authselect-1.6.2-1.fc44

List of Findings

Error: SHELLCHECK_WARNING (CWE-758): [#def1]
/etc/bash_completion.d/authselect-completion.sh:1:1: error[SC2148]: Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive.
#    1|-> #
#    2|   #    Authors:
#    3|   #        Tomas Halman <thalman@redhat.com>

Error: SHELLCHECK_WARNING (CWE-140): [#def2]
/etc/bash_completion.d/authselect-completion.sh:199:24: warning[SC2207]: Prefer mapfile or read -a to split command output (or quote to avoid splitting).
#  197|       if [[ "$possibleopts" != "" ]]; then
#  198|           if [[ "${COMP_WORDS[$COMP_CWORD]}" = "=" ]]; then
#  199|->             COMPREPLY=($(compgen -W "$possibleopts"))
#  200|           else
#  201|               COMPREPLY=($(compgen -W "$possibleopts" -- "${COMP_WORDS[$COMP_CWORD]}"))

Error: SHELLCHECK_WARNING (CWE-140): [#def3]
/etc/bash_completion.d/authselect-completion.sh:201:24: warning[SC2207]: Prefer mapfile or read -a to split command output (or quote to avoid splitting).
#  199|               COMPREPLY=($(compgen -W "$possibleopts"))
#  200|           else
#  201|->             COMPREPLY=($(compgen -W "$possibleopts" -- "${COMP_WORDS[$COMP_CWORD]}"))
#  202|           fi
#  203|       else

Error: SHELLCHECK_WARNING (CWE-569): [#def4]
/etc/bash_completion.d/authselect-completion.sh:206:26: warning[SC2124]: Assigning an array to a string! Assign as array, or use * instead of @ to concatenate.
#  204|           command="$(get_command)"
#  205|           if [[ "$command" = "" ]]; then
#  206|->             possibleopts="$(get_global_options) ${COMMANDS[@]}"
#  207|           else
#  208|               possibleopts="$(get_global_options) $(get_command_params) $(get_command_keywords) $(get_command_options)"

Error: SHELLCHECK_WARNING (CWE-140): [#def5]
/etc/bash_completion.d/authselect-completion.sh:210:20: warning[SC2207]: Prefer mapfile or read -a to split command output (or quote to avoid splitting).
#  208|               possibleopts="$(get_global_options) $(get_command_params) $(get_command_keywords) $(get_command_options)"
#  209|           fi
#  210|->         COMPREPLY=($(compgen -W "$possibleopts" -- "${COMP_WORDS[$COMP_CWORD]}"))
#  211|       fi
#  212|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def6]
authselect-1.6.2/src/cli/main.c:174:11: warning[-Wanalyzer-malloc-leak]: leak of ‘features’
authselect-1.6.2/src/cli/main.c:145:16: enter_function: entry to ‘activate’
authselect-1.6.2/src/cli/main.c:169:11: call_function: calling ‘parse_profile_options’ from ‘activate’
authselect-1.6.2/src/cli/main.c:169:11: return_function: returning to ‘activate’ from ‘parse_profile_options’
authselect-1.6.2/src/cli/main.c:170:8: branch_false: following ‘false’ branch...
authselect-1.6.2/src/cli/main.c:174:11: branch_false: ...to here
authselect-1.6.2/src/cli/main.c:174:11: throw: if ‘authselect_profile’ throws an exception...
authselect-1.6.2/src/cli/main.c:174:11: danger: ‘features’ leaks here; was allocated at [(6)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/5)
#  172|       }
#  173|   
#  174|->     ret = authselect_profile(profile_id, &profile);
#  175|       if (ret != EOK) {
#  176|           ERROR("Unable to get profile information [%d]: %s",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def7]
authselect-1.6.2/src/cli/main.c:176:9: warning[-Wanalyzer-malloc-leak]: leak of ‘features’
authselect-1.6.2/src/cli/main.c:145:16: enter_function: entry to ‘activate’
authselect-1.6.2/src/cli/main.c:169:11: call_function: calling ‘parse_profile_options’ from ‘activate’
authselect-1.6.2/src/cli/main.c:169:11: return_function: returning to ‘activate’ from ‘parse_profile_options’
authselect-1.6.2/src/cli/main.c:170:8: branch_false: following ‘false’ branch...
authselect-1.6.2/src/cli/main.c:174:11: branch_false: ...to here
authselect-1.6.2/src/cli/main.c:175:8: branch_true: following ‘true’ branch...
authselect-1.6.2/src/cli/main.c:176:9: branch_true: ...to here
authselect-1.6.2/src/cli/main.c:176:9: throw: if ‘debug’ throws an exception...
authselect-1.6.2/src/cli/main.c:176:9: danger: ‘features’ leaks here; was allocated at [(6)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/5)
#  174|       ret = authselect_profile(profile_id, &profile);
#  175|       if (ret != EOK) {
#  176|->         ERROR("Unable to get profile information [%d]: %s",
#  177|                 ret, strerror(ret));
#  178|           ret = ENOMEM;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def8]
authselect-1.6.2/src/cli/main.c:182:20: warning[-Wanalyzer-malloc-leak]: leak of ‘features’
authselect-1.6.2/src/cli/main.c:145:16: enter_function: entry to ‘activate’
authselect-1.6.2/src/cli/main.c:169:11: call_function: calling ‘parse_profile_options’ from ‘activate’
authselect-1.6.2/src/cli/main.c:169:11: return_function: returning to ‘activate’ from ‘parse_profile_options’
authselect-1.6.2/src/cli/main.c:170:8: branch_false: following ‘false’ branch...
authselect-1.6.2/src/cli/main.c:174:11: branch_false: ...to here
authselect-1.6.2/src/cli/main.c:175:8: branch_false: following ‘false’ branch...
authselect-1.6.2/src/cli/main.c:182:20: branch_false: ...to here
authselect-1.6.2/src/cli/main.c:182:20: throw: if ‘authselect_profile_requirements’ throws an exception...
authselect-1.6.2/src/cli/main.c:182:20: danger: ‘features’ leaks here; was allocated at [(6)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/5)
#  180|       }
#  181|   
#  182|->     requirements = authselect_profile_requirements(profile, features);
#  183|       if (requirements == NULL) {
#  184|           ERROR("Unable to read profile requirements!");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def9]
authselect-1.6.2/src/cli/main.c:520:11: warning[-Wanalyzer-malloc-leak]: leak of ‘features’
authselect-1.6.2/src/cli/main.c:507:16: enter_function: entry to ‘requirements’
authselect-1.6.2/src/cli/main.c:515:11: call_function: calling ‘parse_profile_options’ from ‘requirements’
authselect-1.6.2/src/cli/main.c:515:11: return_function: returning to ‘requirements’ from ‘parse_profile_options’
authselect-1.6.2/src/cli/main.c:516:8: branch_false: following ‘false’ branch...
authselect-1.6.2/src/cli/main.c:520:11: branch_false: ...to here
authselect-1.6.2/src/cli/main.c:520:11: throw: if ‘authselect_profile’ throws an exception...
authselect-1.6.2/src/cli/main.c:520:11: danger: ‘features’ leaks here; was allocated at [(6)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/5)
#  518|       }
#  519|   
#  520|->     ret = authselect_profile(profile_id, &profile);
#  521|       if (ret != EOK) {
#  522|           ERROR("Unable to get profile information [%d]: %s",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def10]
authselect-1.6.2/src/cli/main.c:522:9: warning[-Wanalyzer-malloc-leak]: leak of ‘features’
authselect-1.6.2/src/cli/main.c:507:16: enter_function: entry to ‘requirements’
authselect-1.6.2/src/cli/main.c:515:11: call_function: calling ‘parse_profile_options’ from ‘requirements’
authselect-1.6.2/src/cli/main.c:515:11: return_function: returning to ‘requirements’ from ‘parse_profile_options’
authselect-1.6.2/src/cli/main.c:516:8: branch_false: following ‘false’ branch...
authselect-1.6.2/src/cli/main.c:520:11: branch_false: ...to here
authselect-1.6.2/src/cli/main.c:521:8: branch_true: following ‘true’ branch...
authselect-1.6.2/src/cli/main.c:522:9: branch_true: ...to here
authselect-1.6.2/src/cli/main.c:522:9: throw: if ‘debug’ throws an exception...
authselect-1.6.2/src/cli/main.c:522:9: danger: ‘features’ leaks here; was allocated at [(6)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/5)
#  520|       ret = authselect_profile(profile_id, &profile);
#  521|       if (ret != EOK) {
#  522|->         ERROR("Unable to get profile information [%d]: %s",
#  523|                 ret, strerror(ret));
#  524|           ret = ENOMEM;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def11]
authselect-1.6.2/src/cli/main.c:528:20: warning[-Wanalyzer-malloc-leak]: leak of ‘features’
authselect-1.6.2/src/cli/main.c:507:16: enter_function: entry to ‘requirements’
authselect-1.6.2/src/cli/main.c:515:11: call_function: calling ‘parse_profile_options’ from ‘requirements’
authselect-1.6.2/src/cli/main.c:515:11: return_function: returning to ‘requirements’ from ‘parse_profile_options’
authselect-1.6.2/src/cli/main.c:516:8: branch_false: following ‘false’ branch...
authselect-1.6.2/src/cli/main.c:520:11: branch_false: ...to here
authselect-1.6.2/src/cli/main.c:521:8: branch_false: following ‘false’ branch...
authselect-1.6.2/src/cli/main.c:528:20: branch_false: ...to here
authselect-1.6.2/src/cli/main.c:528:20: throw: if ‘authselect_profile_requirements’ throws an exception...
authselect-1.6.2/src/cli/main.c:528:20: danger: ‘features’ leaks here; was allocated at [(6)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/5)
#  526|       }
#  527|   
#  528|->     requirements = authselect_profile_requirements(profile, features);
#  529|       if (requirements == NULL) {
#  530|           ERROR("Unable to read profile requirements!");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def12]
authselect-1.6.2/src/cli/main.c:602:11: warning[-Wanalyzer-malloc-leak]: leak of ‘features’
authselect-1.6.2/src/cli/main.c:549:16: enter_function: entry to ‘test’
authselect-1.6.2/src/cli/main.c:597:11: call_function: calling ‘parse_profile_options’ from ‘test’
authselect-1.6.2/src/cli/main.c:597:11: return_function: returning to ‘test’ from ‘parse_profile_options’
authselect-1.6.2/src/cli/main.c:598:8: branch_false: following ‘false’ branch...
authselect-1.6.2/src/cli/main.c:602:11: branch_false: ...to here
authselect-1.6.2/src/cli/main.c:602:11: throw: if ‘authselect_files’ throws an exception...
authselect-1.6.2/src/cli/main.c:602:11: danger: ‘features’ leaks here; was allocated at [(6)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/5)
#  600|       }
#  601|   
#  602|->     ret = authselect_files(profile_id, features, &files);
#  603|       if (ret != EOK) {
#  604|           ERROR("Unable to get generated content [%d]: %s", ret, strerror(ret));

Error: GCC_ANALYZER_WARNING (CWE-404): [#def13]
authselect-1.6.2/src/common/debug.c:48:11: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
authselect-1.6.2/src/common/debug.c:47:5: acquire_resource: 'va_start' called here
authselect-1.6.2/src/common/debug.c:48:11: throw: if 'vaformat' throws an exception...
authselect-1.6.2/src/common/debug.c:48:11: danger: missing call to 'va_end' to match 'va_start' at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#   46|   
#   47|       va_start(va, fmt);
#   48|->     msg = vaformat(fmt, va);
#   49|       va_end(va);
#   50|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def14]
authselect-1.6.2/src/lib/files/config.c:44:16: warning[-Wanalyzer-malloc-leak]: leak of 'strdup(*<unknown>)'
authselect-1.6.2/src/lib/files/config.c:61:1: enter_function: entry to 'authselect_config_read'
authselect-1.6.2/src/lib/files/config.c:73:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/files/config.c:77:13: branch_false: ...to here
authselect-1.6.2/src/lib/files/config.c:79:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/files/config.c:83:9: branch_false: ...to here
authselect-1.6.2/src/lib/files/config.c:83:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/files/config.c:88:18: call_function: inlined call to 'authselect_config_read_profile_id' from 'authselect_config_read'
authselect-1.6.2/src/lib/files/config.c:89:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/files/config.c:94:8: branch_false: ...to here
authselect-1.6.2/src/lib/files/config.c:94:8: branch_true: following 'true' branch (when '_features' is non-NULL)...
authselect-1.6.2/src/lib/files/config.c:95:20: branch_true: ...to here
authselect-1.6.2/src/lib/files/config.c:95:20: call_function: calling 'authselect_config_read_features' from 'authselect_config_read'
#   42|   
#   43|   
#   44|->     features = string_array_create(0);
#   45|       if (features == NULL) {
#   46|           return NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def15]
authselect-1.6.2/src/lib/files/config.c:50:23: warning[-Wanalyzer-malloc-leak]: leak of 'strdup(*<unknown>)'
authselect-1.6.2/src/lib/files/config.c:61:1: enter_function: entry to 'authselect_config_read'
authselect-1.6.2/src/lib/files/config.c:73:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/files/config.c:77:13: branch_false: ...to here
authselect-1.6.2/src/lib/files/config.c:79:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/files/config.c:83:9: branch_false: ...to here
authselect-1.6.2/src/lib/files/config.c:83:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/files/config.c:88:18: call_function: inlined call to 'authselect_config_read_profile_id' from 'authselect_config_read'
authselect-1.6.2/src/lib/files/config.c:89:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/files/config.c:94:8: branch_false: ...to here
authselect-1.6.2/src/lib/files/config.c:94:8: branch_true: following 'true' branch (when '_features' is non-NULL)...
authselect-1.6.2/src/lib/files/config.c:95:20: branch_true: ...to here
authselect-1.6.2/src/lib/files/config.c:95:20: call_function: calling 'authselect_config_read_features' from 'authselect_config_read'
#   48|   
#   49|       /* Skip profile name. */
#   50|->     for (i = 1; config[i] != NULL; i++) {
#   51|           features = string_array_add_value(features, config[i], true);
#   52|           if (features == NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def16]
authselect-1.6.2/src/lib/files/system.c:73:9: warning[-Wanalyzer-malloc-leak]: leak of 'templates'
authselect-1.6.2/src/lib/files/system.c:55:17: acquire_memory: allocated here
authselect-1.6.2/src/lib/files/system.c:56:8: branch_false: following 'false' branch (when 'templates' is non-NULL)...
authselect-1.6.2/src/lib/files/system.c:60:36: branch_false: ...to here
authselect-1.6.2/src/lib/files/system.c:72:17: branch_true: following 'true' branch...
authselect-1.6.2/src/lib/files/system.c:73:9: branch_true: ...to here
authselect-1.6.2/src/lib/files/system.c:73:9: throw: if 'debug' throws an exception...
authselect-1.6.2/src/lib/files/system.c:73:9: danger: 'templates' leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#   71|   
#   72|       for (i = 0; paths[i].path != NULL; i++) {
#   73|->         INFO("Reading file [%s/%s]", dirname, paths[i].path);
#   74|   
#   75|           ret = textfile_read_dirfd(dirfd, dirname, paths[i].path,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def17]
authselect-1.6.2/src/lib/files/system.c:75:15: warning[-Wanalyzer-malloc-leak]: leak of 'templates'
authselect-1.6.2/src/lib/files/system.c:55:17: acquire_memory: allocated here
authselect-1.6.2/src/lib/files/system.c:56:8: branch_false: following 'false' branch (when 'templates' is non-NULL)...
authselect-1.6.2/src/lib/files/system.c:60:36: branch_false: ...to here
authselect-1.6.2/src/lib/files/system.c:72:17: branch_true: following 'true' branch...
authselect-1.6.2/src/lib/files/system.c:73:9: branch_true: ...to here
authselect-1.6.2/src/lib/files/system.c:75:15: throw: if 'textfile_read_dirfd' throws an exception...
authselect-1.6.2/src/lib/files/system.c:75:15: danger: 'templates' leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#   73|           INFO("Reading file [%s/%s]", dirname, paths[i].path);
#   74|   
#   75|->         ret = textfile_read_dirfd(dirfd, dirname, paths[i].path,
#   76|                                     AUTHSELECT_FILE_SIZE_LIMIT,
#   77|                                     paths[i].content);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def18]
authselect-1.6.2/src/lib/files/system.c:129:30: warning[-Wanalyzer-malloc-leak]: leak of 'files'
authselect-1.6.2/src/lib/files/system.c:102:8: branch_false: following 'false' branch (when 'templates' is non-NULL)...
authselect-1.6.2/src/lib/files/system.c:106:13: branch_false: ...to here
authselect-1.6.2/src/lib/files/system.c:106:13: acquire_memory: allocated here
authselect-1.6.2/src/lib/files/system.c:107:8: branch_false: following 'false' branch (when 'files' is non-NULL)...
authselect-1.6.2/src/lib/files/system.c:112:10: branch_false: ...to here
authselect-1.6.2/src/lib/files/system.c:123:17: branch_true: following 'true' branch...
authselect-1.6.2/src/lib/files/system.c:124:13: branch_true: ...to here
authselect-1.6.2/src/lib/files/system.c:124:12: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/files/system.c:129:30: branch_false: ...to here
authselect-1.6.2/src/lib/files/system.c:129:30: throw: if 'template_generate' throws an exception...
authselect-1.6.2/src/lib/files/system.c:129:30: danger: 'files' leaks here; was allocated at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#  127|           }
#  128|   
#  129|->         *tpls[i].generated = template_generate(tpls[i].template, features);
#  130|           if (tpls[i].generated == NULL) {
#  131|               ret = ENOMEM;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def19]
authselect-1.6.2/src/lib/files/system.c:137:11: warning[-Wanalyzer-malloc-leak]: leak of 'files'
authselect-1.6.2/src/lib/files/system.c:102:8: branch_false: following 'false' branch (when 'templates' is non-NULL)...
authselect-1.6.2/src/lib/files/system.c:106:13: branch_false: ...to here
authselect-1.6.2/src/lib/files/system.c:106:13: acquire_memory: allocated here
authselect-1.6.2/src/lib/files/system.c:107:8: branch_false: following 'false' branch (when 'files' is non-NULL)...
authselect-1.6.2/src/lib/files/system.c:112:10: branch_false: ...to here
authselect-1.6.2/src/lib/files/system.c:123:17: branch_true: following 'true' branch...
authselect-1.6.2/src/lib/files/system.c:124:13: branch_true: ...to here
authselect-1.6.2/src/lib/files/system.c:124:12: branch_true: following 'true' branch...
authselect-1.6.2/src/lib/files/system.c:125:13: branch_true: ...to here
authselect-1.6.2/src/lib/files/system.c:123:17: branch_true: following 'true' branch...
authselect-1.6.2/src/lib/files/system.c:124:13: branch_true: ...to here
authselect-1.6.2/src/lib/files/system.c:124:12: branch_true: following 'true' branch...
authselect-1.6.2/src/lib/files/system.c:125:13: branch_true: ...to here
authselect-1.6.2/src/lib/files/system.c:123:17: branch_true: following 'true' branch...
authselect-1.6.2/src/lib/files/system.c:124:13: branch_true: ...to here
authselect-1.6.2/src/lib/files/system.c:124:12: branch_true: following 'true' branch...
authselect-1.6.2/src/lib/files/system.c:125:13: branch_true: ...to here
authselect-1.6.2/src/lib/files/system.c:123:17: branch_true: following 'true' branch...
authselect-1.6.2/src/lib/files/system.c:124:13: branch_true: ...to here
authselect-1.6.2/src/lib/files/system.c:124:12: branch_true: following 'true' branch...
authselect-1.6.2/src/lib/files/system.c:125:13: branch_true: ...to here
authselect-1.6.2/src/lib/files/system.c:123:17: branch_true: following 'true' branch...
authselect-1.6.2/src/lib/files/system.c:124:13: branch_true: ...to here
authselect-1.6.2/src/lib/files/system.c:124:12: branch_true: following 'true' branch...
authselect-1.6.2/src/lib/files/system.c:125:13: branch_true: ...to here
authselect-1.6.2/src/lib/files/system.c:123:17: branch_true: following 'true' branch...
authselect-1.6.2/src/lib/files/system.c:124:13: branch_true: ...to here
authselect-1.6.2/src/lib/files/system.c:124:12: branch_true: following 'true' branch...
authselect-1.6.2/src/lib/files/system.c:125:13: branch_true: ...to here
authselect-1.6.2/src/lib/files/system.c:123:17: branch_true: following 'true' branch...
authselect-1.6.2/src/lib/files/system.c:124:13: branch_true: ...to here
authselect-1.6.2/src/lib/files/system.c:124:12: branch_true: following 'true' branch...
authselect-1.6.2/src/lib/files/system.c:125:13: branch_true: ...to here
authselect-1.6.2/src/lib/files/system.c:123:17: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/files/system.c:137:11: branch_false: ...to here
authselect-1.6.2/src/lib/files/system.c:137:11: throw: if 'authselect_nsswitch_generate' throws an exception...
authselect-1.6.2/src/lib/files/system.c:137:11: danger: 'files' leaks here; was allocated at [(3)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/2)
#  135|   
#  136|       /* nsswitch.conf is special as it can be merged with user-editable file */
#  137|->     ret = authselect_nsswitch_generate(templates->nsswitch, features,
#  138|                                          &files->nsswitch);
#  139|       if (ret != EOK) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def20]
authselect-1.6.2/src/lib/profiles/read.c:133:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'dirfd'
authselect-1.6.2/src/lib/profiles/read.c:94:1: enter_function: entry to 'authselect_profile_open'
authselect-1.6.2/src/lib/profiles/read.c:109:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/profiles/read.c:114:12: branch_false: ...to here
authselect-1.6.2/src/lib/profiles/read.c:117:17: branch_true: following 'true' branch...
authselect-1.6.2/src/lib/profiles/read.c:118:20: branch_true: ...to here
authselect-1.6.2/src/lib/profiles/read.c:119:12: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/profiles/read.c:123:15: branch_false: ...to here
authselect-1.6.2/src/lib/profiles/read.c:123:15: call_function: calling 'authselect_profile_open_location' from 'authselect_profile_open'
authselect-1.6.2/src/lib/profiles/read.c:123:15: return_function: returning to 'authselect_profile_open' from 'authselect_profile_open_location'
authselect-1.6.2/src/lib/profiles/read.c:124:12: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/profiles/read.c:127:19: branch_false: ...to here
authselect-1.6.2/src/lib/profiles/read.c:127:19: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/profiles/read.c:132:13: branch_false: ...to here
authselect-1.6.2/src/lib/profiles/read.c:132:12: branch_true: following 'true' branch (when the strings are equal)...
authselect-1.6.2/src/lib/profiles/read.c:133:13: branch_true: ...to here
authselect-1.6.2/src/lib/profiles/read.c:133:13: throw: if 'debug' throws an exception...
authselect-1.6.2/src/lib/profiles/read.c:133:13: danger: 'dirfd' leaks here; was opened at [(10)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/9)
#  131|   
#  132|           if (strcmp(locations[i], DIR_CUSTOM_PROFILES) == 0) {
#  133|->             INFO("Profile [%s] is a custom profile", id);
#  134|           } else if (strcmp(locations[i], DIR_VENDOR_PROFILES) == 0) {
#  135|               INFO("Profile [%s] is a vendor profile", id);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def21]
authselect-1.6.2/src/lib/profiles/read.c:135:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'dirfd'
authselect-1.6.2/src/lib/profiles/read.c:94:1: enter_function: entry to 'authselect_profile_open'
authselect-1.6.2/src/lib/profiles/read.c:109:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/profiles/read.c:114:12: branch_false: ...to here
authselect-1.6.2/src/lib/profiles/read.c:117:17: branch_true: following 'true' branch...
authselect-1.6.2/src/lib/profiles/read.c:118:20: branch_true: ...to here
authselect-1.6.2/src/lib/profiles/read.c:119:12: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/profiles/read.c:123:15: branch_false: ...to here
authselect-1.6.2/src/lib/profiles/read.c:123:15: call_function: calling 'authselect_profile_open_location' from 'authselect_profile_open'
authselect-1.6.2/src/lib/profiles/read.c:123:15: return_function: returning to 'authselect_profile_open' from 'authselect_profile_open_location'
authselect-1.6.2/src/lib/profiles/read.c:124:12: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/profiles/read.c:127:19: branch_false: ...to here
authselect-1.6.2/src/lib/profiles/read.c:127:19: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/profiles/read.c:132:13: branch_false: ...to here
authselect-1.6.2/src/lib/profiles/read.c:132:12: branch_false: following 'false' branch (when the strings are non-equal)...
authselect-1.6.2/src/lib/profiles/read.c:134:20: branch_false: ...to here
authselect-1.6.2/src/lib/profiles/read.c:134:19: branch_true: following 'true' branch (when the strings are equal)...
authselect-1.6.2/src/lib/profiles/read.c:135:13: branch_true: ...to here
authselect-1.6.2/src/lib/profiles/read.c:135:13: throw: if 'debug' throws an exception...
authselect-1.6.2/src/lib/profiles/read.c:135:13: danger: 'dirfd' leaks here; was opened at [(10)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/9)
#  133|               INFO("Profile [%s] is a custom profile", id);
#  134|           } else if (strcmp(locations[i], DIR_VENDOR_PROFILES) == 0) {
#  135|->             INFO("Profile [%s] is a vendor profile", id);
#  136|           } else {
#  137|               INFO("Profile [%s] is a default profile", id);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def22]
authselect-1.6.2/src/lib/profiles/read.c:137:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'dirfd'
authselect-1.6.2/src/lib/profiles/read.c:94:1: enter_function: entry to 'authselect_profile_open'
authselect-1.6.2/src/lib/profiles/read.c:109:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/profiles/read.c:114:12: branch_false: ...to here
authselect-1.6.2/src/lib/profiles/read.c:117:17: branch_true: following 'true' branch...
authselect-1.6.2/src/lib/profiles/read.c:118:20: branch_true: ...to here
authselect-1.6.2/src/lib/profiles/read.c:119:12: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/profiles/read.c:123:15: branch_false: ...to here
authselect-1.6.2/src/lib/profiles/read.c:123:15: call_function: calling 'authselect_profile_open_location' from 'authselect_profile_open'
authselect-1.6.2/src/lib/profiles/read.c:123:15: return_function: returning to 'authselect_profile_open' from 'authselect_profile_open_location'
authselect-1.6.2/src/lib/profiles/read.c:124:12: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/profiles/read.c:127:19: branch_false: ...to here
authselect-1.6.2/src/lib/profiles/read.c:127:19: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/profiles/read.c:132:13: branch_false: ...to here
authselect-1.6.2/src/lib/profiles/read.c:132:12: branch_false: following 'false' branch (when the strings are non-equal)...
authselect-1.6.2/src/lib/profiles/read.c:134:20: branch_false: ...to here
authselect-1.6.2/src/lib/profiles/read.c:134:19: branch_false: following 'false' branch (when the strings are non-equal)...
authselect-1.6.2/src/lib/profiles/read.c:137:13: branch_false: ...to here
authselect-1.6.2/src/lib/profiles/read.c:137:13: throw: if 'debug' throws an exception...
authselect-1.6.2/src/lib/profiles/read.c:137:13: danger: 'dirfd' leaks here; was opened at [(10)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/9)
#  135|               INFO("Profile [%s] is a vendor profile", id);
#  136|           } else {
#  137|->             INFO("Profile [%s] is a default profile", id);
#  138|           }
#  139|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def23]
authselect-1.6.2/src/lib/profiles/read.c:140:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'dirfd'
authselect-1.6.2/src/lib/profiles/read.c:94:1: enter_function: entry to 'authselect_profile_open'
authselect-1.6.2/src/lib/profiles/read.c:109:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/profiles/read.c:114:12: branch_false: ...to here
authselect-1.6.2/src/lib/profiles/read.c:117:17: branch_true: following 'true' branch...
authselect-1.6.2/src/lib/profiles/read.c:118:20: branch_true: ...to here
authselect-1.6.2/src/lib/profiles/read.c:119:12: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/profiles/read.c:123:15: branch_false: ...to here
authselect-1.6.2/src/lib/profiles/read.c:123:15: call_function: calling 'authselect_profile_open_location' from 'authselect_profile_open'
authselect-1.6.2/src/lib/profiles/read.c:123:15: return_function: returning to 'authselect_profile_open' from 'authselect_profile_open_location'
authselect-1.6.2/src/lib/profiles/read.c:124:12: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/profiles/read.c:127:19: branch_false: ...to here
authselect-1.6.2/src/lib/profiles/read.c:127:19: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/profiles/read.c:132:13: branch_false: ...to here
authselect-1.6.2/src/lib/profiles/read.c:140:9: throw: if 'debug' throws an exception...
authselect-1.6.2/src/lib/profiles/read.c:140:9: danger: 'dirfd' leaks here; was opened at [(10)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/9)
#  138|           }
#  139|   
#  140|->         INFO("Profile [%s] found at [%s]", id, location);
#  141|   
#  142|           *_location = location;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def24]
authselect-1.6.2/src/lib/profiles/read.c:215:15: warning[-Wanalyzer-malloc-leak]: leak of 'name'
authselect-1.6.2/src/lib/profiles/read.c:197:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/profiles/read.c:201:15: branch_false: ...to here
authselect-1.6.2/src/lib/profiles/read.c:202:8: branch_false: following 'false' branch (when 'lineend != 0')...
authselect-1.6.2/src/lib/profiles/read.c:209:12: branch_false: ...to here
authselect-1.6.2/src/lib/profiles/read.c:209:12: acquire_memory: allocated here
authselect-1.6.2/src/lib/profiles/read.c:210:8: branch_false: following 'false' branch (when 'name' is non-NULL)...
authselect-1.6.2/src/lib/profiles/read.c:215:15: branch_false: ...to here
authselect-1.6.2/src/lib/profiles/read.c:215:15: throw: if 'string_trim' throws an exception...
authselect-1.6.2/src/lib/profiles/read.c:215:15: danger: 'name' leaks here; was allocated at [(5)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/4)
#  213|       }
#  214|   
#  215|->     trimmed = string_trim(name);
#  216|       if (trimmed == NULL) {
#  217|           ret = ENOMEM;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def25]
authselect-1.6.2/src/lib/profiles/read.c:221:9: warning[-Wanalyzer-malloc-leak]: leak of 'name'
authselect-1.6.2/src/lib/profiles/read.c:197:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/profiles/read.c:201:15: branch_false: ...to here
authselect-1.6.2/src/lib/profiles/read.c:202:8: branch_false: following 'false' branch (when 'lineend != 0')...
authselect-1.6.2/src/lib/profiles/read.c:209:12: branch_false: ...to here
authselect-1.6.2/src/lib/profiles/read.c:209:12: acquire_memory: allocated here
authselect-1.6.2/src/lib/profiles/read.c:210:8: branch_false: following 'false' branch (when 'name' is non-NULL)...
authselect-1.6.2/src/lib/profiles/read.c:215:15: branch_false: ...to here
authselect-1.6.2/src/lib/profiles/read.c:216:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/profiles/read.c:221:9: branch_false: ...to here
authselect-1.6.2/src/lib/profiles/read.c:221:9: throw: if 'string_is_empty' throws an exception...
authselect-1.6.2/src/lib/profiles/read.c:221:9: danger: 'name' leaks here; was allocated at [(5)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/4)
#  219|       }
#  220|   
#  221|->     if (string_is_empty(trimmed)) {
#  222|           ERROR("Profile [%s] does not contain a name in [%s]!",
#  223|                 location, FILE_README);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def26]
authselect-1.6.2/src/lib/profiles/read.c:222:9: warning[-Wanalyzer-malloc-leak]: leak of 'name'
authselect-1.6.2/src/lib/profiles/read.c:197:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/profiles/read.c:201:15: branch_false: ...to here
authselect-1.6.2/src/lib/profiles/read.c:202:8: branch_false: following 'false' branch (when 'lineend != 0')...
authselect-1.6.2/src/lib/profiles/read.c:209:12: branch_false: ...to here
authselect-1.6.2/src/lib/profiles/read.c:209:12: acquire_memory: allocated here
authselect-1.6.2/src/lib/profiles/read.c:210:8: branch_false: following 'false' branch (when 'name' is non-NULL)...
authselect-1.6.2/src/lib/profiles/read.c:215:15: branch_false: ...to here
authselect-1.6.2/src/lib/profiles/read.c:216:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/profiles/read.c:221:9: branch_false: ...to here
authselect-1.6.2/src/lib/profiles/read.c:221:8: branch_true: following 'true' branch...
authselect-1.6.2/src/lib/profiles/read.c:222:9: branch_true: ...to here
authselect-1.6.2/src/lib/profiles/read.c:222:9: throw: if 'debug' throws an exception...
authselect-1.6.2/src/lib/profiles/read.c:222:9: danger: 'name' leaks here; was allocated at [(5)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/4)
#  220|   
#  221|       if (string_is_empty(trimmed)) {
#  222|->         ERROR("Profile [%s] does not contain a name in [%s]!",
#  223|                 location, FILE_README);
#  224|           ret = EINVAL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def27]
authselect-1.6.2/src/lib/util/evaluator.c:187:20: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
authselect-1.6.2/src/lib/util/evaluator.c:513:9: enter_function: entry to 'evaluate'
authselect-1.6.2/src/lib/util/evaluator.c:519:8: branch_false: following 'false' branch (when 'evaluator' is non-NULL)...
authselect-1.6.2/src/lib/util/evaluator.c:523:11: branch_false: ...to here
authselect-1.6.2/src/lib/util/evaluator.c:523:11: call_function: calling 'evaluator_set_expression' from 'evaluate'
authselect-1.6.2/src/lib/util/evaluator.c:523:11: return_function: returning to 'evaluate' from 'evaluator_set_expression'
authselect-1.6.2/src/lib/util/evaluator.c:524:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/evaluator.c:528:11: branch_false: ...to here
authselect-1.6.2/src/lib/util/evaluator.c:528:11: call_function: calling 'evaluator_evaluate' from 'evaluate'
#  185|   
#  186|       len = strlen(token) - 2;
#  187|->     feature_name = format("%.*s", len, &token[1]);
#  188|       if (feature_name == NULL) {
#  189|           return ENOMEM;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def28]
authselect-1.6.2/src/lib/util/evaluator.c:187:20: warning[-Wanalyzer-malloc-leak]: leak of 'evaluator'
authselect-1.6.2/src/lib/util/evaluator.c:513:9: enter_function: entry to 'evaluate'
authselect-1.6.2/src/lib/util/evaluator.c:518:17: acquire_memory: allocated here
authselect-1.6.2/src/lib/util/evaluator.c:519:8: branch_false: following 'false' branch (when 'evaluator' is non-NULL)...
authselect-1.6.2/src/lib/util/evaluator.c:523:11: branch_false: ...to here
authselect-1.6.2/src/lib/util/evaluator.c:523:11: call_function: calling 'evaluator_set_expression' from 'evaluate'
authselect-1.6.2/src/lib/util/evaluator.c:523:11: return_function: returning to 'evaluate' from 'evaluator_set_expression'
authselect-1.6.2/src/lib/util/evaluator.c:524:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/evaluator.c:528:11: branch_false: ...to here
authselect-1.6.2/src/lib/util/evaluator.c:528:11: call_function: calling 'evaluator_evaluate' from 'evaluate'
#  185|   
#  186|       len = strlen(token) - 2;
#  187|->     feature_name = format("%.*s", len, &token[1]);
#  188|       if (feature_name == NULL) {
#  189|           return ENOMEM;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def29]
authselect-1.6.2/src/lib/util/evaluator.c:192:16: warning[-Wanalyzer-malloc-leak]: leak of 'evaluator'
authselect-1.6.2/src/lib/util/evaluator.c:513:9: enter_function: entry to 'evaluate'
authselect-1.6.2/src/lib/util/evaluator.c:518:17: acquire_memory: allocated here
authselect-1.6.2/src/lib/util/evaluator.c:519:8: branch_false: following 'false' branch (when 'evaluator' is non-NULL)...
authselect-1.6.2/src/lib/util/evaluator.c:523:11: branch_false: ...to here
authselect-1.6.2/src/lib/util/evaluator.c:523:11: call_function: calling 'evaluator_set_expression' from 'evaluate'
authselect-1.6.2/src/lib/util/evaluator.c:523:11: return_function: returning to 'evaluate' from 'evaluator_set_expression'
authselect-1.6.2/src/lib/util/evaluator.c:524:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/evaluator.c:528:11: branch_false: ...to here
authselect-1.6.2/src/lib/util/evaluator.c:528:11: call_function: calling 'evaluator_evaluate' from 'evaluate'
#  190|       }
#  191|   
#  192|->     *_result = string_array_has_value((char **)features, feature_name);
#  193|       free(feature_name);
#  194|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def30]
authselect-1.6.2/src/lib/util/file.c:313:9: warning[-Wanalyzer-malloc-leak]: leak of 'file_get_parent_directory(path)'
authselect-1.6.2/src/lib/util/file.c:454:1: enter_function: entry to 'file_copy'
authselect-1.6.2/src/lib/util/file.c:469:11: call_function: calling 'file_make_path' from 'file_copy'
#  311|   
#  312|       if (ret != EOK) {
#  313|->         ERROR("Unable to get parent directory of [%s] [%d]: %s",
#  314|                 filepath, ret, strerror(ret));
#  315|       }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def31]
authselect-1.6.2/src/lib/util/file.c:521:33: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(format("%s/%s", destdir,  destname), "w")'
authselect-1.6.2/src/lib/util/file.c:475:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/file.c:480:15: branch_false: ...to here
authselect-1.6.2/src/lib/util/file.c:483:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/file.c:488:11: branch_false: ...to here
authselect-1.6.2/src/lib/util/file.c:489:8: branch_false: following 'false' branch (when 'ret != -1')...
authselect-1.6.2/src/lib/util/file.c:494:13: branch_false: ...to here
authselect-1.6.2/src/lib/util/file.c:494:13: acquire_resource: opened here
authselect-1.6.2/src/lib/util/file.c:495:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/file.c:495:8: branch_false: ...to here
authselect-1.6.2/src/lib/util/file.c:522:8: branch_true: following 'true' branch (when 'ret != 0')...
authselect-1.6.2/src/lib/util/file.c:523:15: branch_true: ...to here
authselect-1.6.2/src/lib/util/file.c:524:9: throw: if 'debug' throws an exception...
authselect-1.6.2/src/lib/util/file.c:521:33: danger: 'fopen(format("%s/%s", destdir,  destname), "w")' leaks here; was opened at [(7)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/6)
#  519|       /* Restore original owner and mode.  Errors here are not fatal, since we
#  520|        * have the original content already stored and owned by root. */
#  521|->     ret = fchmod(fileno(fdest), statbuf.st_mode & ALLPERMS);
#  522|       if (ret != 0) {
#  523|           ret = errno;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def32]
authselect-1.6.2/src/lib/util/file.c:521:33: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(source, "r")'
authselect-1.6.2/src/lib/util/file.c:475:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/file.c:480:15: branch_false: ...to here
authselect-1.6.2/src/lib/util/file.c:482:15: acquire_resource: opened here
authselect-1.6.2/src/lib/util/file.c:483:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/file.c:488:11: branch_false: ...to here
authselect-1.6.2/src/lib/util/file.c:489:8: branch_false: following 'false' branch (when 'ret != -1')...
authselect-1.6.2/src/lib/util/file.c:494:13: branch_false: ...to here
authselect-1.6.2/src/lib/util/file.c:495:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/file.c:495:8: branch_false: ...to here
authselect-1.6.2/src/lib/util/file.c:522:8: branch_true: following 'true' branch (when 'ret != 0')...
authselect-1.6.2/src/lib/util/file.c:523:15: branch_true: ...to here
authselect-1.6.2/src/lib/util/file.c:524:9: throw: if 'debug' throws an exception...
authselect-1.6.2/src/lib/util/file.c:521:33: danger: 'fopen(source, "r")' leaks here; was opened at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#  519|       /* Restore original owner and mode.  Errors here are not fatal, since we
#  520|        * have the original content already stored and owned by root. */
#  521|->     ret = fchmod(fileno(fdest), statbuf.st_mode & ALLPERMS);
#  522|       if (ret != 0) {
#  523|           ret = errno;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def33]
authselect-1.6.2/src/lib/util/file.c:521:33: warning[-Wanalyzer-malloc-leak]: leak of 'fopen(format("%s/%s", destdir,  destname), "w")'
authselect-1.6.2/src/lib/util/file.c:475:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/file.c:480:15: branch_false: ...to here
authselect-1.6.2/src/lib/util/file.c:483:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/file.c:488:11: branch_false: ...to here
authselect-1.6.2/src/lib/util/file.c:489:8: branch_false: following 'false' branch (when 'ret != -1')...
authselect-1.6.2/src/lib/util/file.c:494:13: branch_false: ...to here
authselect-1.6.2/src/lib/util/file.c:494:13: acquire_memory: allocated here
authselect-1.6.2/src/lib/util/file.c:495:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/file.c:495:8: branch_false: ...to here
authselect-1.6.2/src/lib/util/file.c:522:8: branch_true: following 'true' branch (when 'ret != 0')...
authselect-1.6.2/src/lib/util/file.c:523:15: branch_true: ...to here
authselect-1.6.2/src/lib/util/file.c:524:9: throw: if 'debug' throws an exception...
authselect-1.6.2/src/lib/util/file.c:521:33: danger: 'fopen(format("%s/%s", destdir,  destname), "w")' leaks here; was allocated at [(7)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/6)
#  519|       /* Restore original owner and mode.  Errors here are not fatal, since we
#  520|        * have the original content already stored and owned by root. */
#  521|->     ret = fchmod(fileno(fdest), statbuf.st_mode & ALLPERMS);
#  522|       if (ret != 0) {
#  523|           ret = errno;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def34]
authselect-1.6.2/src/lib/util/file.c:521:33: warning[-Wanalyzer-malloc-leak]: leak of 'fopen(source, "r")'
authselect-1.6.2/src/lib/util/file.c:475:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/file.c:480:15: branch_false: ...to here
authselect-1.6.2/src/lib/util/file.c:482:15: acquire_memory: allocated here
authselect-1.6.2/src/lib/util/file.c:483:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/file.c:488:11: branch_false: ...to here
authselect-1.6.2/src/lib/util/file.c:489:8: branch_false: following 'false' branch (when 'ret != -1')...
authselect-1.6.2/src/lib/util/file.c:494:13: branch_false: ...to here
authselect-1.6.2/src/lib/util/file.c:495:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/file.c:495:8: branch_false: ...to here
authselect-1.6.2/src/lib/util/file.c:522:8: branch_true: following 'true' branch (when 'ret != 0')...
authselect-1.6.2/src/lib/util/file.c:523:15: branch_true: ...to here
authselect-1.6.2/src/lib/util/file.c:524:9: throw: if 'debug' throws an exception...
authselect-1.6.2/src/lib/util/file.c:521:33: danger: 'fopen(source, "r")' leaks here; was allocated at [(3)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/2)
#  519|       /* Restore original owner and mode.  Errors here are not fatal, since we
#  520|        * have the original content already stored and owned by root. */
#  521|->     ret = fchmod(fileno(fdest), statbuf.st_mode & ALLPERMS);
#  522|       if (ret != 0) {
#  523|           ret = errno;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def35]
authselect-1.6.2/src/lib/util/string.c:174:13: warning[-Wanalyzer-malloc-leak]: leak of 'token'
authselect-1.6.2/src/lib/util/string.c:181:1: enter_function: entry to 'string_explode'
authselect-1.6.2/src/lib/util/string.c:189:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/string.c:189:8: branch_false: ...to here
authselect-1.6.2/src/lib/util/string.c:194:12: branch_true: following 'true' branch (when 'pos' is non-NULL)...
authselect-1.6.2/src/lib/util/string.c:195:15: branch_true: ...to here
authselect-1.6.2/src/lib/util/string.c:196:17: call_function: calling 'string_explode_add_value' from 'string_explode'
#  172|       }
#  173|   
#  174|->     array = string_array_add_value(array, token, false);
#  175|       free(token);
#  176|   

Error: GCC_ANALYZER_WARNING (CWE-416): [#def36]
authselect-1.6.2/src/lib/util/string_array.c:100:17: warning[-Wanalyzer-use-after-free]: use after 'reallocarray' of 'array'
authselect-1.6.2/src/lib/util/string_array.c:210:1: enter_function: entry to 'string_array_concat'
authselect-1.6.2/src/lib/util/string_array.c:214:8: branch_false: following 'false' branch (when 'items' is non-NULL)...
authselect-1.6.2/src/lib/util/string_array.c:214:8: branch_false: ...to here
authselect-1.6.2/src/lib/util/string_array.c:218:17: branch_true: following 'true' branch...
authselect-1.6.2/src/lib/util/string_array.c:219:14: branch_true: ...to here
authselect-1.6.2/src/lib/util/string_array.c:219:14: call_function: calling 'string_array_add_value' from 'string_array_concat'
#   98|       }
#   99|   
#  100|->     for (i = 0; array[i] != NULL; i++) {
#  101|           free(array[i]);
#  102|       }

Error: GCC_ANALYZER_WARNING (CWE-688): [#def37]
authselect-1.6.2/src/lib/util/string_array.c:189:13: warning[-Wanalyzer-null-argument]: use of NULL '*array' where non-null expected
authselect-1.6.2/src/lib/util/string_array.c:183:8: branch_false: following 'false' branch (when 'array' is non-NULL)...
authselect-1.6.2/src/lib/util/string_array.c:187:13: branch_false: ...to here
authselect-1.6.2/src/lib/util/string_array.c:188:17: branch_true: following 'true' branch...
authselect-1.6.2/src/lib/util/string_array.c:189:25: branch_true: ...to here
authselect-1.6.2/src/lib/util/string_array.c:189:12: branch_true: following 'true' branch (when the strings are equal)...
authselect-1.6.2/src/lib/util/string_array.c:190:13: branch_true: ...to here
authselect-1.6.2/src/lib/util/string_array.c:188:17: branch_true: following 'true' branch...
authselect-1.6.2/src/lib/util/string_array.c:189:25: branch_true: ...to here
authselect-1.6.2/src/lib/util/string_array.c:189:13: release_memory: '*array' is NULL
authselect-1.6.2/src/lib/util/string_array.c:189:13: danger: argument 1 ('*<unknown>') NULL where non-null expected
#  187|       count = string_array_count(array);
#  188|       for (i = 0; i < count; i++) {
#  189|->         if (strcmp(array[i], value) == 0) {
#  190|               free(array[i]);
#  191|               array[i] = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def38]
authselect-1.6.2/src/lib/util/template.c:441:21: warning[-Wanalyzer-malloc-leak]: leak of 'output'
authselect-1.6.2/src/lib/util/template.c:514:1: enter_function: entry to 'template_generate'
authselect-1.6.2/src/lib/util/template.c:521:8: branch_false: following 'false' branch (when 'template' is non-NULL)...
authselect-1.6.2/src/lib/util/template.c:525:14: branch_false: ...to here
authselect-1.6.2/src/lib/util/template.c:525:14: acquire_memory: allocated here
authselect-1.6.2/src/lib/util/template.c:526:8: branch_false: following 'false' branch (when 'output' is non-NULL)...
authselect-1.6.2/src/lib/util/template.c:530:11: branch_false: ...to here
authselect-1.6.2/src/lib/util/template.c:530:11: call_function: calling 'template_process_operators' from 'template_generate'
#  439|       int reret;
#  440|   
#  441|->     features_copy = string_array_copy((char**)features, true);
#  442|       if (features_copy == NULL) {
#  443|           return ENOMEM;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def39]
authselect-1.6.2/src/lib/util/template.c:448:13: warning[-Wanalyzer-malloc-leak]: leak of 'output'
authselect-1.6.2/src/lib/util/template.c:514:1: enter_function: entry to 'template_generate'
authselect-1.6.2/src/lib/util/template.c:521:8: branch_false: following 'false' branch (when 'template' is non-NULL)...
authselect-1.6.2/src/lib/util/template.c:525:14: branch_false: ...to here
authselect-1.6.2/src/lib/util/template.c:525:14: acquire_memory: allocated here
authselect-1.6.2/src/lib/util/template.c:526:8: branch_false: following 'false' branch (when 'output' is non-NULL)...
authselect-1.6.2/src/lib/util/template.c:530:11: branch_false: ...to here
authselect-1.6.2/src/lib/util/template.c:530:11: call_function: calling 'template_process_operators' from 'template_generate'
#  446|       orig_len = strlen(content);
#  447|   
#  448|->     reret = regcomp(&regex, OP_RE, REG_EXTENDED | REG_NEWLINE);
#  449|       if (reret != REG_NOERROR) {
#  450|           ERROR("Unable to compile regular expression: regex error %d", reret);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def40]
authselect-1.6.2/src/lib/util/template.c:450:9: warning[-Wanalyzer-malloc-leak]: leak of 'output'
authselect-1.6.2/src/lib/util/template.c:514:1: enter_function: entry to 'template_generate'
authselect-1.6.2/src/lib/util/template.c:521:8: branch_false: following 'false' branch (when 'template' is non-NULL)...
authselect-1.6.2/src/lib/util/template.c:525:14: branch_false: ...to here
authselect-1.6.2/src/lib/util/template.c:525:14: acquire_memory: allocated here
authselect-1.6.2/src/lib/util/template.c:526:8: branch_false: following 'false' branch (when 'output' is non-NULL)...
authselect-1.6.2/src/lib/util/template.c:530:11: branch_false: ...to here
authselect-1.6.2/src/lib/util/template.c:530:11: call_function: calling 'template_process_operators' from 'template_generate'
#  448|       reret = regcomp(&regex, OP_RE, REG_EXTENDED | REG_NEWLINE);
#  449|       if (reret != REG_NOERROR) {
#  450|->         ERROR("Unable to compile regular expression: regex error %d", reret);
#  451|           string_array_free(features_copy);
#  452|           return EFAULT;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def41]
authselect-1.6.2/src/lib/util/template.c:451:9: warning[-Wanalyzer-malloc-leak]: leak of 'output'
authselect-1.6.2/src/lib/util/template.c:514:1: enter_function: entry to 'template_generate'
authselect-1.6.2/src/lib/util/template.c:521:8: branch_false: following 'false' branch (when 'template' is non-NULL)...
authselect-1.6.2/src/lib/util/template.c:525:14: branch_false: ...to here
authselect-1.6.2/src/lib/util/template.c:525:14: acquire_memory: allocated here
authselect-1.6.2/src/lib/util/template.c:526:8: branch_false: following 'false' branch (when 'output' is non-NULL)...
authselect-1.6.2/src/lib/util/template.c:530:11: branch_false: ...to here
authselect-1.6.2/src/lib/util/template.c:530:11: call_function: calling 'template_process_operators' from 'template_generate'
#  449|       if (reret != REG_NOERROR) {
#  450|           ERROR("Unable to compile regular expression: regex error %d", reret);
#  451|->         string_array_free(features_copy);
#  452|           return EFAULT;
#  453|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def42]
authselect-1.6.2/src/lib/util/template.c:456:21: warning[-Wanalyzer-malloc-leak]: leak of 'output'
authselect-1.6.2/src/lib/util/template.c:514:1: enter_function: entry to 'template_generate'
authselect-1.6.2/src/lib/util/template.c:521:8: branch_false: following 'false' branch (when 'template' is non-NULL)...
authselect-1.6.2/src/lib/util/template.c:525:14: branch_false: ...to here
authselect-1.6.2/src/lib/util/template.c:525:14: acquire_memory: allocated here
authselect-1.6.2/src/lib/util/template.c:526:8: branch_false: following 'false' branch (when 'output' is non-NULL)...
authselect-1.6.2/src/lib/util/template.c:530:11: branch_false: ...to here
authselect-1.6.2/src/lib/util/template.c:530:11: call_function: calling 'template_process_operators' from 'template_generate'
#  454|   
#  455|       match_string = content;
#  456|->     while ((reret = regexec(&regex, match_string, RE_MATCHES, m, 0)) == REG_NOERROR) {
#  457|           ret = template_process_matches(match_string, m, &op, &expression,
#  458|                                          &if_true, &if_false, &value);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def43]
authselect-1.6.2/src/lib/util/template.c:532:9: warning[-Wanalyzer-malloc-leak]: leak of 'output'
authselect-1.6.2/src/lib/util/template.c:521:8: branch_false: following 'false' branch (when 'template' is non-NULL)...
authselect-1.6.2/src/lib/util/template.c:525:14: branch_false: ...to here
authselect-1.6.2/src/lib/util/template.c:525:14: acquire_memory: allocated here
authselect-1.6.2/src/lib/util/template.c:526:8: branch_false: following 'false' branch (when 'output' is non-NULL)...
authselect-1.6.2/src/lib/util/template.c:530:11: branch_false: ...to here
authselect-1.6.2/src/lib/util/template.c:531:8: branch_true: following 'true' branch...
authselect-1.6.2/src/lib/util/template.c:532:9: branch_true: ...to here
authselect-1.6.2/src/lib/util/template.c:532:9: throw: if 'debug' throws an exception...
authselect-1.6.2/src/lib/util/template.c:532:9: danger: 'output' leaks here; was allocated at [(3)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/2)
#  530|       ret = template_process_operators(features, output);
#  531|       if (ret != EOK) {
#  532|->         ERROR("Unable to generate template [%d]: %s", ret, strerror(ret));
#  533|           free(output);
#  534|           return NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def44]
authselect-1.6.2/src/lib/util/template.c:680:18: warning[-Wanalyzer-malloc-leak]: leak of 'strdup("# Generated by authselect\012# Do not modify this file manually, use authselect instead. Any user changes will be overwritten.\012# You can stop authselect from managing your configuration by calling \'authselect opt-out\'.\012# See authselect(8) for more details.\012\012")'
authselect-1.6.2/src/lib/util/template.c:668:1: enter_function: entry to 'template_write'
authselect-1.6.2/src/lib/util/template.c:676:16: call_function: inlined call to 'template_generate_preamble' from 'template_write'
authselect-1.6.2/src/lib/util/template.c:677:8: branch_false: following 'false' branch (when 'content' is non-NULL)...
authselect-1.6.2/src/lib/util/template.c:680:18: branch_false: ...to here
authselect-1.6.2/src/lib/util/template.c:680:18: throw: if 'format' throws an exception...
authselect-1.6.2/src/lib/util/template.c:680:18: danger: 'strdup("# Generated by authselect\012# Do not modify this file manually, use authselect instead. Any user changes will be overwritten.\012# You can stop authselect from managing your configuration by calling \'authselect opt-out\'.\012# See authselect(8) for more details.\012\012")' leaks here; was allocated at [(3)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/2)
#  678|           output = preamble;
#  679|       } else {
#  680|->         output = format("%s%s", preamble, content);
#  681|           free(preamble);
#  682|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def45]
authselect-1.6.2/src/lib/util/template.c:688:11: warning[-Wanalyzer-malloc-leak]: leak of 'output'
authselect-1.6.2/src/lib/util/template.c:668:1: enter_function: entry to 'template_write'
authselect-1.6.2/src/lib/util/template.c:676:16: call_function: inlined call to 'template_generate_preamble' from 'template_write'
authselect-1.6.2/src/lib/util/template.c:677:8: branch_true: following 'true' branch (when 'content' is NULL)...
authselect-1.6.2/src/lib/util/template.c:684:8: branch_true: ...to here
authselect-1.6.2/src/lib/util/template.c:684:8: branch_false: following 'false' branch (when 'output' is non-NULL)...
authselect-1.6.2/src/lib/util/template.c:688:11: branch_false: ...to here
authselect-1.6.2/src/lib/util/template.c:688:11: throw: if 'textfile_write' throws an exception...
authselect-1.6.2/src/lib/util/template.c:688:11: danger: 'output' leaks here; was allocated at [(3)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/2)
#  686|       }
#  687|   
#  688|->     ret = textfile_write(filepath, output, mode);
#  689|       free(output);
#  690|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def46]
authselect-1.6.2/src/lib/util/textfile.c:43:11: warning[-Wanalyzer-malloc-leak]: leak of 'file'
authselect-1.6.2/src/lib/util/textfile.c:108:1: enter_function: entry to 'textfile_read_dirfd'
authselect-1.6.2/src/lib/util/textfile.c:119:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/textfile.c:123:12: branch_false: ...to here
authselect-1.6.2/src/lib/util/textfile.c:123:12: acquire_memory: allocated here
authselect-1.6.2/src/lib/util/textfile.c:124:8: branch_false: following 'false' branch (when 'file' is non-NULL)...
authselect-1.6.2/src/lib/util/textfile.c:130:12: branch_false: ...to here
authselect-1.6.2/src/lib/util/textfile.c:130:12: call_function: calling 'textfile_read_content' from 'textfile_read_dirfd'
#   41|       errno_t ret;
#   42|   
#   43|->     ret = fseek(file, 0, SEEK_END);
#   44|       if (ret != 0) {
#   45|           ret = errno;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def47]
authselect-1.6.2/src/lib/util/textfile.c:44:8: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(filepath, "r")'
authselect-1.6.2/src/lib/util/textfile.c:93:1: enter_function: entry to 'textfile_read'
authselect-1.6.2/src/lib/util/textfile.c:99:12: acquire_resource: opened here
authselect-1.6.2/src/lib/util/textfile.c:100:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/textfile.c:104:12: branch_false: ...to here
authselect-1.6.2/src/lib/util/textfile.c:104:12: call_function: calling 'textfile_read_content' from 'textfile_read'
#   42|   
#   43|       ret = fseek(file, 0, SEEK_END);
#   44|->     if (ret != 0) {
#   45|           ret = errno;
#   46|           goto done;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def48]
authselect-1.6.2/src/lib/util/textfile.c:44:8: warning[-Wanalyzer-malloc-leak]: leak of 'fopen(filepath, "r")'
authselect-1.6.2/src/lib/util/textfile.c:93:1: enter_function: entry to 'textfile_read'
authselect-1.6.2/src/lib/util/textfile.c:99:12: acquire_memory: allocated here
authselect-1.6.2/src/lib/util/textfile.c:100:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/textfile.c:104:12: branch_false: ...to here
authselect-1.6.2/src/lib/util/textfile.c:104:12: call_function: calling 'textfile_read_content' from 'textfile_read'
#   42|   
#   43|       ret = fseek(file, 0, SEEK_END);
#   44|->     if (ret != 0) {
#   45|           ret = errno;
#   46|           goto done;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def49]
authselect-1.6.2/src/lib/util/textfile.c:49:15: warning[-Wanalyzer-malloc-leak]: leak of 'file'
authselect-1.6.2/src/lib/util/textfile.c:108:1: enter_function: entry to 'textfile_read_dirfd'
authselect-1.6.2/src/lib/util/textfile.c:119:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/textfile.c:123:12: branch_false: ...to here
authselect-1.6.2/src/lib/util/textfile.c:123:12: acquire_memory: allocated here
authselect-1.6.2/src/lib/util/textfile.c:124:8: branch_false: following 'false' branch (when 'file' is non-NULL)...
authselect-1.6.2/src/lib/util/textfile.c:130:12: branch_false: ...to here
authselect-1.6.2/src/lib/util/textfile.c:130:12: call_function: calling 'textfile_read_content' from 'textfile_read_dirfd'
#   47|       }
#   48|   
#   49|->     filelen = ftell(file);
#   50|       if (filelen == -1) {
#   51|           ret = errno;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def50]
authselect-1.6.2/src/lib/util/textfile.c:50:8: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(filepath, "r")'
authselect-1.6.2/src/lib/util/textfile.c:93:1: enter_function: entry to 'textfile_read'
authselect-1.6.2/src/lib/util/textfile.c:99:12: acquire_resource: opened here
authselect-1.6.2/src/lib/util/textfile.c:100:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/textfile.c:104:12: branch_false: ...to here
authselect-1.6.2/src/lib/util/textfile.c:104:12: call_function: calling 'textfile_read_content' from 'textfile_read'
#   48|   
#   49|       filelen = ftell(file);
#   50|->     if (filelen == -1) {
#   51|           ret = errno;
#   52|           goto done;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def51]
authselect-1.6.2/src/lib/util/textfile.c:50:8: warning[-Wanalyzer-malloc-leak]: leak of 'fopen(filepath, "r")'
authselect-1.6.2/src/lib/util/textfile.c:93:1: enter_function: entry to 'textfile_read'
authselect-1.6.2/src/lib/util/textfile.c:99:12: acquire_memory: allocated here
authselect-1.6.2/src/lib/util/textfile.c:100:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/textfile.c:104:12: branch_false: ...to here
authselect-1.6.2/src/lib/util/textfile.c:104:12: call_function: calling 'textfile_read_content' from 'textfile_read'
#   48|   
#   49|       filelen = ftell(file);
#   50|->     if (filelen == -1) {
#   51|           ret = errno;
#   52|           goto done;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def52]
authselect-1.6.2/src/lib/util/textfile.c:55:19: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(filepath, "r")'
authselect-1.6.2/src/lib/util/textfile.c:93:1: enter_function: entry to 'textfile_read'
authselect-1.6.2/src/lib/util/textfile.c:99:12: acquire_resource: opened here
authselect-1.6.2/src/lib/util/textfile.c:100:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/textfile.c:104:12: branch_false: ...to here
authselect-1.6.2/src/lib/util/textfile.c:104:12: call_function: calling 'textfile_read_content' from 'textfile_read'
#   53|       }
#   54|   
#   55|->     if (filelen > limit_KiB * 1024) {
#   56|           ERROR("File [%s] is bigger than %uKiB!", filename, limit_KiB);
#   57|           ret = ERANGE;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def53]
authselect-1.6.2/src/lib/util/textfile.c:55:19: warning[-Wanalyzer-malloc-leak]: leak of 'fopen(filepath, "r")'
authselect-1.6.2/src/lib/util/textfile.c:93:1: enter_function: entry to 'textfile_read'
authselect-1.6.2/src/lib/util/textfile.c:99:12: acquire_memory: allocated here
authselect-1.6.2/src/lib/util/textfile.c:100:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/textfile.c:104:12: branch_false: ...to here
authselect-1.6.2/src/lib/util/textfile.c:104:12: call_function: calling 'textfile_read_content' from 'textfile_read'
#   53|       }
#   54|   
#   55|->     if (filelen > limit_KiB * 1024) {
#   56|           ERROR("File [%s] is bigger than %uKiB!", filename, limit_KiB);
#   57|           ret = ERANGE;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def54]
authselect-1.6.2/src/lib/util/textfile.c:56:9: warning[-Wanalyzer-malloc-leak]: leak of 'file'
authselect-1.6.2/src/lib/util/textfile.c:108:1: enter_function: entry to 'textfile_read_dirfd'
authselect-1.6.2/src/lib/util/textfile.c:119:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/textfile.c:123:12: branch_false: ...to here
authselect-1.6.2/src/lib/util/textfile.c:123:12: acquire_memory: allocated here
authselect-1.6.2/src/lib/util/textfile.c:124:8: branch_false: following 'false' branch (when 'file' is non-NULL)...
authselect-1.6.2/src/lib/util/textfile.c:130:12: branch_false: ...to here
authselect-1.6.2/src/lib/util/textfile.c:130:12: call_function: calling 'textfile_read_content' from 'textfile_read_dirfd'
#   54|   
#   55|       if (filelen > limit_KiB * 1024) {
#   56|->         ERROR("File [%s] is bigger than %uKiB!", filename, limit_KiB);
#   57|           ret = ERANGE;
#   58|           goto done;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def55]
authselect-1.6.2/src/lib/util/textfile.c:61:5: warning[-Wanalyzer-malloc-leak]: leak of 'file'
authselect-1.6.2/src/lib/util/textfile.c:108:1: enter_function: entry to 'textfile_read_dirfd'
authselect-1.6.2/src/lib/util/textfile.c:119:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/textfile.c:123:12: branch_false: ...to here
authselect-1.6.2/src/lib/util/textfile.c:123:12: acquire_memory: allocated here
authselect-1.6.2/src/lib/util/textfile.c:124:8: branch_false: following 'false' branch (when 'file' is non-NULL)...
authselect-1.6.2/src/lib/util/textfile.c:130:12: branch_false: ...to here
authselect-1.6.2/src/lib/util/textfile.c:130:12: call_function: calling 'textfile_read_content' from 'textfile_read_dirfd'
#   59|       }
#   60|   
#   61|->     rewind(file);
#   62|   
#   63|       buffer = malloc_zero_array(char, filelen + 1);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def56]
authselect-1.6.2/src/lib/util/textfile.c:167:9: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(filepath, "w")'
authselect-1.6.2/src/lib/util/textfile.c:144:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/textfile.c:155:12: acquire_resource: opened here
authselect-1.6.2/src/lib/util/textfile.c:156:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/textfile.c:163:11: branch_false: ...to here
authselect-1.6.2/src/lib/util/textfile.c:165:8: branch_true: following 'true' branch...
authselect-1.6.2/src/lib/util/textfile.c:166:15: branch_true: ...to here
authselect-1.6.2/src/lib/util/textfile.c:167:9: throw: if 'debug' throws an exception...
authselect-1.6.2/src/lib/util/textfile.c:167:9: danger: 'fopen(filepath, "w")' leaks here; was opened at [(3)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/2)
#  165|       if (written != len) {
#  166|           ret = errno;
#  167|->         ERROR("Unable to write data [%s] [%d]: %s",
#  168|                 filepath, ret, strerror(ret));
#  169|           goto done;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def57]
authselect-1.6.2/src/lib/util/textfile.c:167:9: warning[-Wanalyzer-malloc-leak]: leak of 'fopen(filepath, "w")'
authselect-1.6.2/src/lib/util/textfile.c:144:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/textfile.c:155:12: acquire_memory: allocated here
authselect-1.6.2/src/lib/util/textfile.c:156:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/textfile.c:163:11: branch_false: ...to here
authselect-1.6.2/src/lib/util/textfile.c:165:8: branch_true: following 'true' branch...
authselect-1.6.2/src/lib/util/textfile.c:166:15: branch_true: ...to here
authselect-1.6.2/src/lib/util/textfile.c:167:9: throw: if 'debug' throws an exception...
authselect-1.6.2/src/lib/util/textfile.c:167:9: danger: 'fopen(filepath, "w")' leaks here; was allocated at [(3)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/2)
#  165|       if (written != len) {
#  166|           ret = errno;
#  167|->         ERROR("Unable to write data [%s] [%d]: %s",
#  168|                 filepath, ret, strerror(ret));
#  169|           goto done;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def58]
authselect-1.6.2/src/lib/util/textfile.c:175:9: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(filepath, "w")'
authselect-1.6.2/src/lib/util/textfile.c:144:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/textfile.c:155:12: acquire_resource: opened here
authselect-1.6.2/src/lib/util/textfile.c:156:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/textfile.c:163:11: branch_false: ...to here
authselect-1.6.2/src/lib/util/textfile.c:165:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/textfile.c:172:11: branch_false: ...to here
authselect-1.6.2/src/lib/util/textfile.c:173:8: branch_true: following 'true' branch (when 'ret != 0')...
authselect-1.6.2/src/lib/util/textfile.c:174:15: branch_true: ...to here
authselect-1.6.2/src/lib/util/textfile.c:175:9: throw: if 'debug' throws an exception...
authselect-1.6.2/src/lib/util/textfile.c:175:9: danger: 'fopen(filepath, "w")' leaks here; was opened at [(3)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/2)
#  173|       if (ret != 0) {
#  174|           ret = errno;
#  175|->         ERROR("Unable to chmod file [%s] [%d]: %s",
#  176|                 filepath, ret, strerror(ret));
#  177|           goto done;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def59]
authselect-1.6.2/src/lib/util/textfile.c:175:9: warning[-Wanalyzer-malloc-leak]: leak of 'fopen(filepath, "w")'
authselect-1.6.2/src/lib/util/textfile.c:144:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/textfile.c:155:12: acquire_memory: allocated here
authselect-1.6.2/src/lib/util/textfile.c:156:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/textfile.c:163:11: branch_false: ...to here
authselect-1.6.2/src/lib/util/textfile.c:165:8: branch_false: following 'false' branch...
authselect-1.6.2/src/lib/util/textfile.c:172:11: branch_false: ...to here
authselect-1.6.2/src/lib/util/textfile.c:173:8: branch_true: following 'true' branch (when 'ret != 0')...
authselect-1.6.2/src/lib/util/textfile.c:174:15: branch_true: ...to here
authselect-1.6.2/src/lib/util/textfile.c:175:9: throw: if 'debug' throws an exception...
authselect-1.6.2/src/lib/util/textfile.c:175:9: danger: 'fopen(filepath, "w")' leaks here; was allocated at [(3)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/2)
#  173|       if (ret != 0) {
#  174|           ret = errno;
#  175|->         ERROR("Unable to chmod file [%s] [%d]: %s",
#  176|                 filepath, ret, strerror(ret));
#  177|           goto done;
Scan Properties

analyzer-version-clippy	1.92.0
analyzer-version-cppcheck	2.19.1
analyzer-version-gcc	16.0.0
analyzer-version-gcc-analyzer	16.0.0
analyzer-version-shellcheck	0.11.0
analyzer-version-unicontrol	0.0.2
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-153.us-west-2.compute.internal
known-false-positives	/usr/share/csmock/known-false-positives.js
known-false-positives-rpm	known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch
mock-config	fedora-rawhide-x86_64
project-name	authselect-1.6.2-1.fc44
store-results-to	/tmp/tmpd1k5y669/authselect-1.6.2-1.fc44.tar.xz
time-created	2026-01-08 15:31:10
time-finished	2026-01-08 15:33:35
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmpd1k5y669/authselect-1.6.2-1.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpd1k5y669/authselect-1.6.2-1.fc44.src.rpm'
tool-version	csmock-3.8.3.20251215.161544.g62de9a5-1.el9