Error: GCC_ANALYZER_WARNING (CWE-401): [#def1] bluez-5.85/client/player.c:5353:13: warning[-Wanalyzer-malloc-leak]: leak of ‘bcode’ bluez-5.85/client/player.c:5340:12: branch_false: following ‘false’ branch... bluez-5.85/client/player.c:5347:20: branch_true: following ‘true’ branch... bluez-5.85/client/player.c:5348:44: branch_true: ...to here bluez-5.85/client/player.c:5348:44: acquire_memory: allocated here bluez-5.85/client/player.c:5353:13: throw: if ‘g_dbus_proxy_set_property_dict’ throws an exception... bluez-5.85/client/player.c:5353:13: danger: ‘bcode’ leaks here; was allocated at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4) # 5351| } # 5352| # 5353|-> if (g_dbus_proxy_set_property_dict(args->proxy, "QoS", # 5354| set_bcode_cb, user_data, # 5355| NULL, "BCode", DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE, Error: GCC_ANALYZER_WARNING (CWE-476): [#def2] bluez-5.85/emulator/btdev.c:6321:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘acl’ bluez-5.85/emulator/btdev.c:6283:12: enter_function: entry to ‘cmd_past’ bluez-5.85/emulator/btdev.c:6318:9: call_function: calling ‘cmd_complete’ from ‘cmd_past’ bluez-5.85/emulator/btdev.c:6318:9: return_function: returning to ‘cmd_past’ from ‘cmd_complete’ bluez-5.85/emulator/btdev.c:6320:12: branch_true: following ‘true’ branch... bluez-5.85/emulator/btdev.c:6321:17: branch_true: ...to here bluez-5.85/emulator/btdev.c:6321:17: danger: dereference of NULL ‘acl’ # 6319| # 6320| if (rsp.status == BT_HCI_ERR_SUCCESS) # 6321|-> le_past_received(acl->link, pa); # 6322| # 6323| return 0; Error: CPPCHECK_WARNING (CWE-476): [#def3] bluez-5.85/profiles/audio/bass.c:969: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: addr # 967| # 968| addr = malloc(sizeof(*addr) + sizeof(*addr->iso_bc)); # 969|-> memset(addr, 0, sizeof(*addr) + sizeof(*addr->iso_bc)); # 970| addr->iso_family = AF_BLUETOOTH; # 971| Error: CPPCHECK_WARNING (CWE-476): [#def4] bluez-5.85/profiles/audio/bass.c:970: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: addr # 968| addr = malloc(sizeof(*addr) + sizeof(*addr->iso_bc)); # 969| memset(addr, 0, sizeof(*addr) + sizeof(*addr->iso_bc)); # 970|-> addr->iso_family = AF_BLUETOOTH; # 971| # 972| bacpy(&addr->iso_bc->bc_bdaddr, (void *) device_get_address(device)); Error: GCC_ANALYZER_WARNING (CWE-476): [#def5] bluez-5.85/profiles/audio/bass.c:970:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘addr’ bluez-5.85/profiles/audio/bass.c:942:12: branch_false: following ‘false’ branch... bluez-5.85/profiles/audio/bass.c:947:14: branch_false: ...to here bluez-5.85/profiles/audio/bass.c:948:12: branch_false: following ‘false’ branch... bluez-5.85/profiles/audio/bass.c:951:12: branch_false: ...to here bluez-5.85/profiles/audio/bass.c:968:16: acquire_memory: this call could return NULL bluez-5.85/profiles/audio/bass.c:970:9: danger: ‘addr’ could be NULL: unchecked value from [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4) # 968| addr = malloc(sizeof(*addr) + sizeof(*addr->iso_bc)); # 969| memset(addr, 0, sizeof(*addr) + sizeof(*addr->iso_bc)); # 970|-> addr->iso_family = AF_BLUETOOTH; # 971| # 972| bacpy(&addr->iso_bc->bc_bdaddr, (void *) device_get_address(device)); Error: GCC_ANALYZER_WARNING (CWE-401): [#def6] bluez-5.85/profiles/audio/bass.c:972:9: warning[-Wanalyzer-malloc-leak]: leak of ‘addr’ bluez-5.85/profiles/audio/bass.c:942:12: branch_false: following ‘false’ branch... bluez-5.85/profiles/audio/bass.c:947:14: branch_false: ...to here bluez-5.85/profiles/audio/bass.c:948:12: branch_false: following ‘false’ branch... bluez-5.85/profiles/audio/bass.c:951:12: branch_false: ...to here bluez-5.85/profiles/audio/bass.c:968:16: acquire_memory: allocated here bluez-5.85/profiles/audio/bass.c:972:9: throw: if ‘device_get_address’ throws an exception... bluez-5.85/profiles/audio/bass.c:972:9: danger: ‘addr’ leaks here; was allocated at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4) # 970| addr->iso_family = AF_BLUETOOTH; # 971| # 972|-> bacpy(&addr->iso_bc->bc_bdaddr, (void *) device_get_address(device)); # 973| addr->iso_bc->bc_bdaddr_type = device_get_le_address_type(device); # 974| Error: CPPCHECK_WARNING (CWE-476): [#def7] bluez-5.85/profiles/audio/bass.c:973: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: addr # 971| # 972| bacpy(&addr->iso_bc->bc_bdaddr, (void *) device_get_address(device)); # 973|-> addr->iso_bc->bc_bdaddr_type = device_get_le_address_type(device); # 974| # 975| err = bind(sk, (struct sockaddr *) addr, sizeof(*addr) + Error: GCC_ANALYZER_WARNING (CWE-401): [#def8] bluez-5.85/profiles/audio/bass.c:973:40: warning[-Wanalyzer-malloc-leak]: leak of ‘addr’ bluez-5.85/profiles/audio/bass.c:942:12: branch_false: following ‘false’ branch... bluez-5.85/profiles/audio/bass.c:947:14: branch_false: ...to here bluez-5.85/profiles/audio/bass.c:948:12: branch_false: following ‘false’ branch... bluez-5.85/profiles/audio/bass.c:951:12: branch_false: ...to here bluez-5.85/profiles/audio/bass.c:968:16: acquire_memory: allocated here bluez-5.85/profiles/audio/bass.c:973:40: throw: if ‘device_get_le_address_type’ throws an exception... bluez-5.85/profiles/audio/bass.c:973:40: danger: ‘addr’ leaks here; was allocated at [(5)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/4) # 971| # 972| bacpy(&addr->iso_bc->bc_bdaddr, (void *) device_get_address(device)); # 973|-> addr->iso_bc->bc_bdaddr_type = device_get_le_address_type(device); # 974| # 975| err = bind(sk, (struct sockaddr *) addr, sizeof(*addr) + Error: GCC_ANALYZER_WARNING (CWE-775): [#def9] bluez-5.85/tools/6lowpan-tester.c:212:15: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(&path, 1)’ bluez-5.85/tools/6lowpan-tester.c:200:12: branch_false: following ‘false’ branch... bluez-5.85/tools/6lowpan-tester.c:203:9: branch_false: ...to here bluez-5.85/tools/6lowpan-tester.c:208:14: acquire_resource: opened here bluez-5.85/tools/6lowpan-tester.c:209:12: branch_false: following ‘false’ branch... bluez-5.85/tools/6lowpan-tester.c:212:15: branch_false: ...to here bluez-5.85/tools/6lowpan-tester.c:212:15: throw: if ‘write’ throws an exception... bluez-5.85/tools/6lowpan-tester.c:212:15: danger: ‘open(&path, 1)’ leaks here; was opened at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2) # 210| return -EIO; # 211| # 212|-> ret = write(fd, cmd, len); # 213| if (ret == len) # 214| tester_print("%s: OK", filename); Error: GCC_ANALYZER_WARNING (CWE-775): [#def10] bluez-5.85/tools/6lowpan-tester.c:443:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’ bluez-5.85/tools/6lowpan-tester.c:426:14: acquire_resource: socket created here bluez-5.85/tools/6lowpan-tester.c:427:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)... bluez-5.85/tools/6lowpan-tester.c:432:9: branch_false: ...to here bluez-5.85/tools/6lowpan-tester.c:434:12: branch_false: following ‘false’ branch... bluez-5.85/tools/6lowpan-tester.c:439:9: branch_false: ...to here bluez-5.85/tools/6lowpan-tester.c:442:13: acquire_resource: socket created here bluez-5.85/tools/6lowpan-tester.c:442:12: branch_true: following ‘true’ branch... bluez-5.85/tools/6lowpan-tester.c:443:17: branch_true: ...to here bluez-5.85/tools/6lowpan-tester.c:443:17: throw: if ‘tester_print’ throws an exception... bluez-5.85/tools/6lowpan-tester.c:443:17: danger: ‘sk’ leaks here # 441| sa.sll_protocol = 0; # 442| if (bind(sk, (struct sockaddr *)&sa, sizeof(sa)) < 0) { # 443|-> tester_print("bind: %m"); # 444| goto error; # 445| } Error: GCC_ANALYZER_WARNING (CWE-775): [#def11] bluez-5.85/tools/6lowpan-tester.c:471:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’ bluez-5.85/tools/6lowpan-tester.c:426:14: acquire_resource: socket created here bluez-5.85/tools/6lowpan-tester.c:427:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)... bluez-5.85/tools/6lowpan-tester.c:432:9: branch_false: ...to here bluez-5.85/tools/6lowpan-tester.c:434:12: branch_false: following ‘false’ branch... bluez-5.85/tools/6lowpan-tester.c:439:9: branch_false: ...to here bluez-5.85/tools/6lowpan-tester.c:442:13: acquire_resource: socket created here bluez-5.85/tools/6lowpan-tester.c:442:12: branch_true: following ‘true’ branch... bluez-5.85/tools/6lowpan-tester.c:443:17: branch_true: ...to here bluez-5.85/tools/6lowpan-tester.c:470:12: branch_true: following ‘true’ branch (when ‘sk >= 0’)... bluez-5.85/tools/6lowpan-tester.c:471:17: branch_true: ...to here bluez-5.85/tools/6lowpan-tester.c:471:17: throw: if ‘close’ throws an exception... bluez-5.85/tools/6lowpan-tester.c:471:17: danger: ‘sk’ leaks here # 469| error: # 470| if (sk >= 0) # 471|-> close(sk); # 472| return -EIO; # 473| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def12] bluez-5.85/tools/6lowpan-tester.c:650:9: warning[-Wanalyzer-malloc-leak]: leak of ‘user’ bluez-5.85/tools/6lowpan-tester.c:650:9: acquire_memory: allocated here bluez-5.85/tools/6lowpan-tester.c:650:9: branch_false: following ‘false’ branch (when ‘user’ is non-NULL)... bluez-5.85/tools/6lowpan-tester.c:650:9: branch_false: ...to here bluez-5.85/tools/6lowpan-tester.c:650:9: throw: if ‘tester_add_full’ throws an exception... bluez-5.85/tools/6lowpan-tester.c:650:9: danger: ‘user’ leaks here; was allocated at [(1)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/0) # 648| tester_init(&argc, &argv); # 649| # 650|-> test_6lowpan("Basic Framework - Success", NULL, setup_powered_client, # 651| test_framework); # 652| Error: GCC_ANALYZER_WARNING (CWE-401): [#def13] bluez-5.85/tools/6lowpan-tester.c:653:9: warning[-Wanalyzer-malloc-leak]: leak of ‘user’ bluez-5.85/tools/6lowpan-tester.c:650:9: acquire_memory: allocated here bluez-5.85/tools/6lowpan-tester.c:650:9: branch_true: following ‘true’ branch (when ‘user’ is NULL)... bluez-5.85/tools/6lowpan-tester.c:653:9: branch_true: ...to here bluez-5.85/tools/6lowpan-tester.c:653:9: acquire_memory: allocated here bluez-5.85/tools/6lowpan-tester.c:653:9: branch_false: following ‘false’ branch (when ‘user’ is non-NULL)... bluez-5.85/tools/6lowpan-tester.c:653:9: branch_false: ...to here bluez-5.85/tools/6lowpan-tester.c:653:9: throw: if ‘tester_add_full’ throws an exception... bluez-5.85/tools/6lowpan-tester.c:653:9: danger: ‘user’ leaks here; was allocated at [(4)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/3) # 651| test_framework); # 652| # 653|-> test_6lowpan("Client Connect - Terminate", &client_connect_terminate, # 654| setup_powered_client, # 655| test_connect); Error: GCC_ANALYZER_WARNING (CWE-401): [#def14] bluez-5.85/tools/6lowpan-tester.c:657:9: warning[-Wanalyzer-malloc-leak]: leak of ‘user’ bluez-5.85/tools/6lowpan-tester.c:650:9: acquire_memory: allocated here bluez-5.85/tools/6lowpan-tester.c:650:9: branch_true: following ‘true’ branch (when ‘user’ is NULL)... bluez-5.85/tools/6lowpan-tester.c:653:9: branch_true: ...to here bluez-5.85/tools/6lowpan-tester.c:653:9: acquire_memory: allocated here bluez-5.85/tools/6lowpan-tester.c:653:9: branch_true: following ‘true’ branch (when ‘user’ is NULL)... bluez-5.85/tools/6lowpan-tester.c:657:9: branch_true: ...to here bluez-5.85/tools/6lowpan-tester.c:657:9: acquire_memory: allocated here bluez-5.85/tools/6lowpan-tester.c:657:9: branch_false: following ‘false’ branch (when ‘user’ is non-NULL)... bluez-5.85/tools/6lowpan-tester.c:657:9: branch_false: ...to here bluez-5.85/tools/6lowpan-tester.c:657:9: throw: if ‘tester_add_full’ throws an exception... bluez-5.85/tools/6lowpan-tester.c:657:9: danger: ‘user’ leaks here; was allocated at [(7)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/6) # 655| test_connect); # 656| # 657|-> test_6lowpan("Client Connect - Disable", &client_connect_disable, # 658| setup_powered_client, # 659| test_connect); Error: GCC_ANALYZER_WARNING (CWE-401): [#def15] bluez-5.85/tools/6lowpan-tester.c:661:9: warning[-Wanalyzer-malloc-leak]: leak of ‘user’ bluez-5.85/tools/6lowpan-tester.c:650:9: acquire_memory: allocated here bluez-5.85/tools/6lowpan-tester.c:650:9: branch_true: following ‘true’ branch (when ‘user’ is NULL)... bluez-5.85/tools/6lowpan-tester.c:653:9: branch_true: ...to here bluez-5.85/tools/6lowpan-tester.c:653:9: acquire_memory: allocated here bluez-5.85/tools/6lowpan-tester.c:653:9: branch_true: following ‘true’ branch (when ‘user’ is NULL)... bluez-5.85/tools/6lowpan-tester.c:657:9: branch_true: ...to here bluez-5.85/tools/6lowpan-tester.c:657:9: acquire_memory: allocated here bluez-5.85/tools/6lowpan-tester.c:657:9: branch_true: following ‘true’ branch (when ‘user’ is NULL)... bluez-5.85/tools/6lowpan-tester.c:661:9: branch_true: ...to here bluez-5.85/tools/6lowpan-tester.c:661:9: acquire_memory: allocated here bluez-5.85/tools/6lowpan-tester.c:661:9: branch_false: following ‘false’ branch (when ‘user’ is non-NULL)... bluez-5.85/tools/6lowpan-tester.c:661:9: branch_false: ...to here bluez-5.85/tools/6lowpan-tester.c:661:9: throw: if ‘tester_add_full’ throws an exception... bluez-5.85/tools/6lowpan-tester.c:661:9: danger: ‘user’ leaks here; was allocated at [(10)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/9) # 659| test_connect); # 660| # 661|-> test_6lowpan("Client Connect - Disconnect", &client_connect_disconnect, # 662| setup_powered_client, # 663| test_connect); Error: GCC_ANALYZER_WARNING (CWE-401): [#def16] bluez-5.85/tools/6lowpan-tester.c:665:9: warning[-Wanalyzer-malloc-leak]: leak of ‘user’ bluez-5.85/tools/6lowpan-tester.c:650:9: acquire_memory: allocated here bluez-5.85/tools/6lowpan-tester.c:650:9: branch_true: following ‘true’ branch (when ‘user’ is NULL)... bluez-5.85/tools/6lowpan-tester.c:653:9: branch_true: ...to here bluez-5.85/tools/6lowpan-tester.c:653:9: acquire_memory: allocated here bluez-5.85/tools/6lowpan-tester.c:653:9: branch_true: following ‘true’ branch (when ‘user’ is NULL)... bluez-5.85/tools/6lowpan-tester.c:657:9: branch_true: ...to here bluez-5.85/tools/6lowpan-tester.c:657:9: acquire_memory: allocated here bluez-5.85/tools/6lowpan-tester.c:657:9: branch_true: following ‘true’ branch (when ‘user’ is NULL)... bluez-5.85/tools/6lowpan-tester.c:661:9: branch_true: ...to here bluez-5.85/tools/6lowpan-tester.c:661:9: acquire_memory: allocated here bluez-5.85/tools/6lowpan-tester.c:661:9: branch_true: following ‘true’ branch (when ‘user’ is NULL)... bluez-5.85/tools/6lowpan-tester.c:665:9: branch_true: ...to here bluez-5.85/tools/6lowpan-tester.c:665:9: acquire_memory: allocated here bluez-5.85/tools/6lowpan-tester.c:665:9: branch_false: following ‘false’ branch (when ‘user’ is non-NULL)... bluez-5.85/tools/6lowpan-tester.c:665:9: branch_false: ...to here bluez-5.85/tools/6lowpan-tester.c:665:9: throw: if ‘tester_add_full’ throws an exception... bluez-5.85/tools/6lowpan-tester.c:665:9: danger: ‘user’ leaks here; was allocated at [(13)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/12) # 663| test_connect); # 664| # 665|-> test_6lowpan("Client Recv Dgram - Success", &client_recv_dgram, # 666| setup_powered_client, # 667| test_connect); Error: CPPCHECK_WARNING (CWE-476): [#def17] bluez-5.85/tools/iso-tester.c:3367: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: addr # 3365| if (isodata->pa_bind) { # 3366| addr = malloc(sizeof(*addr) + sizeof(*addr->iso_bc)); # 3367|-> memset(addr, 0, sizeof(*addr) + sizeof(*addr->iso_bc)); # 3368| addr->iso_family = AF_BLUETOOTH; # 3369| Error: CPPCHECK_WARNING (CWE-476): [#def18] bluez-5.85/tools/iso-tester.c:3368: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: addr # 3366| addr = malloc(sizeof(*addr) + sizeof(*addr->iso_bc)); # 3367| memset(addr, 0, sizeof(*addr) + sizeof(*addr->iso_bc)); # 3368|-> addr->iso_family = AF_BLUETOOTH; # 3369| # 3370| addr->iso_bc->bc_num_bis = 1;
| analyzer-version-clippy | 1.92.0 |
| analyzer-version-cppcheck | 2.19.1 |
| analyzer-version-gcc | 16.0.0 |
| analyzer-version-gcc-analyzer | 16.0.0 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.92.0 |
| diffbase-analyzer-version-cppcheck | 2.19.1 |
| diffbase-analyzer-version-gcc | 16.0.0 |
| diffbase-analyzer-version-gcc-analyzer | 16.0.0 |
| diffbase-analyzer-version-shellcheck | 0.11.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-13.us-west-2.compute.internal |
| diffbase-known-false-positives | /usr/share/csmock/known-false-positives.js |
| diffbase-known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| diffbase-mock-config | fedora-rawhide-x86_64 |
| diffbase-project-name | bluez-5.84-2.fc43 |
| diffbase-store-results-to | /tmp/tmpi5aaq798/bluez-5.84-2.fc43.tar.xz |
| diffbase-time-created | 2026-01-08 15:31:04 |
| diffbase-time-finished | 2026-01-08 15:35:37 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmpi5aaq798/bluez-5.84-2.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpi5aaq798/bluez-5.84-2.fc43.src.rpm' |
| diffbase-tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-13.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | bluez-5.85-1.fc44 |
| store-results-to | /tmp/tmp_x13q01u/bluez-5.85-1.fc44.tar.xz |
| time-created | 2026-01-08 15:36:33 |
| time-finished | 2026-01-08 15:40:39 |
| title | Newly introduced findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmp_x13q01u/bluez-5.85-1.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmp_x13q01u/bluez-5.85-1.fc44.src.rpm' |
| tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |