.2/src/ausearch-parse.c:2900:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2901:25: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2902:23: danger: ‘<unknown>’ leaks here; was allocated at [(11)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/10)
# 2900|   		if (read_first_ts(filename, &sec, &milli))
# 2901|   			sec = 0;
# 2902|-> 		tmp = realloc(list, (num + 1) * sizeof(*list));
# 2903|   		if (tmp == NULL) {
# 2904|   			free(filename);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def311]
audit-userspace-4.1.2/src/ausearch-report.c:456:17: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_get_node(au)’
audit-userspace-4.1.2/src/ausearch-report.c:432:12: branch_false: following ‘false’ branch (when ‘cb_event_type == 0’)...
audit-userspace-4.1.2/src/ausearch-report.c:435:13: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-report.c:454:16: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-report.c:455:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-report.c:456:17: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-report.c:456:17: throw: if ‘auparse_interpret_field’ throws an exception...
audit-userspace-4.1.2/src/ausearch-report.c:456:17: danger: ‘auparse_get_node(au)’ leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#  454|   	item = auparse_get_node(au);
#  455|   	if (item) {
#  456|-> 		printf("%s", auparse_interpret_field(au));
#  457|   		free((void *)item);
#  458|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def312]
audit-userspace-4.1.2/src/ausearch-report.c:716:17: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_get_node(au)’
audit-userspace-4.1.2/src/ausearch-report.c:714:16: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-report.c:715:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-report.c:716:17: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-report.c:716:17: throw: if ‘auparse_interpret_field’ throws an exception...
audit-userspace-4.1.2/src/ausearch-report.c:716:17: danger: ‘auparse_get_node(au)’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  714|   	item = auparse_get_node(au);
#  715|   	if (item) {
#  716|-> 		printf("On %s at %s ", auparse_interpret_field(au), tmp);
#  717|   		free((void *)item);
#  718|   	} else

Error: GCC_ANALYZER_WARNING (CWE-775): [#def313]
audit-userspace-4.1.2/src/ausearch-time.c:152:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/proc/uptime", 0)’
audit-userspace-4.1.2/src/ausearch-time.c:143:22: acquire_resource: opened here
audit-userspace-4.1.2/src/ausearch-time.c:144:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-time.c:150:13: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-time.c:152:9: danger: ‘open("/proc/uptime", 0)’ leaks here; was opened at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  150|           t = time(NULL);
#  151|   	rc = read(fd, buf, sizeof(buf)-1);
#  152|-> 	close(fd);
#  153|   	if (rc > 0) {
#  154|   		struct tm *tv;

Error: GCC_ANALYZER_WARNING (CWE-688): [#def314]
audit-userspace-4.1.2/src/ausearch.c:256:15: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘config.log_file’ where non-null expected
audit-userspace-4.1.2/src/ausearch.c:242:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch.c:252:33: acquire_memory: this call could return NULL
audit-userspace-4.1.2/src/ausearch.c:256:15: danger: argument 1 (‘config.log_file’) from [(4)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/3) could be NULL where non-null expected
#  254|   	}
#  255|   
#  256|-> 	len = strlen(config.log_file) + 16;
#  257|   	filename = malloc(len);
#  258|   	if (!filename) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def315]
audit-userspace-4.1.2/src/ausearch.c:325:21: warning[-Wanalyzer-malloc-leak]: leak of ‘filename’
audit-userspace-4.1.2/src/ausearch.c:257:20: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch.c:258:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch.c:268:13: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch.c:325:21: throw: if ‘audit_log_list’ throws an exception...
audit-userspace-4.1.2/src/ausearch.c:325:21: danger: ‘filename’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  323|   
#  324|   		/* Count logs */
#  325|-> 		if (audit_log_list(config.log_file, &logs, &log_cnt)) {
#  326|   			fprintf(stderr, "No memory\n");
#  327|   			free(filename);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def316]
audit-userspace-4.1.2/src/ausearch.c:342:36: warning[-Wanalyzer-malloc-leak]: leak of ‘filename’
audit-userspace-4.1.2/src/ausearch.c:257:20: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch.c:258:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch.c:268:13: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch.c:325:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch.c:332:21: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch.c:332:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch.c:342:36: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch.c:342:36: throw: if ‘audit_log_find_start’ throws an exception...
audit-userspace-4.1.2/src/ausearch.c:342:36: danger: ‘filename’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#  340|   
#  341|   		/* Locate the starting file that's in range */
#  342|-> 		files_to_process = audit_log_find_start(logs, log_cnt,
#  343|   							start_time);
#  344|   		audit_log_free(logs, log_cnt);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def317]
audit-userspace-4.1.2/src/ausearch.c:344:17: warning[-Wanalyzer-malloc-leak]: leak of ‘filename’
audit-userspace-4.1.2/src/ausearch.c:257:20: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch.c:258:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch.c:268:13: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch.c:325:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch.c:332:21: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch.c:332:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch.c:342:36: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch.c:344:17: throw: if ‘audit_log_free’ throws an exception...
audit-userspace-4.1.2/src/ausearch.c:344:17: danger: ‘filename’ leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
#  342|   		files_to_process = audit_log_find_start(logs, log_cnt,
#  343|   							start_time);
#  344|-> 		audit_log_free(logs, log_cnt);
#  345|   	}
#  346|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def318]
audit-userspace-4.1.2/src/ausearch.c:634:29: warning[-Wanalyzer-malloc-leak]: leak of ‘buff’
audit-userspace-4.1.2/src/ausearch.c:607:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch.c:607:12: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch.c:613:20: branch_true: following ‘true’ branch (when ‘buff’ is NULL)...
audit-userspace-4.1.2/src/ausearch.c:614:32: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch.c:614:32: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch.c:615:28: branch_false: following ‘false’ branch (when ‘buff’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch.c:619:21: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch.c:627:20: branch_false: following ‘false’ branch (when ‘timer_running == 0’)...
audit-userspace-4.1.2/src/ausearch.c:633:20: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch.c:633:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch.c:634:29: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch.c:634:29: throw: if ‘lol_add_record’ throws an exception...
audit-userspace-4.1.2/src/ausearch.c:634:29: danger: ‘buff’ leaks here; was allocated at [(5)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/4)
#  632|   
#  633|   		if (rc) {
#  634|-> 			if (lol_add_record(&lo, buff)) {
#  635|   				*l = get_ready_event(&lo);
#  636|   				if (*l)

Error: CPPCHECK_WARNING (CWE-190): [#def319]
audit-userspace-4.1.2/src/libev/ev.c:1517: error[integerOverflow]: Signed integer overflow for expression '14-24'.
# 1515|   
# 1516|         /* too small, will be zero */
# 1517|->       if (e < (14 - 24)) /* might not be sharp, but is good enough */
# 1518|           return s;
# 1519|   

Error: COMPILER_WARNING: [#def320]
audit-userspace-4.1.2/src/libev/ev.c:2146:31: warning: 'ev_default_loop_ptr' initialized and declared 'extern'
# 2146 |   EV_API_DECL struct ev_loop *ev_default_loop_ptr = 0; /* needs to be initialised to make it a definition despite extern */
#      |                               ^~~~~~~~~~~~~~~~~~~
# 2144|   
# 2145|     static struct ev_loop default_loop_struct;
# 2146|->   EV_API_DECL struct ev_loop *ev_default_loop_ptr = 0; /* needs to be initialised to make it a definition despite extern */
# 2147|   
# 2148|   #else

Error: COMPILER_WARNING: [#def321]
audit-userspace-4.1.2/src/libev/ev.c:2146:31: warning[warning]: 'ev_default_loop_ptr' initialized and declared 'extern'
# 2144|   
# 2145|     static struct ev_loop default_loop_struct;
# 2146|->   EV_API_DECL struct ev_loop *ev_default_loop_ptr = 0; /* needs to be initialised to make it a definition despite extern */
# 2147|   
# 2148|   #else

Error: GCC_ANALYZER_WARNING (CWE-775): [#def322]
audit-userspace-4.1.2/src/libev/ev.c:2566:3: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'fds[0]'
audit-userspace-4.1.2/src/libev/ev.c:5412:1: enter_function: entry to 'ev_async_start'
audit-userspace-4.1.2/src/libev/ev.c:5414:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/src/libev/ev.c:5417:3: branch_false: ...to here
audit-userspace-4.1.2/src/libev/ev.c:5419:3: call_function: calling 'evpipe_init' from 'ev_async_start'
# 2564|     ioctlsocket (EV_FD_TO_WIN32_HANDLE (fd), FIONBIO, &arg);
# 2565|   #else
# 2566|->   fcntl (fd, F_SETFD, FD_CLOEXEC);
# 2567|     fcntl (fd, F_SETFL, O_NONBLOCK);
# 2568|   #endif

Error: GCC_ANALYZER_WARNING (CWE-775): [#def323]
audit-userspace-4.1.2/src/libev/ev.c:2566:3: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'fds[1]'
audit-userspace-4.1.2/src/libev/ev.c:5412:1: enter_function: entry to 'ev_async_start'
audit-userspace-4.1.2/src/libev/ev.c:5414:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/src/libev/ev.c:5417:3: branch_false: ...to here
audit-userspace-4.1.2/src/libev/ev.c:5419:3: call_function: calling 'evpipe_init' from 'ev_async_start'
# 2564|     ioctlsocket (EV_FD_TO_WIN32_HANDLE (fd), FIONBIO, &arg);
# 2565|   #else
# 2566|->   fcntl (fd, F_SETFD, FD_CLOEXEC);
# 2567|     fcntl (fd, F_SETFL, O_NONBLOCK);
# 2568|   #endif

Error: GCC_ANALYZER_WARNING (CWE-775): [#def324]
audit-userspace-4.1.2/src/libev/ev.c:2566:3: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'fds[flags]'
audit-userspace-4.1.2/src/libev/ev.c:5252:1: enter_function: entry to 'embed_fork_cb'
audit-userspace-4.1.2/src/libev/ev.c:5262:5: call_function: calling 'ev_run' from 'embed_fork_cb'
# 2564|     ioctlsocket (EV_FD_TO_WIN32_HANDLE (fd), FIONBIO, &arg);
# 2565|   #else
# 2566|->   fcntl (fd, F_SETFD, FD_CLOEXEC);
# 2567|     fcntl (fd, F_SETFL, O_NONBLOCK);
# 2568|   #endif

Error: GCC_ANALYZER_WARNING (CWE-775): [#def325]
audit-userspace-4.1.2/src/libev/ev.c:2567:3: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'fds[1]'
audit-userspace-4.1.2/src/libev/ev.c:5412:1: enter_function: entry to 'ev_async_start'
audit-userspace-4.1.2/src/libev/ev.c:5414:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/src/libev/ev.c:5417:3: branch_false: ...to here
audit-userspace-4.1.2/src/libev/ev.c:5419:3: call_function: calling 'evpipe_init' from 'ev_async_start'
# 2565|   #else
# 2566|     fcntl (fd, F_SETFD, FD_CLOEXEC);
# 2567|->   fcntl (fd, F_SETFL, O_NONBLOCK);
# 2568|   #endif
# 2569|   }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def326]
audit-userspace-4.1.2/src/libev/ev.c:2567:3: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'fds[flags]'
audit-userspace-4.1.2/src/libev/ev.c:5252:1: enter_function: entry to 'embed_fork_cb'
audit-userspace-4.1.2/src/libev/ev.c:5262:5: call_function: calling 'ev_run' from 'embed_fork_cb'
# 2565|   #else
# 2566|     fcntl (fd, F_SETFD, FD_CLOEXEC);
# 2567|->   fcntl (fd, F_SETFL, O_NONBLOCK);
# 2568|   #endif
# 2569|   }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def327]
audit-userspace-4.1.2/src/libev/ev.c:2769:11: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'fds[1]'
audit-userspace-4.1.2/src/libev/ev.c:5412:1: enter_function: entry to 'ev_async_start'
audit-userspace-4.1.2/src/libev/ev.c:5414:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/src/libev/ev.c:5417:3: branch_false: ...to here
audit-userspace-4.1.2/src/libev/ev.c:5419:3: call_function: calling 'evpipe_init' from 'ev_async_start'
# 2767|   
# 2768|             dup2 (fds [1], evpipe [1]);
# 2769|->           close (fds [1]);
# 2770|           }
# 2771|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def328]
audit-userspace-4.1.2/src/libev/event.c:414:3: warning[-Wanalyzer-malloc-leak]: leak of 'once'
audit-userspace-4.1.2/src/libev/event.c:404:48: acquire_memory: allocated here
audit-userspace-4.1.2/src/libev/event.c:407:6: branch_false: following 'false' branch (when 'once' is non-NULL)...
audit-userspace-4.1.2/src/libev/event.c:410:3: branch_false: ...to here
audit-userspace-4.1.2/src/libev/event.c:414:3: throw: if 'ev_once' throws an exception...
audit-userspace-4.1.2/src/libev/event.c:414:3: danger: 'once' leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  412|     once->arg = arg;
#  413|   
#  414|->   ev_once (EV_A_ fd, events & (EV_READ | EV_WRITE), ev_tv_get (tv), ev_x_once_cb, (void *)once);
#  415|   
#  416|     return 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def329]
audit-userspace-4.1.2/tools/aulast/aulast.c:233:20: warning[-Wanalyzer-malloc-leak]: leak of ‘n’
audit-userspace-4.1.2/tools/aulast/aulast.c:479:5: enter_function: entry to ‘main’
audit-userspace-4.1.2/tools/aulast/aulast.c:534:12: branch_false: following ‘false’ branch (when ‘file’ is NULL)...
audit-userspace-4.1.2/tools/aulast/aulast.c:536:17: branch_false: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:545:12: branch_false: following ‘false’ branch (when ‘au’ is non-NULL)...
audit-userspace-4.1.2/tools/aulast/aulast.c:545:12: branch_false: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:559:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/tools/aulast/aulast.c:562:28: branch_true: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:568:33: call_function: calling ‘create_new_session’ from ‘main’
#  231|   		return;
#  232|   	n->session = ses;
#  233|-> 	n->start = auparse_get_time(au);
#  234|   	n->end = 0;
#  235|   	n->auid = auid;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def330]
audit-userspace-4.1.2/tools/aulast/aulast.c:242:29: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
audit-userspace-4.1.2/tools/aulast/aulast.c:479:5: enter_function: entry to ‘main’
audit-userspace-4.1.2/tools/aulast/aulast.c:534:12: branch_false: following ‘false’ branch (when ‘file’ is NULL)...
audit-userspace-4.1.2/tools/aulast/aulast.c:536:17: branch_false: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:545:12: branch_false: following ‘false’ branch (when ‘au’ is non-NULL)...
audit-userspace-4.1.2/tools/aulast/aulast.c:545:12: branch_false: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:559:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/tools/aulast/aulast.c:562:28: branch_true: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:568:33: call_function: calling ‘create_new_session’ from ‘main’
#  240|   	n->host = NULL;
#  241|   	n->status = LOG_IN;
#  242|-> 	n->loginuid_proof = auparse_get_serial(au);
#  243|   	n->user_login_proof = 0;
#  244|   	n->user_end_proof = 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def331]
audit-userspace-4.1.2/tools/aulast/aulast.c:242:29: warning[-Wanalyzer-malloc-leak]: leak of ‘n’
audit-userspace-4.1.2/tools/aulast/aulast.c:479:5: enter_function: entry to ‘main’
audit-userspace-4.1.2/tools/aulast/aulast.c:534:12: branch_false: following ‘false’ branch (when ‘file’ is NULL)...
audit-userspace-4.1.2/tools/aulast/aulast.c:536:17: branch_false: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:545:12: branch_false: following ‘false’ branch (when ‘au’ is non-NULL)...
audit-userspace-4.1.2/tools/aulast/aulast.c:545:12: branch_false: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:559:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/tools/aulast/aulast.c:562:28: branch_true: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:568:33: call_function: calling ‘create_new_session’ from ‘main’
#  240|   	n->host = NULL;
#  241|   	n->status = LOG_IN;
#  242|-> 	n->loginuid_proof = auparse_get_serial(au);
#  243|   	n->user_login_proof = 0;
#  244|   	n->user_end_proof = 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def332]
audit-userspace-4.1.2/tools/aulast/aulast.c:245:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
audit-userspace-4.1.2/tools/aulast/aulast.c:479:5: enter_function: entry to ‘main’
audit-userspace-4.1.2/tools/aulast/aulast.c:534:12: branch_false: following ‘false’ branch (when ‘file’ is NULL)...
audit-userspace-4.1.2/tools/aulast/aulast.c:536:17: branch_false: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:545:12: branch_false: following ‘false’ branch (when ‘au’ is non-NULL)...
audit-userspace-4.1.2/tools/aulast/aulast.c:545:12: branch_false: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:559:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/tools/aulast/aulast.c:562:28: branch_true: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:568:33: call_function: calling ‘create_new_session’ from ‘main’
#  243|   	n->user_login_proof = 0;
#  244|   	n->user_end_proof = 0;
#  245|-> 	list_create_session_simple(&l, n);
#  246|   }
#  247|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def333]
audit-userspace-4.1.2/tools/aulast/aulast.c:245:9: warning[-Wanalyzer-malloc-leak]: leak of ‘n’
audit-userspace-4.1.2/tools/aulast/aulast.c:479:5: enter_function: entry to ‘main’
audit-userspace-4.1.2/tools/aulast/aulast.c:534:12: branch_false: following ‘false’ branch (when ‘file’ is NULL)...
audit-userspace-4.1.2/tools/aulast/aulast.c:536:17: branch_false: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:545:12: branch_false: following ‘false’ branch (when ‘au’ is non-NULL)...
audit-userspace-4.1.2/tools/aulast/aulast.c:545:12: branch_false: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:559:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/tools/aulast/aulast.c:562:28: branch_true: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:568:33: call_function: calling ‘create_new_session’ from ‘main’
#  243|   	n->user_login_proof = 0;
#  244|   	n->user_end_proof = 0;
#  245|-> 	list_create_session_simple(&l, n);
#  246|   }
#  247|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def334]
audit-userspace-4.1.2/tools/aulast/aulast.c:442:9: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup("reboot")’
audit-userspace-4.1.2/tools/aulast/aulast.c:479:5: enter_function: entry to ‘main’
audit-userspace-4.1.2/tools/aulast/aulast.c:534:12: branch_false: following ‘false’ branch (when ‘file’ is NULL)...
audit-userspace-4.1.2/tools/aulast/aulast.c:536:17: branch_false: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:545:12: branch_false: following ‘false’ branch (when ‘au’ is non-NULL)...
audit-userspace-4.1.2/tools/aulast/aulast.c:545:12: branch_false: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:559:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/tools/aulast/aulast.c:562:28: branch_true: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:580:33: call_function: calling ‘process_bootup’ from ‘main’
#  440|   	cur = list_get_cur(&l);
#  441|   	cur->start = start;
#  442|-> 	cur->name = strdup("reboot");
#  443|   	cur->term = strdup("system boot");
#  444|   	if (kernel)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def335]
audit-userspace-4.1.2/tools/aulast/aulast.c:443:9: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup("system boot")’
audit-userspace-4.1.2/tools/aulast/aulast.c:479:5: enter_function: entry to ‘main’
audit-userspace-4.1.2/tools/aulast/aulast.c:534:12: branch_false: following ‘false’ branch (when ‘file’ is NULL)...
audit-userspace-4.1.2/tools/aulast/aulast.c:536:17: branch_false: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:545:12: branch_false: following ‘false’ branch (when ‘au’ is non-NULL)...
audit-userspace-4.1.2/tools/aulast/aulast.c:545:12: branch_false: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:559:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/tools/aulast/aulast.c:562:28: branch_true: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:580:33: call_function: calling ‘process_bootup’ from ‘main’
#  441|   	cur->start = start;
#  442|   	cur->name = strdup("reboot");
#  443|-> 	cur->term = strdup("system boot");
#  444|   	if (kernel)
#  445|   		cur->host = strdup(kernel);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def336]
audit-userspace-4.1.2/tools/aulast/aulast.c:559:16: warning[-Wanalyzer-malloc-leak]: leak of ‘au’
audit-userspace-4.1.2/tools/aulast/aulast.c:534:12: branch_false: following ‘false’ branch (when ‘file’ is NULL)...
audit-userspace-4.1.2/tools/aulast/aulast.c:536:17: branch_false: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:536:17: branch_false: following ‘false’ branch (when ‘use_stdin == 0’)...
audit-userspace-4.1.2/tools/aulast/aulast.c:539:21: branch_false: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:543:22: acquire_memory: allocated here
audit-userspace-4.1.2/tools/aulast/aulast.c:545:12: branch_false: following ‘false’ branch (when ‘au’ is non-NULL)...
audit-userspace-4.1.2/tools/aulast/aulast.c:545:12: branch_false: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:559:16: throw: if ‘auparse_next_event’ throws an exception...
audit-userspace-4.1.2/tools/aulast/aulast.c:559:16: danger: ‘au’ leaks here; was allocated at [(5)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/4)
#  557|   	// 7) When SHUTDOWN found, close out reboot record
#  558|   
#  559|-> 	while (auparse_next_event(au) > 0) {
#  560|   		// We will take advantage of the fact that all events
#  561|   		// of interest are one record long

Error: GCC_ANALYZER_WARNING (CWE-401): [#def337]
audit-userspace-4.1.2/tools/aulastlog/aulastlog.c:98:13: warning[-Wanalyzer-malloc-leak]: leak of ‘au’
audit-userspace-4.1.2/tools/aulastlog/aulastlog.c:84:12: branch_false: following ‘false’ branch (when ‘user’ is NULL)...
audit-userspace-4.1.2/tools/aulastlog/aulastlog.c:90:12: branch_false: ...to here
audit-userspace-4.1.2/tools/aulastlog/aulastlog.c:90:12: branch_false: following ‘false’ branch (when ‘use_stdin == 0’)...
audit-userspace-4.1.2/tools/aulastlog/aulastlog.c:93:22: branch_false: ...to here
audit-userspace-4.1.2/tools/aulastlog/aulastlog.c:93:22: acquire_memory: allocated here
audit-userspace-4.1.2/tools/aulastlog/aulastlog.c:94:12: branch_false: following ‘false’ branch (when ‘au’ is non-NULL)...
audit-userspace-4.1.2/tools/aulastlog/aulastlog.c:98:13: branch_false: ...to here
audit-userspace-4.1.2/tools/aulastlog/aulastlog.c:98:13: throw: if ‘ausearch_add_item’ throws an exception...
audit-userspace-4.1.2/tools/aulastlog/aulastlog.c:98:13: danger: ‘au’ leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#   96|   		goto error_exit_1;
#   97|   	}
#   98|-> 	if (ausearch_add_item(au, "type", "=", "USER_LOGIN",
#   99|   						 AUSEARCH_RULE_CLEAR)){
#  100|   		printf("ausearch_add_item error - %s\n", strerror(errno));