certmonger-0.79.21-1.fc44

List of Findings

Error: COMPILER_WARNING (CWE-563): [#def1]
certmonger-0.79.21/src/cadata.c: scope_hint: In function ‘fetch’
certmonger-0.79.21/src/cadata.c:78:62: warning[-Wunused-parameter]: unused parameter ‘entry’
#   78 | fetch(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry, void *data)
#      |                                       ~~~~~~~~~~~~~~~~~~~~~~~^~~~~
#   76|   /* Callback that just runs the helper to gather the specified data. */
#   77|   static int
#   78|-> fetch(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry, void *data)
#   79|   {
#   80|   	struct cm_cadata_state *state = data;

Error: COMPILER_WARNING (CWE-563): [#def2]
certmonger-0.79.21/src/cadata.c: scope_hint: In function ‘parse_old_cert_list’
certmonger-0.79.21/src/cadata.c:201:69: warning[-Wunused-parameter]: unused parameter ‘state’
#  201 | parse_old_cert_list(struct cm_store_ca *ca, struct cm_cadata_state *state,
#      |                                             ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~
#  199|   /* Parse a list of nickname+certificate pairs. */
#  200|   static const char *
#  201|-> parse_old_cert_list(struct cm_store_ca *ca, struct cm_cadata_state *state,
#  202|   		    const char *msg, struct cm_nickcert ***list)
#  203|   {

Error: COMPILER_WARNING (CWE-563): [#def3]
certmonger-0.79.21/src/cadata.c: scope_hint: In function ‘postprocess_certs_sub’
certmonger-0.79.21/src/cadata.c:405:51: warning[-Wunused-parameter]: unused parameter ‘ca’
#  405 | postprocess_certs_sub(int fd, struct cm_store_ca *ca, struct cm_store_entry *e,
#      |                               ~~~~~~~~~~~~~~~~~~~~^~
#  403|   
#  404|   static int
#  405|-> postprocess_certs_sub(int fd, struct cm_store_ca *ca, struct cm_store_entry *e,
#  406|   		      void *data)
#  407|   {

Error: COMPILER_WARNING (CWE-563): [#def4]
certmonger-0.79.21/src/cadata.c:405:78: warning[-Wunused-parameter]: unused parameter ‘e’
#  405 | postprocess_certs_sub(int fd, struct cm_store_ca *ca, struct cm_store_entry *e,
#      |                                                       ~~~~~~~~~~~~~~~~~~~~~~~^
#  403|   
#  404|   static int
#  405|-> postprocess_certs_sub(int fd, struct cm_store_ca *ca, struct cm_store_entry *e,
#  406|   		      void *data)
#  407|   {

Error: GCC_ANALYZER_WARNING (CWE-465): [#def5]
certmonger-0.79.21/src/cadata.c:671:12: warning[-Wanalyzer-deref-before-check]: check of ‘*ca.cm_ca_encryption_cert’ for NULL after already dereferencing it
certmonger-0.79.21/src/cadata.c:651:12: branch_false: following ‘false’ branch (when ‘p’ is NULL)...
certmonger-0.79.21/src/cadata.c:659:13: branch_false: ...to here
certmonger-0.79.21/src/cadata.c:659:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/cadata.c:671:13: branch_false: ...to here
certmonger-0.79.21/src/cadata.c:671:12: danger: pointer ‘*ca.cm_ca_encryption_cert’ is checked for NULL here but it was already dereferenced at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  669|   		}
#  670|   	}
#  671|-> 	if (ca->cm_ca_encryption_cert != NULL) {
#  672|   		if (strspn(ca->cm_ca_encryption_cert, "\r\n \t") ==
#  673|   		    strlen(ca->cm_ca_encryption_cert)) {

Error: COMPILER_WARNING (CWE-563): [#def6]
certmonger-0.79.21/src/canalyze.c: scope_hint: In function ‘cm_ca_analyze_certs_main’
certmonger-0.79.21/src/canalyze.c:108:49: warning[-Wunused-parameter]: unused parameter ‘e’
#  108 |                          struct cm_store_entry *e, void *data)
#      |                          ~~~~~~~~~~~~~~~~~~~~~~~^
#  106|   static int
#  107|   cm_ca_analyze_certs_main(int fd, struct cm_store_ca *ca,
#  108|-> 			 struct cm_store_entry *e, void *data)
#  109|   {
#  110|   	PLArenaPool *arena;

Error: COMPILER_WARNING (CWE-563): [#def7]
certmonger-0.79.21/src/canalyze.c:108:58: warning[-Wunused-parameter]: unused parameter ‘data’
#  108 |                          struct cm_store_entry *e, void *data)
#      |                                                    ~~~~~~^~~~
#  106|   static int
#  107|   cm_ca_analyze_certs_main(int fd, struct cm_store_ca *ca,
#  108|-> 			 struct cm_store_entry *e, void *data)
#  109|   {
#  110|   	PLArenaPool *arena;

Error: COMPILER_WARNING (CWE-563): [#def8]
certmonger-0.79.21/src/canalyze.c: scope_hint: In function ‘cm_ca_analyze_encryption_certs_main’
certmonger-0.79.21/src/canalyze.c:176:60: warning[-Wunused-parameter]: unused parameter ‘e’
#  176 |                                     struct cm_store_entry *e, void *data)
#      |                                     ~~~~~~~~~~~~~~~~~~~~~~~^
#  174|   static int
#  175|   cm_ca_analyze_encryption_certs_main(int fd, struct cm_store_ca *ca,
#  176|-> 				    struct cm_store_entry *e, void *data)
#  177|   {
#  178|   	PLArenaPool *arena;

Error: COMPILER_WARNING (CWE-563): [#def9]
certmonger-0.79.21/src/canalyze.c:176:69: warning[-Wunused-parameter]: unused parameter ‘data’
#  176 |                                     struct cm_store_entry *e, void *data)
#      |                                                               ~~~~~~^~~~
#  174|   static int
#  175|   cm_ca_analyze_encryption_certs_main(int fd, struct cm_store_ca *ca,
#  176|-> 				    struct cm_store_entry *e, void *data)
#  177|   {
#  178|   	PLArenaPool *arena;

Error: COMPILER_WARNING (CWE-563): [#def10]
certmonger-0.79.21/src/casave.c: scope_hint: In function ‘cm_casave_main_n’
certmonger-0.79.21/src/casave.c:82:46: warning[-Wunused-parameter]: unused parameter ‘ca’
#   82 | cm_casave_main_n(int fd, struct cm_store_ca *ca, struct cm_store_entry *e,
#      |                          ~~~~~~~~~~~~~~~~~~~~^~
#   80|   /* Save the list of certificates to the database. */
#   81|   static int
#   82|-> cm_casave_main_n(int fd, struct cm_store_ca *ca, struct cm_store_entry *e,
#   83|   		 void *data)
#   84|   {

Error: COMPILER_WARNING (CWE-563): [#def11]
certmonger-0.79.21/src/casave.c:82:73: warning[-Wunused-parameter]: unused parameter ‘e’
#   82 | cm_casave_main_n(int fd, struct cm_store_ca *ca, struct cm_store_entry *e,
#      |                                                  ~~~~~~~~~~~~~~~~~~~~~~~^
#   80|   /* Save the list of certificates to the database. */
#   81|   static int
#   82|-> cm_casave_main_n(int fd, struct cm_store_ca *ca, struct cm_store_entry *e,
#   83|   		 void *data)
#   84|   {

Error: COMPILER_WARNING (CWE-563): [#def12]
certmonger-0.79.21/src/casave.c: scope_hint: In function ‘cm_casave_main_o’
certmonger-0.79.21/src/casave.c:261:46: warning[-Wunused-parameter]: unused parameter ‘ca’
#  261 | cm_casave_main_o(int fd, struct cm_store_ca *ca, struct cm_store_entry *e,
#      |                          ~~~~~~~~~~~~~~~~~~~~^~
#  259|   /* Save the list of certificates to the file. */
#  260|   static int
#  261|-> cm_casave_main_o(int fd, struct cm_store_ca *ca, struct cm_store_entry *e,
#  262|   		 void *data)
#  263|   {

Error: COMPILER_WARNING (CWE-563): [#def13]
certmonger-0.79.21/src/casave.c:261:73: warning[-Wunused-parameter]: unused parameter ‘e’
#  261 | cm_casave_main_o(int fd, struct cm_store_ca *ca, struct cm_store_entry *e,
#      |                                                  ~~~~~~~~~~~~~~~~~~~~~~~^
#  259|   /* Save the list of certificates to the file. */
#  260|   static int
#  261|-> cm_casave_main_o(int fd, struct cm_store_ca *ca, struct cm_store_entry *e,
#  262|   		 void *data)
#  263|   {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def14]
certmonger-0.79.21/src/casave.c:340:20: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/casave.c:822:1: enter_function: entry to ‘cm_casave_main’
certmonger-0.79.21/src/casave.c:832:14: acquire_memory: allocated here
certmonger-0.79.21/src/casave.c:833:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/casave.c:838:9: branch_false: ...to here
certmonger-0.79.21/src/casave.c:838:9: call_function: calling ‘build_locations_lists’ from ‘cm_casave_main’
#  338|   		memcpy(tmp, *dest, sizeof(tmp[0]) * i);
#  339|   	}
#  340|-> 	tmp[i++] = talloc_strdup(tmp, value);
#  341|   	tmp[i] = NULL;
#  342|   	*dest = tmp;

Error: COMPILER_WARNING (CWE-563): [#def15]
certmonger-0.79.21/src/casave.c: scope_hint: In function ‘build_locations_lists’
certmonger-0.79.21/src/casave.c:408:29: warning[-Wunused-parameter]: unused parameter ‘parent’
#  408 | build_locations_lists(void *parent, struct cm_casave_state *state,
#      |                       ~~~~~~^~~~~~
#  406|    * of the entries which refer to the CA. */
#  407|   static void
#  408|-> build_locations_lists(void *parent, struct cm_casave_state *state,
#  409|   		      struct cm_store_ca *ca, struct cm_store_entry *e,
#  410|   		      char ***files, char ***dbs)

Error: COMPILER_WARNING (CWE-563): [#def16]
certmonger-0.79.21/src/certext.c: scope_hint: In function ‘cm_certext_build_bitstring’
certmonger-0.79.21/src/certext.c:283:51: warning[-Wunused-parameter]: unused parameter ‘entry’
#  283 | cm_certext_build_bitstring(struct cm_store_entry *entry, PLArenaPool *arena,
#      |                            ~~~~~~~~~~~~~~~~~~~~~~~^~~~~
#  281|    * represented by either a "1" or a "0", most significant bit first. */
#  282|   static SECItem *
#  283|-> cm_certext_build_bitstring(struct cm_store_entry *entry, PLArenaPool *arena,
#  284|   			   const char *bitstring)
#  285|   {

Error: COMPILER_WARNING (CWE-563): [#def17]
certmonger-0.79.21/src/certext.c: scope_hint: In function ‘cm_certext_build_eku’
certmonger-0.79.21/src/certext.c:492:45: warning[-Wunused-parameter]: unused parameter ‘entry’
#  492 | cm_certext_build_eku(struct cm_store_entry *entry, PLArenaPool *arena,
#      |                      ~~~~~~~~~~~~~~~~~~~~~~~^~~~~
#  490|    * entry. */
#  491|   static SECItem *
#  492|-> cm_certext_build_eku(struct cm_store_entry *entry, PLArenaPool *arena,
#  493|   		     const char *eku_value)
#  494|   {

Error: COMPILER_WARNING (CWE-563): [#def18]
certmonger-0.79.21/src/certext.c: scope_hint: In function ‘cm_certext_princ_data’
certmonger-0.79.21/src/certext.c:550:36: warning[-Wunused-parameter]: unused parameter ‘ctx’
#  550 | cm_certext_princ_data(krb5_context ctx, krb5_principal princ, int i)
#      |                       ~~~~~~~~~~~~~^~~
#  548|    * less than zero as a request for the realm name. */
#  549|   static unsigned char *
#  550|-> cm_certext_princ_data(krb5_context ctx, krb5_principal princ, int i)
#  551|   {
#  552|   	if (i < 0) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def19]
certmonger-0.79.21/src/certext.c:560:24: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
certmonger-0.79.21/src/certext.c:560:42: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certext.c:560:24: branch_false: ...to here
certmonger-0.79.21/src/certext.c:560:24: danger: dereference of NULL ‘<unknown>’
#  558|   	} else {
#  559|   #if HAVE_DECL_KRB5_PRINC_COMPONENT
#  560|-> 		return (unsigned char *) (krb5_princ_component(ctx, princ, i))->data;
#  561|   #else
#  562|   		return (unsigned char *) princ->name.name_string.val[i];

Error: COMPILER_WARNING (CWE-563): [#def20]
certmonger-0.79.21/src/certext.c: scope_hint: In function ‘cm_certext_princ_len’
certmonger-0.79.21/src/certext.c:570:35: warning[-Wunused-parameter]: unused parameter ‘ctx’
#  570 | cm_certext_princ_len(krb5_context ctx, krb5_principal princ, int i)
#      |                      ~~~~~~~~~~~~~^~~
#  568|    * given index. */
#  569|   static int
#  570|-> cm_certext_princ_len(krb5_context ctx, krb5_principal princ, int i)
#  571|   {
#  572|   	if (i < 0) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def21]
certmonger-0.79.21/src/certext.c:580:24: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
certmonger-0.79.21/src/certext.c:580:24: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certext.c:580:24: branch_false: ...to here
certmonger-0.79.21/src/certext.c:580:24: danger: dereference of NULL ‘<unknown>’
#  578|   	} else {
#  579|   #if HAVE_DECL_KRB5_PRINC_COMPONENT
#  580|-> 		return (krb5_princ_component(ctx, princ, i))->length;
#  581|   #else
#  582|   		return strlen(princ->name.name_string.val[i]);

Error: COMPILER_WARNING (CWE-563): [#def22]
certmonger-0.79.21/src/certext.c: scope_hint: In function ‘cm_certext_princ_get_type’
certmonger-0.79.21/src/certext.c:589:40: warning[-Wunused-parameter]: unused parameter ‘ctx’
#  589 | cm_certext_princ_get_type(krb5_context ctx, krb5_principal princ)
#      |                           ~~~~~~~~~~~~~^~~
#  587|   /* Return a the name-type from a principal name structure. */
#  588|   static int
#  589|-> cm_certext_princ_get_type(krb5_context ctx, krb5_principal princ)
#  590|   {
#  591|   #if HAVE_DECL_KRB5_PRINC_TYPE

Error: COMPILER_WARNING (CWE-563): [#def23]
certmonger-0.79.21/src/certext.c: scope_hint: In function ‘cm_certext_princ_set_type’
certmonger-0.79.21/src/certext.c:600:40: warning[-Wunused-parameter]: unused parameter ‘ctx’
#  600 | cm_certext_princ_set_type(krb5_context ctx, krb5_principal princ, int nt)
#      |                           ~~~~~~~~~~~~~^~~
#  598|   /* Set the name-type in a principal name structure. */
#  599|   static void
#  600|-> cm_certext_princ_set_type(krb5_context ctx, krb5_principal princ, int nt)
#  601|   {
#  602|   #if HAVE_DECL_KRB5_PRINC_TYPE

Error: COMPILER_WARNING (CWE-563): [#def24]
certmonger-0.79.21/src/certext.c: scope_hint: In function ‘cm_certext_free_unparsed_name’
certmonger-0.79.21/src/certext.c:611:44: warning[-Wunused-parameter]: unused parameter ‘ctx’
#  611 | cm_certext_free_unparsed_name(krb5_context ctx, char *name)
#      |                               ~~~~~~~~~~~~~^~~
#  609|   /* Free an unparsed principal name. */
#  610|   static void
#  611|-> cm_certext_free_unparsed_name(krb5_context ctx, char *name)
#  612|   {
#  613|   #ifdef HAVE_KRB5_FREE_UNPARSED_NAME

Error: COMPILER_WARNING (CWE-563): [#def25]
certmonger-0.79.21/src/certext.c: scope_hint: In function ‘cm_certext_princ_get_length’
certmonger-0.79.21/src/certext.c:622:42: warning[-Wunused-parameter]: unused parameter ‘ctx’
#  622 | cm_certext_princ_get_length(krb5_context ctx, krb5_principal princ)
#      |                             ~~~~~~~~~~~~~^~~
#  620|   /* Check how many components are in a principal name. */
#  621|   static int
#  622|-> cm_certext_princ_get_length(krb5_context ctx, krb5_principal princ)
#  623|   {
#  624|   #if HAVE_DECL_KRB5_PRINC_SIZE

Error: COMPILER_WARNING (CWE-563): [#def26]
certmonger-0.79.21/src/certext.c: scope_hint: In function ‘cm_certext_princ_set_length’
certmonger-0.79.21/src/certext.c:633:42: warning[-Wunused-parameter]: unused parameter ‘ctx’
#  633 | cm_certext_princ_set_length(krb5_context ctx, krb5_principal princ, int length)
#      |                             ~~~~~~~~~~~~~^~~
#  631|   /* Set how many components are in a principal name. */
#  632|   static void
#  633|-> cm_certext_princ_set_length(krb5_context ctx, krb5_principal princ, int length)
#  634|   {
#  635|   #if HAVE_DECL_KRB5_PRINC_SIZE

Error: COMPILER_WARNING (CWE-563): [#def27]
certmonger-0.79.21/src/certext.c: scope_hint: In function ‘cm_certext_princ_set_realm’
certmonger-0.79.21/src/certext.c:645:41: warning[-Wunused-parameter]: unused parameter ‘ctx’
#  645 | cm_certext_princ_set_realm(krb5_context ctx, void *parent, krb5_principal princ,
#      |                            ~~~~~~~~~~~~~^~~
#  643|    * name owned by "parent". */
#  644|   static void
#  645|-> cm_certext_princ_set_realm(krb5_context ctx, void *parent, krb5_principal princ,
#  646|   			   int length, char *name)
#  647|   {

Error: COMPILER_WARNING: [#def28]
certmonger-0.79.21/src/certext.c: scope_hint: In function ‘cm_certext_read_san’
certmonger-0.79.21/src/certext.c:869:22: warning[-Wunused-but-set-variable=]: variable ‘i’ set but not used
#  869 |         unsigned int i, j;
#      |                      ^
#  867|   {
#  868|   	CERTGeneralName *name, *san;
#  869|-> 	unsigned int i, j;
#  870|   	char **s, abuf[64];
#  871|   

Error: GCC_ANALYZER_WARNING (CWE-835): [#def29]
certmonger-0.79.21/src/certext.c:881:16: warning[-Wanalyzer-infinite-loop]: infinite loop
certmonger-0.79.21/src/certext.c:881:16: danger: infinite loop here
certmonger-0.79.21/src/certext.c:881:16: branch_true: when ‘san’ is non-NULL: always following ‘true’ branch...
certmonger-0.79.21/src/certext.c:882:25: branch_true: ...to here
certmonger-0.79.21/src/certext.c:904:28: branch_true: if it ever follows ‘true’ branch, it will always do so...
certmonger-0.79.21/src/certext.c:907:32: branch_true: ...to here
certmonger-0.79.21/src/certext.c:904:29: branch_true: if it ever follows ‘true’ branch, it will always do so...
certmonger-0.79.21/src/certext.c:904:28: branch_true: ...to here
#  879|   	talloc_free(entry->cm_cert_principal);
#  880|   	entry->cm_cert_principal = NULL;
#  881|-> 	while (san != NULL) {
#  882|   		switch (san->type) {
#  883|   		case certDNSName:

Error: COMPILER_WARNING (CWE-563): [#def30]
certmonger-0.79.21/src/certext.c: scope_hint: In function ‘cm_certext_build_upn’
certmonger-0.79.21/src/certext.c:968:45: warning[-Wunused-parameter]: unused parameter ‘entry’
#  968 | cm_certext_build_upn(struct cm_store_entry *entry, PLArenaPool *arena,
#      |                      ~~~~~~~~~~~~~~~~~~~~~~~^~~~~
#  966|   /* Build an NT principal name binary value. */
#  967|   static SECItem *
#  968|-> cm_certext_build_upn(struct cm_store_entry *entry, PLArenaPool *arena,
#  969|   		     const char *principal)
#  970|   {

Error: COMPILER_WARNING (CWE-563): [#def31]
certmonger-0.79.21/src/certext.c: scope_hint: In function ‘cm_certext_build_principal’
certmonger-0.79.21/src/certext.c:990:51: warning[-Wunused-parameter]: unused parameter ‘entry’
#  990 | cm_certext_build_principal(struct cm_store_entry *entry, PLArenaPool *arena,
#      |                            ~~~~~~~~~~~~~~~~~~~~~~~^~~~~
#  988|   /* Build a Kerberos principal name binary value. */
#  989|   static SECItem *
#  990|-> cm_certext_build_principal(struct cm_store_entry *entry, PLArenaPool *arena,
#  991|   			   const char *principal)
#  992|   {

Error: COMPILER_WARNING (CWE-563): [#def32]
certmonger-0.79.21/src/certext.c: scope_hint: In function ‘cm_certext_build_basic’
certmonger-0.79.21/src/certext.c:1215:47: warning[-Wunused-parameter]: unused parameter ‘entry’
# 1215 | cm_certext_build_basic(struct cm_store_entry *entry, PLArenaPool *arena,
#      |                        ~~~~~~~~~~~~~~~~~~~~~~~^~~~~
# 1213|   /* Build a basicConstraints extension value. */
# 1214|   static SECItem *
# 1215|-> cm_certext_build_basic(struct cm_store_entry *entry, PLArenaPool *arena,
# 1216|   		       int is_ca, int path_length)
# 1217|   {

Error: COMPILER_WARNING (CWE-563): [#def33]
certmonger-0.79.21/src/certext.c: scope_hint: In function ‘cm_certext_build_aia’
certmonger-0.79.21/src/certext.c:1383:45: warning[-Wunused-parameter]: unused parameter ‘entry’
# 1383 | cm_certext_build_aia(struct cm_store_entry *entry, PLArenaPool *arena,
#      |                      ~~~~~~~~~~~~~~~~~~~~~~~^~~~~
# 1381|   /* Build an authorityInformationAccess extension value. */
# 1382|   static SECItem *
# 1383|-> cm_certext_build_aia(struct cm_store_entry *entry, PLArenaPool *arena,
# 1384|   		     char **ocsp_location)
# 1385|   {

Error: COMPILER_WARNING (CWE-563): [#def34]
certmonger-0.79.21/src/certext.c: scope_hint: In function ‘cm_certext_build_crldp’
certmonger-0.79.21/src/certext.c:1442:47: warning[-Wunused-parameter]: unused parameter ‘entry’
# 1442 | cm_certext_build_crldp(struct cm_store_entry *entry, PLArenaPool *arena,
#      |                        ~~~~~~~~~~~~~~~~~~~~~~~^~~~~
# 1440|   /* Build a CRL distribution points or freshest CRL extension value. */
# 1441|   static SECItem *
# 1442|-> cm_certext_build_crldp(struct cm_store_entry *entry, PLArenaPool *arena,
# 1443|   		       char **crldp)
# 1444|   {

Error: COMPILER_WARNING (CWE-563): [#def35]
certmonger-0.79.21/src/certext.c: scope_hint: In function ‘cm_certext_build_ns_comment’
certmonger-0.79.21/src/certext.c:1495:52: warning[-Wunused-parameter]: unused parameter ‘entry’
# 1495 | cm_certext_build_ns_comment(struct cm_store_entry *entry, PLArenaPool *arena,
#      |                             ~~~~~~~~~~~~~~~~~~~~~~~^~~~~
# 1493|   /* Build a Netscape comment extension value. */
# 1494|   static SECItem *
# 1495|-> cm_certext_build_ns_comment(struct cm_store_entry *entry, PLArenaPool *arena,
# 1496|   			    char *comment)
# 1497|   {

Error: COMPILER_WARNING (CWE-563): [#def36]
certmonger-0.79.21/src/certext.c: scope_hint: In function ‘cm_certext_build_ocsp_no_check’
certmonger-0.79.21/src/certext.c:1518:55: warning[-Wunused-parameter]: unused parameter ‘entry’
# 1518 | cm_certext_build_ocsp_no_check(struct cm_store_entry *entry,
#      |                                ~~~~~~~~~~~~~~~~~~~~~~~^~~~~
# 1516|   /* Build a no-ocsp-checking extension value. */
# 1517|   static SECItem *
# 1518|-> cm_certext_build_ocsp_no_check(struct cm_store_entry *entry,
# 1519|   			       PLArenaPool *arena)
# 1520|   {

Error: COMPILER_WARNING (CWE-563): [#def37]
certmonger-0.79.21/src/certext.c: scope_hint: In function ‘cm_certext_build_profile’
certmonger-0.79.21/src/certext.c:1538:49: warning[-Wunused-parameter]: unused parameter ‘entry’
# 1538 | cm_certext_build_profile(struct cm_store_entry *entry,
#      |                          ~~~~~~~~~~~~~~~~~~~~~~~^~~~~
# 1536|   /* Build a Microsoft certtype extension value. */
# 1537|   static SECItem *
# 1538|-> cm_certext_build_profile(struct cm_store_entry *entry,
# 1539|   			 PLArenaPool *arena,
# 1540|   			 char *profile)

Error: COMPILER_WARNING (CWE-563): [#def38]
certmonger-0.79.21/src/certext.c: scope_hint: In function ‘cm_certext_read_basic’
certmonger-0.79.21/src/certext.c:1952:66: warning[-Wunused-parameter]: unused parameter ‘arena’
# 1952 | cm_certext_read_basic(struct cm_store_entry *entry, PLArenaPool *arena,
#      |                                                     ~~~~~~~~~~~~~^~~~~
# 1950|   /* Read a basicConstraints extension. */
# 1951|   static void
# 1952|-> cm_certext_read_basic(struct cm_store_entry *entry, PLArenaPool *arena,
# 1953|   		      CERTCertExtension *ext)
# 1954|   {

Error: COMPILER_WARNING (CWE-563): [#def39]
certmonger-0.79.21/src/certread-n.c: scope_hint: In function ‘cm_certread_n_main’
certmonger-0.79.21/src/certread-n.c:63:48: warning[-Wunused-parameter]: unused parameter ‘ca’
#   63 | cm_certread_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#      |                            ~~~~~~~~~~~~~~~~~~~~^~
#   61|   
#   62|   static int
#   63|-> cm_certread_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#   64|   		   void *userdata)
#   65|   {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def40]
certmonger-0.79.21/src/certread-n.c:98:15: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:98:15: throw: if ‘NSS_InitContext’ throws an exception...
certmonger-0.79.21/src/certread-n.c:98:15: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#   96|   	settings = userdata;
#   97|   	readwrite = settings->readwrite;
#   98|-> 	ctx = NSS_InitContext(entry->cm_cert_storage_location,
#   99|   			      NULL, NULL, NULL, NULL,
#  100|   			      (readwrite ? 0 : NSS_INIT_READONLY) |

Error: GCC_ANALYZER_WARNING (CWE-401): [#def41]
certmonger-0.79.21/src/certread-n.c:103:14: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:103:14: throw: if ‘PORT_GetError’ throws an exception...
certmonger-0.79.21/src/certread-n.c:103:14: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
#  101|   			      NSS_INIT_NOROOTINIT |
#  102|   			      NSS_INIT_NOMODDB);
#  103|-> 	ec = PORT_GetError();
#  104|   	if (ctx == NULL) {
#  105|   		if ((ec == SEC_ERROR_BAD_DATABASE) && readwrite) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def42]
certmonger-0.79.21/src/certread-n.c:115:39: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:105:21: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:105:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:106:33: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:115:39: throw: if ‘NSS_InitContext’ throws an exception...
certmonger-0.79.21/src/certread-n.c:115:39: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/4)
#  113|   				 * succeed in read-only mode, which we'll
#  114|   				 * interpret as lack of write permissions. */
#  115|-> 				ctx = NSS_InitContext(entry->cm_key_storage_location,
#  116|   						      NULL, NULL, NULL, NULL,
#  117|   						      NSS_INIT_READONLY |

Error: GCC_ANALYZER_WARNING (CWE-401): [#def43]
certmonger-0.79.21/src/certread-n.c:121:49: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:105:21: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:105:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:106:33: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:120:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:121:49: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:121:49: throw: if ‘NSS_ShutdownContext’ throws an exception...
certmonger-0.79.21/src/certread-n.c:121:49: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/4)
#  119|   						      NSS_INIT_NOMODDB);
#  120|   				if (ctx != NULL) {
#  121|-> 					error = NSS_ShutdownContext(ctx);
#  122|   					if (error != SECSuccess) {
#  123|   						cm_log(1, "Error shutting down "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def44]
certmonger-0.79.21/src/certread-n.c:123:49: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:105:21: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:105:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:106:33: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:120:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:121:49: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:122:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:123:49: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:123:49: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certread-n.c:123:49: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/4)
#  121|   					error = NSS_ShutdownContext(ctx);
#  122|   					if (error != SECSuccess) {
#  123|-> 						cm_log(1, "Error shutting down "
#  124|   						       "NSS.\n");
#  125|   					}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def45]
certmonger-0.79.21/src/certread-n.c:133:30: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:105:21: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:132:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:133:30: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:133:30: throw: if ‘PR_ErrorToName’ throws an exception...
certmonger-0.79.21/src/certread-n.c:133:30: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/4)
#  131|   		}
#  132|   		if (ec != 0) {
#  133|-> 			es = PR_ErrorToName(ec);
#  134|   		} else {
#  135|   			es = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def46]
certmonger-0.79.21/src/certread-n.c:138:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:105:21: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:132:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:133:30: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:137:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:138:25: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:138:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certread-n.c:138:25: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/4)
#  136|   		}
#  137|   		if (es != NULL) {
#  138|-> 			cm_log(0, "Unable to open NSS database '%s': %s.\n",
#  139|   			       entry->cm_cert_storage_location, es);
#  140|   		} else {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def47]
certmonger-0.79.21/src/certread-n.c:141:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:105:21: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:141:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certread-n.c:141:25: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/4)
#  139|   			       entry->cm_cert_storage_location, es);
#  140|   		} else {
#  141|-> 			cm_log(0, "Unable to open NSS database '%s'.\n",
#  142|   			       entry->cm_cert_storage_location);
#  143|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def48]
certmonger-0.79.21/src/certread-n.c:152:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:105:21: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:152:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certread-n.c:152:17: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/4)
#  150|   			break;
#  151|   		}
#  152|-> 		cm_log(0, "Unable to open NSS database.\n");
#  153|   		_exit(status);
#  154|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def49]
certmonger-0.79.21/src/certread-n.c:156:13: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:13: throw: if ‘NSS_ShutdownContext’ throws an exception...
certmonger-0.79.21/src/certread-n.c:156:13: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/4)
#  154|   	}
#  155|       /* Re-open the database with modules enabled */
#  156|-> 	if (NSS_ShutdownContext(ctx) != SECSuccess) {
#  157|   		cm_log(1, "Error shutting down NSS.\n");
#  158|   		_exit(1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def50]
certmonger-0.79.21/src/certread-n.c:157:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:157:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:157:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certread-n.c:157:17: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/4)
#  155|       /* Re-open the database with modules enabled */
#  156|   	if (NSS_ShutdownContext(ctx) != SECSuccess) {
#  157|-> 		cm_log(1, "Error shutting down NSS.\n");
#  158|   		_exit(1);
#  159|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def51]
certmonger-0.79.21/src/certread-n.c:160:15: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:160:15: throw: if ‘NSS_InitContext’ throws an exception...
certmonger-0.79.21/src/certread-n.c:160:15: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/4)
#  158|   		_exit(1);
#  159|   	}
#  160|-> 	ctx = NSS_InitContext(entry->cm_cert_storage_location,
#  161|   			      NULL, NULL, NULL, NULL,
#  162|   			      (readwrite ? 0 : NSS_INIT_READONLY) |

Error: GCC_ANALYZER_WARNING (CWE-401): [#def52]
certmonger-0.79.21/src/certread-n.c:165:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:165:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:165:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certread-n.c:165:17: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/4)
#  163|   			      NSS_INIT_NOROOTINIT);
#  164|   	if (ctx == NULL) {
#  165|-> 		cm_log(0, "Unable to initialize NSS db\n");
#  166|   		_exit(1);
#  167|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def53]
certmonger-0.79.21/src/certread-n.c:168:14: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:168:14: throw: if ‘util_n_fips_hook’ throws an exception...
certmonger-0.79.21/src/certread-n.c:168:14: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/4)
#  166|   		_exit(1);
#  167|   	}
#  168|-> 	es = util_n_fips_hook();
#  169|   	if (es != NULL) {
#  170|   		cm_log(0, "Error putting NSS into FIPS mode: %s\n", es);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def54]
certmonger-0.79.21/src/certread-n.c:170:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:170:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:170:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certread-n.c:170:17: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/4)
#  168|   	es = util_n_fips_hook();
#  169|   	if (es != NULL) {
#  170|-> 		cm_log(0, "Error putting NSS into FIPS mode: %s\n", es);
#  171|   		_exit(CM_SUB_STATUS_ERROR_INITIALIZING);
#  172|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def55]
certmonger-0.79.21/src/certread-n.c:174:13: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:13: throw: if ‘cm_pin_read_for_cert’ throws an exception...
certmonger-0.79.21/src/certread-n.c:174:13: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/4)
#  172|   	}
#  173|   	cert = NULL;
#  174|-> 	if (cm_pin_read_for_cert(entry, &pin) != 0) {
#  175|   		cm_log(1, "Error reading PIN for cert db.\n");
#  176|   		_exit(CM_SUB_STATUS_ERROR_AUTH);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def56]
certmonger-0.79.21/src/certread-n.c:175:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:175:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:175:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certread-n.c:175:17: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/4)
#  173|   	cert = NULL;
#  174|   	if (cm_pin_read_for_cert(entry, &pin) != 0) {
#  175|-> 		cm_log(1, "Error reading PIN for cert db.\n");
#  176|   		_exit(CM_SUB_STATUS_ERROR_AUTH);
#  177|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def57]
certmonger-0.79.21/src/certread-n.c:179:40: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:178:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:179:40: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:179:40: throw: if ‘util_internal_token_name’ throws an exception...
certmonger-0.79.21/src/certread-n.c:179:40: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/4)
#  177|   	}
#  178|   	if (entry->cm_cert_token == NULL) {
#  179|-> 		entry->cm_cert_token = util_internal_token_name(entry);
#  180|   	}
#  181|   	PK11_SetPasswordFunc(&cm_pin_read_for_cert_nss_cb);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def58]
certmonger-0.79.21/src/certread-n.c:181:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:178:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:181:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:181:9: throw: if ‘PK11_SetPasswordFunc’ throws an exception...
certmonger-0.79.21/src/certread-n.c:181:9: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/4)
#  179|   		entry->cm_cert_token = util_internal_token_name(entry);
#  180|   	}
#  181|-> 	PK11_SetPasswordFunc(&cm_pin_read_for_cert_nss_cb);
#  182|   	es = util_internal_token_name(entry);
#  183|   	if (strcmp(entry->cm_cert_token, es) == 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def59]
certmonger-0.79.21/src/certread-n.c:182:14: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:182:14: throw: if ‘util_internal_token_name’ throws an exception...
certmonger-0.79.21/src/certread-n.c:182:14: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/4)
#  180|   	}
#  181|   	PK11_SetPasswordFunc(&cm_pin_read_for_cert_nss_cb);
#  182|-> 	es = util_internal_token_name(entry);
#  183|   	if (strcmp(entry->cm_cert_token, es) == 0) {
#  184|   		slot = PK11_GetInternalKeySlot();

Error: GCC_ANALYZER_WARNING (CWE-401): [#def60]
certmonger-0.79.21/src/certread-n.c:184:24: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:183:12: branch_true: following ‘true’ branch (when the strings are equal)...
certmonger-0.79.21/src/certread-n.c:184:24: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:184:24: throw: if ‘PK11_GetInternalKeySlot’ throws an exception...
certmonger-0.79.21/src/certread-n.c:184:24: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/4)
#  182|   	es = util_internal_token_name(entry);
#  183|   	if (strcmp(entry->cm_cert_token, es) == 0) {
#  184|-> 		slot = PK11_GetInternalKeySlot();
#  185|   		nickname = talloc_strdup(entry, entry->cm_cert_nickname);
#  186|   	} else {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def61]
certmonger-0.79.21/src/certread-n.c:185:28: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:183:12: branch_true: following ‘true’ branch (when the strings are equal)...
certmonger-0.79.21/src/certread-n.c:184:24: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:185:28: throw: if ‘talloc_strdup’ throws an exception...
certmonger-0.79.21/src/certread-n.c:185:28: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/4)
#  183|   	if (strcmp(entry->cm_cert_token, es) == 0) {
#  184|   		slot = PK11_GetInternalKeySlot();
#  185|-> 		nickname = talloc_strdup(entry, entry->cm_cert_nickname);
#  186|   	} else {
#  187|   		slot = PK11_FindSlotByName(entry->cm_cert_token);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def62]
certmonger-0.79.21/src/certread-n.c:187:24: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:183:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
certmonger-0.79.21/src/certread-n.c:187:24: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:187:24: throw: if ‘PK11_FindSlotByName’ throws an exception...
certmonger-0.79.21/src/certread-n.c:187:24: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/4)
#  185|   		nickname = talloc_strdup(entry, entry->cm_cert_nickname);
#  186|   	} else {
#  187|-> 		slot = PK11_FindSlotByName(entry->cm_cert_token);
#  188|   		nickname = talloc_asprintf(entry, "%s:%s",
#  189|   			entry->cm_cert_token, entry->cm_cert_nickname);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def63]
certmonger-0.79.21/src/certread-n.c:188:28: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:183:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
certmonger-0.79.21/src/certread-n.c:187:24: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:188:28: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/certread-n.c:188:28: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/4)
#  186|   	} else {
#  187|   		slot = PK11_FindSlotByName(entry->cm_cert_token);
#  188|-> 		nickname = talloc_asprintf(entry, "%s:%s",
#  189|   			entry->cm_cert_token, entry->cm_cert_nickname);
#  190|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def64]
certmonger-0.79.21/src/certread-n.c:192:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_true: following ‘true’ branch (when ‘slot’ is NULL)...
certmonger-0.79.21/src/certread-n.c:192:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:192:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certread-n.c:192:17: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/4)
#  190|   	}
#  191|   	if (slot == NULL) {
#  192|-> 		cm_log(0, "Could not find the slot slot %s.\n", entry->cm_cert_token);
#  193|   		if (NSS_ShutdownContext(ctx) != SECSuccess) {
#  194|   			cm_log(1, "Error shutting down NSS.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def65]
certmonger-0.79.21/src/certread-n.c:193:21: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_true: following ‘true’ branch (when ‘slot’ is NULL)...
certmonger-0.79.21/src/certread-n.c:192:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:193:21: throw: if ‘NSS_ShutdownContext’ throws an exception...
certmonger-0.79.21/src/certread-n.c:193:21: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/4)
#  191|   	if (slot == NULL) {
#  192|   		cm_log(0, "Could not find the slot slot %s.\n", entry->cm_cert_token);
#  193|-> 		if (NSS_ShutdownContext(ctx) != SECSuccess) {
#  194|   			cm_log(1, "Error shutting down NSS.\n");
#  195|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def66]
certmonger-0.79.21/src/certread-n.c:194:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_true: following ‘true’ branch (when ‘slot’ is NULL)...
certmonger-0.79.21/src/certread-n.c:192:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:193:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:194:25: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:194:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certread-n.c:194:25: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/4)
#  192|   		cm_log(0, "Could not find the slot slot %s.\n", entry->cm_cert_token);
#  193|   		if (NSS_ShutdownContext(ctx) != SECSuccess) {
#  194|-> 			cm_log(1, "Error shutting down NSS.\n");
#  195|   		}
#  196|   		_exit(2);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def67]
certmonger-0.79.21/src/certread-n.c:205:21: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:204:12: branch_true: following ‘true’ branch (when ‘readwrite != 0’)...
certmonger-0.79.21/src/certread-n.c:205:21: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:205:21: throw: if ‘PK11_NeedUserInit’ throws an exception...
certmonger-0.79.21/src/certread-n.c:205:21: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/27/codeFlows/0/threadFlows/0/locations/4)
#  203|   	 * chance to set one, do it now. */
#  204|   	if (readwrite) {
#  205|-> 		if (PK11_NeedUserInit(slot)) {
#  206|   			if (cm_pin_read_for_cert(entry, &pin) != 0) {
#  207|   				cm_log(0, "Error reading PIN to assign "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def68]
certmonger-0.79.21/src/certread-n.c:206:29: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:204:12: branch_true: following ‘true’ branch (when ‘readwrite != 0’)...
certmonger-0.79.21/src/certread-n.c:205:21: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:205:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:206:29: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:206:29: throw: if ‘cm_pin_read_for_cert’ throws an exception...
certmonger-0.79.21/src/certread-n.c:206:29: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/28/codeFlows/0/threadFlows/0/locations/4)
#  204|   	if (readwrite) {
#  205|   		if (PK11_NeedUserInit(slot)) {
#  206|-> 			if (cm_pin_read_for_cert(entry, &pin) != 0) {
#  207|   				cm_log(0, "Error reading PIN to assign "
#  208|   				       "to storage slot.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def69]
certmonger-0.79.21/src/certread-n.c:207:33: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:204:12: branch_true: following ‘true’ branch (when ‘readwrite != 0’)...
certmonger-0.79.21/src/certread-n.c:205:21: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:205:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:206:29: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:206:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:207:33: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:207:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certread-n.c:207:33: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/29/codeFlows/0/threadFlows/0/locations/4)
#  205|   		if (PK11_NeedUserInit(slot)) {
#  206|   			if (cm_pin_read_for_cert(entry, &pin) != 0) {
#  207|-> 				cm_log(0, "Error reading PIN to assign "
#  208|   				       "to storage slot.\n");
#  209|   				PK11_FreeSlot(slot);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def70]
certmonger-0.79.21/src/certread-n.c:209:33: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:204:12: branch_true: following ‘true’ branch (when ‘readwrite != 0’)...
certmonger-0.79.21/src/certread-n.c:205:21: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:205:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:206:29: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:206:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:207:33: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:209:33: throw: if ‘PK11_FreeSlot’ throws an exception...
certmonger-0.79.21/src/certread-n.c:209:33: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/4)
#  207|   				cm_log(0, "Error reading PIN to assign "
#  208|   				       "to storage slot.\n");
#  209|-> 				PK11_FreeSlot(slot);
#  210|   				if (NSS_ShutdownContext(ctx) != SECSuccess) {
#  211|   					cm_log(1, "Error shutting down NSS.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def71]
certmonger-0.79.21/src/certread-n.c:210:37: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:204:12: branch_true: following ‘true’ branch (when ‘readwrite != 0’)...
certmonger-0.79.21/src/certread-n.c:205:21: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:205:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:206:29: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:206:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:207:33: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:210:37: throw: if ‘NSS_ShutdownContext’ throws an exception...
certmonger-0.79.21/src/certread-n.c:210:37: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/31/codeFlows/0/threadFlows/0/locations/4)
#  208|   				       "to storage slot.\n");
#  209|   				PK11_FreeSlot(slot);
#  210|-> 				if (NSS_ShutdownContext(ctx) != SECSuccess) {
#  211|   					cm_log(1, "Error shutting down NSS.\n");
#  212|   				}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def72]
certmonger-0.79.21/src/certread-n.c:211:41: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:204:12: branch_true: following ‘true’ branch (when ‘readwrite != 0’)...
certmonger-0.79.21/src/certread-n.c:205:21: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:205:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:206:29: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:206:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:207:33: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:210:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:211:41: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:211:41: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certread-n.c:211:41: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/32/codeFlows/0/threadFlows/0/locations/4)
#  209|   				PK11_FreeSlot(slot);
#  210|   				if (NSS_ShutdownContext(ctx) != SECSuccess) {
#  211|-> 					cm_log(1, "Error shutting down NSS.\n");
#  212|   				}
#  213|   				_exit(2);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def73]
certmonger-0.79.21/src/certread-n.c:215:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:204:12: branch_true: following ‘true’ branch (when ‘readwrite != 0’)...
certmonger-0.79.21/src/certread-n.c:205:21: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:205:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:206:29: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:206:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:215:25: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:215:25: throw: if ‘PK11_InitPin’ throws an exception...
certmonger-0.79.21/src/certread-n.c:215:25: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/33/codeFlows/0/threadFlows/0/locations/4)
#  213|   				_exit(2);
#  214|   			}
#  215|-> 			PK11_InitPin(slot, NULL, pin);
#  216|   			if (PK11_NeedUserInit(slot)) {
#  217|   				cm_log(0, "Cert storage slot still "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def74]
certmonger-0.79.21/src/certread-n.c:216:29: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:204:12: branch_true: following ‘true’ branch (when ‘readwrite != 0’)...
certmonger-0.79.21/src/certread-n.c:205:21: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:205:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:206:29: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:206:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:215:25: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:216:29: throw: if ‘PK11_NeedUserInit’ throws an exception...
certmonger-0.79.21/src/certread-n.c:216:29: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/34/codeFlows/0/threadFlows/0/locations/4)
#  214|   			}
#  215|   			PK11_InitPin(slot, NULL, pin);
#  216|-> 			if (PK11_NeedUserInit(slot)) {
#  217|   				cm_log(0, "Cert storage slot still "
#  218|   				       "needs user PIN to be set.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def75]
certmonger-0.79.21/src/certread-n.c:217:33: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:204:12: branch_true: following ‘true’ branch (when ‘readwrite != 0’)...
certmonger-0.79.21/src/certread-n.c:205:21: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:205:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:206:29: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:206:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:215:25: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:216:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:217:33: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:217:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certread-n.c:217:33: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/35/codeFlows/0/threadFlows/0/locations/4)
#  215|   			PK11_InitPin(slot, NULL, pin);
#  216|   			if (PK11_NeedUserInit(slot)) {
#  217|-> 				cm_log(0, "Cert storage slot still "
#  218|   				       "needs user PIN to be set.\n");
#  219|   				PK11_FreeSlot(slot);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def76]
certmonger-0.79.21/src/certread-n.c:219:33: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:204:12: branch_true: following ‘true’ branch (when ‘readwrite != 0’)...
certmonger-0.79.21/src/certread-n.c:205:21: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:205:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:206:29: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:206:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:215:25: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:216:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:217:33: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:219:33: throw: if ‘PK11_FreeSlot’ throws an exception...
certmonger-0.79.21/src/certread-n.c:219:33: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/36/codeFlows/0/threadFlows/0/locations/4)
#  217|   				cm_log(0, "Cert storage slot still "
#  218|   				       "needs user PIN to be set.\n");
#  219|-> 				PK11_FreeSlot(slot);
#  220|   				if (NSS_ShutdownContext(ctx) != SECSuccess) {
#  221|   					cm_log(1, "Error shutting down NSS.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def77]
certmonger-0.79.21/src/certread-n.c:220:37: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:204:12: branch_true: following ‘true’ branch (when ‘readwrite != 0’)...
certmonger-0.79.21/src/certread-n.c:205:21: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:205:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:206:29: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:206:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:215:25: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:216:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:217:33: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:220:37: throw: if ‘NSS_ShutdownContext’ throws an exception...
certmonger-0.79.21/src/certread-n.c:220:37: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/37/codeFlows/0/threadFlows/0/locations/4)
#  218|   				       "needs user PIN to be set.\n");
#  219|   				PK11_FreeSlot(slot);
#  220|-> 				if (NSS_ShutdownContext(ctx) != SECSuccess) {
#  221|   					cm_log(1, "Error shutting down NSS.\n");
#  222|   				}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def78]
certmonger-0.79.21/src/certread-n.c:221:41: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:204:12: branch_true: following ‘true’ branch (when ‘readwrite != 0’)...
certmonger-0.79.21/src/certread-n.c:205:21: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:205:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:206:29: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:206:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:215:25: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:216:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:217:33: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:220:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:221:41: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:221:41: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certread-n.c:221:41: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/38/codeFlows/0/threadFlows/0/locations/4)
#  219|   				PK11_FreeSlot(slot);
#  220|   				if (NSS_ShutdownContext(ctx) != SECSuccess) {
#  221|-> 					cm_log(1, "Error shutting down NSS.\n");
#  222|   				}
#  223|   				_exit(2);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def79]
certmonger-0.79.21/src/certread-n.c:231:13: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:13: throw: if ‘PK11_NeedLogin’ throws an exception...
certmonger-0.79.21/src/certread-n.c:231:13: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/39/codeFlows/0/threadFlows/0/locations/4)
#  229|   	}
#  230|   	/* If we need to log in in order to read certificates, do so. */
#  231|-> 	if (PK11_NeedLogin(slot)) {
#  232|   		cm_log(3, "Need login to token %s\n", PK11_GetTokenName(slot));
#  233|   		if (cm_pin_read_for_cert(entry, &pin) != 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def80]
certmonger-0.79.21/src/certread-n.c:232:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:232:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:232:17: throw: if ‘PK11_GetTokenName’ throws an exception...
certmonger-0.79.21/src/certread-n.c:232:17: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/40/codeFlows/0/threadFlows/0/locations/4)
#  230|   	/* If we need to log in in order to read certificates, do so. */
#  231|   	if (PK11_NeedLogin(slot)) {
#  232|-> 		cm_log(3, "Need login to token %s\n", PK11_GetTokenName(slot));
#  233|   		if (cm_pin_read_for_cert(entry, &pin) != 0) {
#  234|   			cm_log(0, "Error reading PIN for cert db\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def81]
certmonger-0.79.21/src/certread-n.c:233:21: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:232:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:233:21: throw: if ‘cm_pin_read_for_cert’ throws an exception...
certmonger-0.79.21/src/certread-n.c:233:21: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/42/codeFlows/0/threadFlows/0/locations/4)
#  231|   	if (PK11_NeedLogin(slot)) {
#  232|   		cm_log(3, "Need login to token %s\n", PK11_GetTokenName(slot));
#  233|-> 		if (cm_pin_read_for_cert(entry, &pin) != 0) {
#  234|   			cm_log(0, "Error reading PIN for cert db\n");
#  235|   			PK11_FreeSlot(slot);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def82]
certmonger-0.79.21/src/certread-n.c:234:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:232:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:233:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:234:25: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:234:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certread-n.c:234:25: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/43/codeFlows/0/threadFlows/0/locations/4)
#  232|   		cm_log(3, "Need login to token %s\n", PK11_GetTokenName(slot));
#  233|   		if (cm_pin_read_for_cert(entry, &pin) != 0) {
#  234|-> 			cm_log(0, "Error reading PIN for cert db\n");
#  235|   			PK11_FreeSlot(slot);
#  236|   			if (NSS_ShutdownContext(ctx) != SECSuccess) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def83]
certmonger-0.79.21/src/certread-n.c:235:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:232:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:233:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:234:25: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:235:25: throw: if ‘PK11_FreeSlot’ throws an exception...
certmonger-0.79.21/src/certread-n.c:235:25: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/44/codeFlows/0/threadFlows/0/locations/4)
#  233|   		if (cm_pin_read_for_cert(entry, &pin) != 0) {
#  234|   			cm_log(0, "Error reading PIN for cert db\n");
#  235|-> 			PK11_FreeSlot(slot);
#  236|   			if (NSS_ShutdownContext(ctx) != SECSuccess) {
#  237|   				cm_log(1, "Error shutting down NSS.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def84]
certmonger-0.79.21/src/certread-n.c:236:29: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:232:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:233:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:234:25: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:236:29: throw: if ‘NSS_ShutdownContext’ throws an exception...
certmonger-0.79.21/src/certread-n.c:236:29: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/45/codeFlows/0/threadFlows/0/locations/4)
#  234|   			cm_log(0, "Error reading PIN for cert db\n");
#  235|   			PK11_FreeSlot(slot);
#  236|-> 			if (NSS_ShutdownContext(ctx) != SECSuccess) {
#  237|   				cm_log(1, "Error shutting down NSS.\n");
#  238|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def85]
certmonger-0.79.21/src/certread-n.c:237:33: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:232:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:233:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:234:25: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:236:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:237:33: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:237:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certread-n.c:237:33: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/46/codeFlows/0/threadFlows/0/locations/4)
#  235|   			PK11_FreeSlot(slot);
#  236|   			if (NSS_ShutdownContext(ctx) != SECSuccess) {
#  237|-> 				cm_log(1, "Error shutting down NSS.\n");
#  238|   			}
#  239|   			_exit(2);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def86]
certmonger-0.79.21/src/certread-n.c:241:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:232:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:233:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:241:25: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:241:25: throw: if ‘PK11_Authenticate’ throws an exception...
certmonger-0.79.21/src/certread-n.c:241:25: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/47/codeFlows/0/threadFlows/0/locations/4)
#  239|   			_exit(2);
#  240|   		}
#  241|-> 		error = PK11_Authenticate(slot, PR_TRUE, &cb_data);
#  242|   		if (error != SECSuccess) {
#  243|   			cm_log(0, "certread-n: Error authenticating to cert db "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def87]
certmonger-0.79.21/src/certread-n.c:243:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:232:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:233:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:241:25: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:242:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:243:25: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:243:25: throw: if ‘PK11_GetTokenName’ throws an exception...
certmonger-0.79.21/src/certread-n.c:243:25: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/48/codeFlows/0/threadFlows/0/locations/4)
#  241|   		error = PK11_Authenticate(slot, PR_TRUE, &cb_data);
#  242|   		if (error != SECSuccess) {
#  243|-> 			cm_log(0, "certread-n: Error authenticating to cert db "
#  244|   				   "slot %s.\n", PK11_GetTokenName(slot));
#  245|   			PK11_FreeSlot(slot);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def88]
certmonger-0.79.21/src/certread-n.c:245:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:232:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:233:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:241:25: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:242:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:243:25: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:245:25: throw: if ‘PK11_FreeSlot’ throws an exception...
certmonger-0.79.21/src/certread-n.c:245:25: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/50/codeFlows/0/threadFlows/0/locations/4)
#  243|   			cm_log(0, "certread-n: Error authenticating to cert db "
#  244|   				   "slot %s.\n", PK11_GetTokenName(slot));
#  245|-> 			PK11_FreeSlot(slot);
#  246|   			if (NSS_ShutdownContext(ctx) != SECSuccess) {
#  247|   				cm_log(1, "Error shutting down NSS.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def89]
certmonger-0.79.21/src/certread-n.c:246:29: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:232:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:233:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:241:25: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:242:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:243:25: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:246:29: throw: if ‘NSS_ShutdownContext’ throws an exception...
certmonger-0.79.21/src/certread-n.c:246:29: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/51/codeFlows/0/threadFlows/0/locations/4)
#  244|   				   "slot %s.\n", PK11_GetTokenName(slot));
#  245|   			PK11_FreeSlot(slot);
#  246|-> 			if (NSS_ShutdownContext(ctx) != SECSuccess) {
#  247|   				cm_log(1, "Error shutting down NSS.\n");
#  248|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def90]
certmonger-0.79.21/src/certread-n.c:247:33: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:232:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:233:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:241:25: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:242:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:243:25: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:246:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:247:33: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:247:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certread-n.c:247:33: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/52/codeFlows/0/threadFlows/0/locations/4)
#  245|   			PK11_FreeSlot(slot);
#  246|   			if (NSS_ShutdownContext(ctx) != SECSuccess) {
#  247|-> 				cm_log(1, "Error shutting down NSS.\n");
#  248|   			}
#  249|   			_exit(2);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def91]
certmonger-0.79.21/src/certread-n.c:254:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:232:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:233:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:241:25: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:242:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:251:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:251:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:252:21: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:251:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:253:22: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:251:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:254:25: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:254:25: throw: if ‘PK11_GetTokenName’ throws an exception...
certmonger-0.79.21/src/certread-n.c:254:25: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/53/codeFlows/0/threadFlows/0/locations/4)
#  252|   		    (strlen(pin) > 0) &&
#  253|   		    (cb_data.n_attempts == 0)) {
#  254|-> 			cm_log(0, "PIN was not needed to auth to token "
#  255|   			       "%s, though one was provided. "
#  256|   			       "Treating this as an error.\n", PK11_GetTokenName(slot));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def92]
certmonger-0.79.21/src/certread-n.c:257:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:232:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:233:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:241:25: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:242:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:251:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:251:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:252:21: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:251:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:253:22: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:251:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:254:25: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:257:25: throw: if ‘PK11_FreeSlot’ throws an exception...
certmonger-0.79.21/src/certread-n.c:257:25: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/55/codeFlows/0/threadFlows/0/locations/4)
#  255|   			       "%s, though one was provided. "
#  256|   			       "Treating this as an error.\n", PK11_GetTokenName(slot));
#  257|-> 			PK11_FreeSlot(slot);
#  258|   			if (NSS_ShutdownContext(ctx) != SECSuccess) {
#  259|   				cm_log(1, "Error shutting down NSS.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def93]
certmonger-0.79.21/src/certread-n.c:258:29: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:232:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:233:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:241:25: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:242:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:251:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:251:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:252:21: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:251:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:253:22: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:251:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:254:25: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:258:29: throw: if ‘NSS_ShutdownContext’ throws an exception...
certmonger-0.79.21/src/certread-n.c:258:29: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/56/codeFlows/0/threadFlows/0/locations/4)
#  256|   			       "Treating this as an error.\n", PK11_GetTokenName(slot));
#  257|   			PK11_FreeSlot(slot);
#  258|-> 			if (NSS_ShutdownContext(ctx) != SECSuccess) {
#  259|   				cm_log(1, "Error shutting down NSS.\n");
#  260|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def94]
certmonger-0.79.21/src/certread-n.c:259:33: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:232:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:233:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:241:25: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:242:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:251:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:251:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:252:21: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:251:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:253:22: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:251:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:254:25: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:258:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:259:33: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:259:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certread-n.c:259:33: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/57/codeFlows/0/threadFlows/0/locations/4)
#  257|   			PK11_FreeSlot(slot);
#  258|   			if (NSS_ShutdownContext(ctx) != SECSuccess) {
#  259|-> 				cm_log(1, "Error shutting down NSS.\n");
#  260|   			}
#  261|   			_exit(2);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def95]
certmonger-0.79.21/src/certread-n.c:264:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:264:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:264:9: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certread-n.c:264:9: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/58/codeFlows/0/threadFlows/0/locations/4)
#  262|   		}
#  263|   	}
#  264|-> 	cm_log(3, "Looking for nickname %s\n", nickname);
#  265|   	cert = PK11_FindCertFromNickname(nickname, pin);
#  266|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def96]
certmonger-0.79.21/src/certread-n.c:265:16: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:264:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:265:16: throw: if ‘PK11_FindCertFromNickname’ throws an exception...
certmonger-0.79.21/src/certread-n.c:265:16: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/59/codeFlows/0/threadFlows/0/locations/4)
#  263|   	}
#  264|   	cm_log(3, "Looking for nickname %s\n", nickname);
#  265|-> 	cert = PK11_FindCertFromNickname(nickname, pin);
#  266|   
#  267|   	if (cert) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def97]
certmonger-0.79.21/src/certread-n.c:268:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:264:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:267:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:268:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:268:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certread-n.c:268:17: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/60/codeFlows/0/threadFlows/0/locations/4)
#  266|   
#  267|   	if (cert) {
#  268|-> 		cm_log(3, "Located the certificate \"%s\".\n", nickname);
#  269|   	} else {
#  270|   		cm_log(3, "Error locating certificate.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def98]
certmonger-0.79.21/src/certread-n.c:270:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:264:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:267:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:270:17: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:270:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certread-n.c:270:17: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/61/codeFlows/0/threadFlows/0/locations/4)
#  268|   		cm_log(3, "Located the certificate \"%s\".\n", nickname);
#  269|   	} else {
#  270|-> 		cm_log(3, "Error locating certificate.\n");
#  271|   		PK11_FreeSlot(slot);
#  272|   		if (NSS_ShutdownContext(ctx) != SECSuccess) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def99]
certmonger-0.79.21/src/certread-n.c:271:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:264:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:267:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:270:17: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:271:17: throw: if ‘PK11_FreeSlot’ throws an exception...
certmonger-0.79.21/src/certread-n.c:271:17: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/62/codeFlows/0/threadFlows/0/locations/4)
#  269|   	} else {
#  270|   		cm_log(3, "Error locating certificate.\n");
#  271|-> 		PK11_FreeSlot(slot);
#  272|   		if (NSS_ShutdownContext(ctx) != SECSuccess) {
#  273|   			cm_log(1, "Error shutting down NSS.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def100]
certmonger-0.79.21/src/certread-n.c:272:21: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:264:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:267:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:270:17: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:272:21: throw: if ‘NSS_ShutdownContext’ throws an exception...
certmonger-0.79.21/src/certread-n.c:272:21: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/63/codeFlows/0/threadFlows/0/locations/4)
#  270|   		cm_log(3, "Error locating certificate.\n");
#  271|   		PK11_FreeSlot(slot);
#  272|-> 		if (NSS_ShutdownContext(ctx) != SECSuccess) {
#  273|   			cm_log(1, "Error shutting down NSS.\n");
#  274|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def101]
certmonger-0.79.21/src/certread-n.c:273:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:264:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:267:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:270:17: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:272:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:273:25: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:273:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certread-n.c:273:25: danger: ‘fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/64/codeFlows/0/threadFlows/0/locations/4)
#  271|   		PK11_FreeSlot(slot);
#  272|   		if (NSS_ShutdownContext(ctx) != SECSuccess) {
#  273|-> 			cm_log(1, "Error shutting down NSS.\n");
#  274|   		}
#  275|   		_exit(2);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def102]
certmonger-0.79.21/src/certread-n.c:304:15: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:63:1: enter_function: entry to ‘cm_certread_n_main’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:264:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:267:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:268:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:278:9: call_function: calling ‘cm_certread_n_parse’ from ‘cm_certread_n_main’
#  302|   
#  303|   	/* Initialize the library. */
#  304|-> 	ctx = NSS_InitContext(NULL,
#  305|   			      NULL, NULL, NULL, NULL,
#  306|   			      NSS_INIT_NOCERTDB |

Error: GCC_ANALYZER_WARNING (CWE-401): [#def103]
certmonger-0.79.21/src/certread-n.c:311:34: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:63:1: enter_function: entry to ‘cm_certread_n_main’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:264:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:267:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:268:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:278:9: call_function: calling ‘cm_certread_n_parse’ from ‘cm_certread_n_main’
#  309|   			      NSS_INIT_NOROOTINIT);
#  310|   	if (ctx == NULL) {
#  311|-> 		PRErrorCode ec = PR_GetError();
#  312|   		if (ec) {
#  313|   			es = PR_ErrorToName(ec);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def104]
certmonger-0.79.21/src/certread-n.c:313:30: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:63:1: enter_function: entry to ‘cm_certread_n_main’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:264:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:267:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:268:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:278:9: call_function: calling ‘cm_certread_n_parse’ from ‘cm_certread_n_main’
#  311|   		PRErrorCode ec = PR_GetError();
#  312|   		if (ec) {
#  313|-> 			es = PR_ErrorToName(ec);
#  314|   		}
#  315|   		cm_log(1, "Unable to initialize NSS %s\n", es ? es: "");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def105]
certmonger-0.79.21/src/certread-n.c:315:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:63:1: enter_function: entry to ‘cm_certread_n_main’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:264:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:267:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:268:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:278:9: call_function: calling ‘cm_certread_n_parse’ from ‘cm_certread_n_main’
#  313|   			es = PR_ErrorToName(ec);
#  314|   		}
#  315|-> 		cm_log(1, "Unable to initialize NSS %s\n", es ? es: "");
#  316|           
#  317|   		_exit(1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def106]
certmonger-0.79.21/src/certread-n.c:319:14: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:63:1: enter_function: entry to ‘cm_certread_n_main’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:264:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:267:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:268:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:278:9: call_function: calling ‘cm_certread_n_parse’ from ‘cm_certread_n_main’
#  317|   		_exit(1);
#  318|   	}
#  319|-> 	es = util_n_fips_hook();
#  320|   	if (es != NULL) {
#  321|   		cm_log(1, "Error putting NSS into FIPS mode: %s\n", es);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def107]
certmonger-0.79.21/src/certread-n.c:321:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:63:1: enter_function: entry to ‘cm_certread_n_main’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:264:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:267:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:268:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:278:9: call_function: calling ‘cm_certread_n_parse’ from ‘cm_certread_n_main’
#  319|   	es = util_n_fips_hook();
#  320|   	if (es != NULL) {
#  321|-> 		cm_log(1, "Error putting NSS into FIPS mode: %s\n", es);
#  322|   		_exit(1);
#  323|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def108]
certmonger-0.79.21/src/certread-n.c:325:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:63:1: enter_function: entry to ‘cm_certread_n_main’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:264:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:267:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:268:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:278:9: call_function: calling ‘cm_certread_n_parse’ from ‘cm_certread_n_main’
#  323|   	}
#  324|   	/* Allocate a memory pool. */
#  325|-> 	arena = PORT_NewArena(sizeof(double));
#  326|   	if (arena == NULL) {
#  327|   		cm_log(1, "Error opening database '%s'.\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def109]
certmonger-0.79.21/src/certread-n.c:327:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-n.c:63:1: enter_function: entry to ‘cm_certread_n_main’
certmonger-0.79.21/src/certread-n.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:83:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:83:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:90:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:90:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-n.c:91:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:97:21: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:104:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:156:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:156:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:160:15: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:164:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:168:14: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:169:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:174:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:174:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:178:13: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:191:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/certread-n.c:199:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-n.c:264:9: branch_false: ...to here
certmonger-0.79.21/src/certread-n.c:267:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-n.c:268:17: branch_true: ...to here
certmonger-0.79.21/src/certread-n.c:278:9: call_function: calling ‘cm_certread_n_parse’ from ‘cm_certread_n_main’
#  325|   	arena = PORT_NewArena(sizeof(double));
#  326|   	if (arena == NULL) {
#  327|-> 		cm_log(1, "Error opening database '%s'.\n",
#  328|   		       entry->cm_cert_storage_location);
#  329|   		if (NSS_ShutdownContext(ctx) != SECSuccess) {

Error: COMPILER_WARNING (CWE-563): [#def110]
certmonger-0.79.21/src/certread-o.c: scope_hint: In function ‘cm_certread_o_main’
certmonger-0.79.21/src/certread-o.c:56:48: warning[-Wunused-parameter]: unused parameter ‘ca’
#   56 | cm_certread_o_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#      |                            ~~~~~~~~~~~~~~~~~~~~^~
#   54|   
#   55|   static int
#   56|-> cm_certread_o_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#   57|   		   void *userdata)
#   58|   {

Error: COMPILER_WARNING (CWE-563): [#def111]
certmonger-0.79.21/src/certread-o.c:57:26: warning[-Wunused-parameter]: unused parameter ‘userdata’
#   57 |                    void *userdata)
#      |                    ~~~~~~^~~~~~~~
#   55|   static int
#   56|   cm_certread_o_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#   57|-> 		   void *userdata)
#   58|   {
#   59|   	FILE *pem, *fp;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def112]
certmonger-0.79.21/src/certread-o.c:82:24: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(*entry.cm_cert_storage_location, "r")’
certmonger-0.79.21/src/certread-o.c:66:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-o.c:72:9: branch_false: ...to here
certmonger-0.79.21/src/certread-o.c:76:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-o.c:80:21: branch_false: ...to here
certmonger-0.79.21/src/certread-o.c:80:15: acquire_resource: opened here
certmonger-0.79.21/src/certread-o.c:81:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-o.c:82:24: branch_true: ...to here
certmonger-0.79.21/src/certread-o.c:82:24: throw: if ‘PEM_read_X509’ throws an exception...
certmonger-0.79.21/src/certread-o.c:82:24: danger: ‘fopen(*entry.cm_cert_storage_location, "r")’ leaks here; was opened at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#   80|   	pem = fopen(entry->cm_cert_storage_location, "r");
#   81|   	if (pem != NULL) {
#   82|-> 		cert = PEM_read_X509(pem, NULL, NULL, NULL);
#   83|   		if (cert != NULL) {
#   84|   			status = 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def113]
certmonger-0.79.21/src/certread-o.c:82:24: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(*entry.cm_cert_storage_location, "r")’
certmonger-0.79.21/src/certread-o.c:66:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-o.c:72:9: branch_false: ...to here
certmonger-0.79.21/src/certread-o.c:76:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-o.c:80:21: branch_false: ...to here
certmonger-0.79.21/src/certread-o.c:80:15: acquire_memory: allocated here
certmonger-0.79.21/src/certread-o.c:81:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-o.c:82:24: branch_true: ...to here
certmonger-0.79.21/src/certread-o.c:82:24: throw: if ‘PEM_read_X509’ throws an exception...
certmonger-0.79.21/src/certread-o.c:82:24: danger: ‘fopen(*entry.cm_cert_storage_location, "r")’ leaks here; was allocated at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
#   80|   	pem = fopen(entry->cm_cert_storage_location, "r");
#   81|   	if (pem != NULL) {
#   82|-> 		cert = PEM_read_X509(pem, NULL, NULL, NULL);
#   83|   		if (cert != NULL) {
#   84|   			status = 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def114]
certmonger-0.79.21/src/certread-o.c:82:24: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-o.c:66:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-o.c:72:9: branch_false: ...to here
certmonger-0.79.21/src/certread-o.c:75:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-o.c:76:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-o.c:80:21: branch_false: ...to here
certmonger-0.79.21/src/certread-o.c:81:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-o.c:82:24: branch_true: ...to here
certmonger-0.79.21/src/certread-o.c:82:24: throw: if ‘PEM_read_X509’ throws an exception...
certmonger-0.79.21/src/certread-o.c:82:24: danger: ‘fp’ leaks here; was allocated at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#   80|   	pem = fopen(entry->cm_cert_storage_location, "r");
#   81|   	if (pem != NULL) {
#   82|-> 		cert = PEM_read_X509(pem, NULL, NULL, NULL);
#   83|   		if (cert != NULL) {
#   84|   			status = 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def115]
certmonger-0.79.21/src/certread-o.c:86:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-o.c:66:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-o.c:72:9: branch_false: ...to here
certmonger-0.79.21/src/certread-o.c:75:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-o.c:76:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-o.c:80:21: branch_false: ...to here
certmonger-0.79.21/src/certread-o.c:81:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-o.c:82:24: branch_true: ...to here
certmonger-0.79.21/src/certread-o.c:83:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-o.c:86:25: branch_false: ...to here
certmonger-0.79.21/src/certread-o.c:86:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certread-o.c:86:25: danger: ‘fp’ leaks here; was allocated at [(3)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/2)
#   84|   			status = 0;
#   85|   		} else {
#   86|-> 			cm_log(1, "Internal error reading cert from \"%s\".\n",
#   87|   			       entry->cm_cert_storage_location);
#   88|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def116]
certmonger-0.79.21/src/certread-o.c:92:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-o.c:66:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-o.c:72:9: branch_false: ...to here
certmonger-0.79.21/src/certread-o.c:75:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-o.c:76:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-o.c:80:21: branch_false: ...to here
certmonger-0.79.21/src/certread-o.c:81:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-o.c:91:21: branch_false: ...to here
certmonger-0.79.21/src/certread-o.c:91:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-o.c:92:25: branch_true: ...to here
certmonger-0.79.21/src/certread-o.c:92:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certread-o.c:92:25: danger: ‘fp’ leaks here; was allocated at [(3)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/2)
#   90|   	} else {
#   91|   		if (errno != ENOENT) {
#   92|-> 			cm_log(1, "Error opening cert file '%s' "
#   93|   			       "for reading: %s.\n",
#   94|   			       entry->cm_cert_storage_location,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def117]
certmonger-0.79.21/src/certread-o.c:101:23: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-o.c:66:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-o.c:72:9: branch_false: ...to here
certmonger-0.79.21/src/certread-o.c:75:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-o.c:76:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-o.c:80:21: branch_false: ...to here
certmonger-0.79.21/src/certread-o.c:81:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-o.c:82:24: branch_true: ...to here
certmonger-0.79.21/src/certread-o.c:99:12: branch_true: following ‘true’ branch (when ‘status == 0’)...
certmonger-0.79.21/src/certread-o.c:100:17: branch_true: ...to here
certmonger-0.79.21/src/certread-o.c:101:23: throw: if ‘i2d_X509’ throws an exception...
certmonger-0.79.21/src/certread-o.c:101:23: danger: ‘fp’ leaks here; was allocated at [(3)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/2)
#   99|   	if (status == 0) {
#  100|   		der = NULL;
#  101|-> 		len = i2d_X509(cert, &der);
#  102|   		cm_certread_n_parse(entry, der, len);
#  103|   		cm_certread_write_data_to_pipe(entry, fp);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def118]
certmonger-0.79.21/src/certread-o.c:102:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-o.c:66:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-o.c:72:9: branch_false: ...to here
certmonger-0.79.21/src/certread-o.c:75:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-o.c:76:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-o.c:80:21: branch_false: ...to here
certmonger-0.79.21/src/certread-o.c:81:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-o.c:82:24: branch_true: ...to here
certmonger-0.79.21/src/certread-o.c:99:12: branch_true: following ‘true’ branch (when ‘status == 0’)...
certmonger-0.79.21/src/certread-o.c:100:17: branch_true: ...to here
certmonger-0.79.21/src/certread-o.c:102:17: throw: if ‘cm_certread_n_parse’ throws an exception...
certmonger-0.79.21/src/certread-o.c:102:17: danger: ‘fp’ leaks here; was allocated at [(3)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/2)
#  100|   		der = NULL;
#  101|   		len = i2d_X509(cert, &der);
#  102|-> 		cm_certread_n_parse(entry, der, len);
#  103|   		cm_certread_write_data_to_pipe(entry, fp);
#  104|   	} else {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def119]
certmonger-0.79.21/src/certread-o.c:103:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-o.c:66:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-o.c:72:9: branch_false: ...to here
certmonger-0.79.21/src/certread-o.c:75:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-o.c:76:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-o.c:80:21: branch_false: ...to here
certmonger-0.79.21/src/certread-o.c:81:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-o.c:82:24: branch_true: ...to here
certmonger-0.79.21/src/certread-o.c:99:12: branch_true: following ‘true’ branch (when ‘status == 0’)...
certmonger-0.79.21/src/certread-o.c:100:17: branch_true: ...to here
certmonger-0.79.21/src/certread-o.c:103:17: throw: if ‘cm_certread_write_data_to_pipe’ throws an exception...
certmonger-0.79.21/src/certread-o.c:103:17: danger: ‘fp’ leaks here; was allocated at [(3)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/2)
#  101|   		len = i2d_X509(cert, &der);
#  102|   		cm_certread_n_parse(entry, der, len);
#  103|-> 		cm_certread_write_data_to_pipe(entry, fp);
#  104|   	} else {
#  105|   		while ((error = ERR_get_error()) != 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def120]
certmonger-0.79.21/src/certread-o.c:105:33: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-o.c:66:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-o.c:72:9: branch_false: ...to here
certmonger-0.79.21/src/certread-o.c:75:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-o.c:76:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-o.c:80:21: branch_false: ...to here
certmonger-0.79.21/src/certread-o.c:99:12: branch_false: following ‘false’ branch (when ‘status != 0’)...
certmonger-0.79.21/src/certread-o.c:99:12: branch_false: ...to here
certmonger-0.79.21/src/certread-o.c:105:33: throw: if ‘ERR_get_error’ throws an exception...
certmonger-0.79.21/src/certread-o.c:105:33: danger: ‘fp’ leaks here; was allocated at [(3)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/2)
#  103|   		cm_certread_write_data_to_pipe(entry, fp);
#  104|   	} else {
#  105|-> 		while ((error = ERR_get_error()) != 0) {
#  106|   			ERR_error_string_n(error, buf, sizeof(buf));
#  107|   			cm_log(1, "%s\n", buf);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def121]
certmonger-0.79.21/src/certread-o.c:106:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-o.c:66:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-o.c:72:9: branch_false: ...to here
certmonger-0.79.21/src/certread-o.c:75:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-o.c:76:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-o.c:80:21: branch_false: ...to here
certmonger-0.79.21/src/certread-o.c:99:12: branch_false: following ‘false’ branch (when ‘status != 0’)...
certmonger-0.79.21/src/certread-o.c:99:12: branch_false: ...to here
certmonger-0.79.21/src/certread-o.c:105:24: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-o.c:106:25: branch_true: ...to here
certmonger-0.79.21/src/certread-o.c:106:25: throw: if ‘ERR_error_string_n’ throws an exception...
certmonger-0.79.21/src/certread-o.c:106:25: danger: ‘fp’ leaks here; was allocated at [(3)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/2)
#  104|   	} else {
#  105|   		while ((error = ERR_get_error()) != 0) {
#  106|-> 			ERR_error_string_n(error, buf, sizeof(buf));
#  107|   			cm_log(1, "%s\n", buf);
#  108|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def122]
certmonger-0.79.21/src/certread-o.c:107:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/certread-o.c:66:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certread-o.c:72:9: branch_false: ...to here
certmonger-0.79.21/src/certread-o.c:75:14: acquire_memory: allocated here
certmonger-0.79.21/src/certread-o.c:76:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/certread-o.c:80:21: branch_false: ...to here
certmonger-0.79.21/src/certread-o.c:99:12: branch_false: following ‘false’ branch (when ‘status != 0’)...
certmonger-0.79.21/src/certread-o.c:99:12: branch_false: ...to here
certmonger-0.79.21/src/certread-o.c:105:24: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certread-o.c:106:25: branch_true: ...to here
certmonger-0.79.21/src/certread-o.c:107:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certread-o.c:107:25: danger: ‘fp’ leaks here; was allocated at [(3)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/2)
#  105|   		while ((error = ERR_get_error()) != 0) {
#  106|   			ERR_error_string_n(error, buf, sizeof(buf));
#  107|-> 			cm_log(1, "%s\n", buf);
#  108|   		}
#  109|   	}

Error: COMPILER_WARNING (CWE-563): [#def123]
certmonger-0.79.21/src/certsave-n.c: scope_hint: In function ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:103:24: warning[-Wunused-parameter]: unused parameter ‘fd’
#  103 | cm_certsave_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#      |                    ~~~~^~
#  101|   
#  102|   static int
#  103|-> cm_certsave_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#  104|   		   void *userdata)
#  105|   {

Error: COMPILER_WARNING (CWE-563): [#def124]
certmonger-0.79.21/src/certsave-n.c:103:48: warning[-Wunused-parameter]: unused parameter ‘ca’
#  103 | cm_certsave_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#      |                            ~~~~~~~~~~~~~~~~~~~~^~
#  101|   
#  102|   static int
#  103|-> cm_certsave_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#  104|   		   void *userdata)
#  105|   {

Error: CPPCHECK_WARNING (CWE-476): [#def125]
certmonger-0.79.21/src/certsave-n.c:150: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: user
#  148|   
#  149|   		user = strdup(entry->cm_nss_user);
#  150|-> 		group = strchr(user, ':');
#  151|   		if (group != NULL) {
#  152|   			*group++ = '\0';

Error: GCC_ANALYZER_WARNING (CWE-401): [#def126]
certmonger-0.79.21/src/certsave-n.c:159:23: warning[-Wanalyzer-malloc-leak]: leak of ‘user’
certmonger-0.79.21/src/certsave-n.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:135:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:135:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:142:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:142:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:149:24: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:149:24: acquire_memory: allocated here
certmonger-0.79.21/src/certsave-n.c:151:20: branch_false: following ‘false’ branch (when ‘group’ is NULL)...
certmonger-0.79.21/src/certsave-n.c:151:20: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:159:23: throw: if ‘getpwnam’ throws an exception...
certmonger-0.79.21/src/certsave-n.c:159:23: danger: ‘user’ leaks here; was allocated at [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6)
#  157|   
#  158|   		errno = 0;
#  159|-> 		pwd = getpwnam(user);
#  160|   		if (pwd == NULL) {
#  161|   			cm_log(0, "Error looking up user \"%s\", "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def127]
certmonger-0.79.21/src/certsave-n.c:161:25: warning[-Wanalyzer-malloc-leak]: leak of ‘user’
certmonger-0.79.21/src/certsave-n.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:135:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:135:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:142:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:142:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:149:24: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:149:24: acquire_memory: allocated here
certmonger-0.79.21/src/certsave-n.c:151:20: branch_false: following ‘false’ branch (when ‘group’ is NULL)...
certmonger-0.79.21/src/certsave-n.c:151:20: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:160:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:161:25: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:161:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certsave-n.c:161:25: danger: ‘user’ leaks here; was allocated at [(7)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/6)
#  159|   		pwd = getpwnam(user);
#  160|   		if (pwd == NULL) {
#  161|-> 			cm_log(0, "Error looking up user \"%s\", "
#  162|   					  "not setting identity: %s.\n",
#  163|   					  user, strerror(errno));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def128]
certmonger-0.79.21/src/certsave-n.c:170:31: warning[-Wanalyzer-malloc-leak]: leak of ‘user’
certmonger-0.79.21/src/certsave-n.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:135:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:135:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:142:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:142:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:149:24: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:149:24: acquire_memory: allocated here
certmonger-0.79.21/src/certsave-n.c:151:20: branch_true: following ‘true’ branch (when ‘group’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:152:26: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:153:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:158:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:160:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:167:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:169:20: branch_true: following ‘true’ branch (when ‘group’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:170:31: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:170:31: throw: if ‘getgrnam’ throws an exception...
certmonger-0.79.21/src/certsave-n.c:170:31: danger: ‘user’ leaks here; was allocated at [(7)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/6)
#  168|   		gid = pwd->pw_gid;
#  169|   		if (group != NULL) {
#  170|-> 			grp = getgrnam(group);
#  171|   			if (grp == NULL) {
#  172|   				cm_log(0, "Error looking up group \"%s\", "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def129]
certmonger-0.79.21/src/certsave-n.c:172:33: warning[-Wanalyzer-malloc-leak]: leak of ‘user’
certmonger-0.79.21/src/certsave-n.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:135:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:135:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:142:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:142:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:149:24: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:149:24: acquire_memory: allocated here
certmonger-0.79.21/src/certsave-n.c:151:20: branch_true: following ‘true’ branch (when ‘group’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:152:26: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:153:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:158:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:160:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:167:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:169:20: branch_true: following ‘true’ branch (when ‘group’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:170:31: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:171:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:172:33: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:172:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certsave-n.c:172:33: danger: ‘user’ leaks here; was allocated at [(7)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/6)
#  170|   			grp = getgrnam(group);
#  171|   			if (grp == NULL) {
#  172|-> 				cm_log(0, "Error looking up group \"%s\", "
#  173|   					   "not setting identity.\n",
#  174|   					   group);

Error: CPPCHECK_WARNING (CWE-415): [#def130]
certmonger-0.79.21/src/certsave-n.c:175: error[doubleFree]: Memory pointed to by 'user' is freed twice.
#  173|   					   "not setting identity.\n",
#  174|   					   group);
#  175|-> 				free(user);
#  176|   				_exit(CM_CERTSAVE_STATUS_INTERNAL_ERROR);
#  177|   			}

Error: CPPCHECK_WARNING (CWE-415): [#def131]
certmonger-0.79.21/src/certsave-n.c:180: error[doubleFree]: Memory pointed to by 'user' is freed twice.
#  178|   			gid = grp->gr_gid;
#  179|   		}
#  180|-> 		free(user);
#  181|   
#  182|   		cm_log(1, "Switching to %s %d:%d\n", pwd->pw_name, uid, gid);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def132]
certmonger-0.79.21/src/certsave-n.c:505:65: warning[-Wanalyzer-malloc-leak]: leak of ‘list’
certmonger-0.79.21/src/certsave-n.c:103:1: enter_function: entry to ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:135:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:135:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:142:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:207:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:261:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:261:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:265:23: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:269:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:275:25: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:276:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:286:28: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:287:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:297:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:297:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:301:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:306:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:339:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:349:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:349:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:379:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:379:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:388:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:402:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:404:33: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:413:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:423:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:434:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:435:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:446:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:447:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:458:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:461:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:468:41: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:471:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:475:54: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:476:54: branch_true: following ‘true’ branch (when ‘node’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:477:55: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:476:54: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:476:54: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:476:54: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:481:77: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:480:60: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:482:82: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:480:61: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:495:72: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:483:65: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:483:65: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:504:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:504:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:505:65: throw: if ‘SEC_DeletePermCertificate’ throws an exception...
certmonger-0.79.21/src/certsave-n.c:505:65: danger: ‘list’ leaks here; was allocated at [(64)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/63)
#  503|   								privkey = PK11_FindKeyByAnyCert(node->cert, NULL);
#  504|   								privkeys = add_privkey_to_list(privkeys, privkey);
#  505|-> 								SEC_DeletePermCertificate(node->cert);
#  506|   							}
#  507|   						}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def133]
certmonger-0.79.21/src/certsave-n.c:508:49: warning[-Wanalyzer-malloc-leak]: leak of ‘privkeys’
certmonger-0.79.21/src/certsave-n.c:103:1: enter_function: entry to ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:135:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:135:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:142:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:207:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:261:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:261:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:265:23: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:269:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:275:25: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:276:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:286:28: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:287:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:297:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:297:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:301:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:306:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:339:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:349:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:349:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:379:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:379:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:388:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:402:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:404:33: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:413:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:423:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:434:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:435:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:446:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:447:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:458:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:461:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:468:41: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:471:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:475:54: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:476:54: branch_true: following ‘true’ branch (when ‘node’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:477:55: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:476:54: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:476:54: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:476:54: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:481:77: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:480:60: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:482:82: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:480:61: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:495:72: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:483:65: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:483:65: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:504:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:504:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:508:49: throw: if ‘CERT_DestroyCertList’ throws an exception...
certmonger-0.79.21/src/certsave-n.c:508:49: danger: ‘privkeys’ leaks here; was allocated at [(64)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/63)
#  506|   							}
#  507|   						}
#  508|-> 						CERT_DestroyCertList(certlist);
#  509|   					}
#  510|   				} else {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def134]
certmonger-0.79.21/src/certsave-n.c:515:44: warning[-Wanalyzer-malloc-leak]: leak of ‘privkeys’
certmonger-0.79.21/src/certsave-n.c:103:1: enter_function: entry to ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:135:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:135:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:142:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:207:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:261:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:261:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:265:23: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:269:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:275:25: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:276:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:286:28: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:287:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:297:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:297:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:301:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:306:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:339:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:349:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:349:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:379:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:379:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:388:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:402:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:404:33: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:413:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:423:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:434:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:435:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:446:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:447:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:458:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:461:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:468:41: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:471:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:475:54: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:476:54: branch_true: following ‘true’ branch (when ‘node’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:477:55: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:476:54: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:476:54: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:476:54: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:481:77: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:480:60: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:482:82: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:480:61: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:495:72: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:483:65: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:483:65: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:504:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:504:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:515:44: throw: if ‘CERT_CreateSubjectCertList’ throws an exception...
certmonger-0.79.21/src/certsave-n.c:515:44: danger: ‘privkeys’ leaks here; was allocated at [(64)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/63)
#  513|   				/* This certificate's subject may already be present
#  514|   				 * with a different nickname.  Delete those, too. */
#  515|-> 				certlist = CERT_CreateSubjectCertList(NULL, certdb,
#  516|   								      &subject,
#  517|   								      PR_FALSE,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def135]
certmonger-0.79.21/src/certsave-n.c:557:57: warning[-Wanalyzer-malloc-leak]: leak of ‘list’
certmonger-0.79.21/src/certsave-n.c:103:1: enter_function: entry to ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:135:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:135:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:142:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:207:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:261:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:261:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:265:23: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:269:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:275:25: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:276:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:286:28: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:287:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:297:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:297:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:301:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:306:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:339:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:349:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:349:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:379:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:379:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:388:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:402:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:404:33: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:413:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:423:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:434:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:435:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:446:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:447:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:458:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:519:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:524:46: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:525:46: branch_true: following ‘true’ branch (when ‘node’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:526:47: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:525:46: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:525:46: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:525:46: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:529:54: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:529:52: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:531:61: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:531:61: call_function: calling ‘cm_get_nickname’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:531:61: return_function: returning to ‘cm_certsave_n_main’ from ‘cm_get_nickname’
certmonger-0.79.21/src/certsave-n.c:530:61: call_function: calling ‘cm_get_nickname’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:530:61: return_function: returning to ‘cm_certsave_n_main’ from ‘cm_get_nickname’
certmonger-0.79.21/src/certsave-n.c:529:53: branch_true: following ‘true’ branch (when the strings are non-equal)...
certmonger-0.79.21/src/certsave-n.c:532:66: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:529:53: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:534:57: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:535:57: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:535:57: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:556:68: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:556:68: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:557:57: throw: if ‘SEC_DeletePermCertificate’ throws an exception...
certmonger-0.79.21/src/certsave-n.c:557:57: danger: ‘list’ leaks here; was allocated at [(74)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/73)
#  555|   							privkey = PK11_FindKeyByAnyCert(node->cert, NULL);
#  556|   							privkeys = add_privkey_to_list(privkeys, privkey);
#  557|-> 							SEC_DeletePermCertificate(node->cert);
#  558|   						} else {
#  559|   							/* Same nickname, and we

Error: GCC_ANALYZER_WARNING (CWE-401): [#def136]
certmonger-0.79.21/src/certsave-n.c:564:69: warning[-Wanalyzer-malloc-leak]: leak of ‘privkeys’
certmonger-0.79.21/src/certsave-n.c:103:1: enter_function: entry to ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:135:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:135:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:142:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:207:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:261:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:261:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:265:23: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:269:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:275:25: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:276:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:286:28: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:287:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:297:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:297:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:301:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:306:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:339:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:349:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:349:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:350:67: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:353:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:377:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:379:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:388:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:402:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:404:33: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:407:48: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:411:45: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:413:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:423:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:434:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:435:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:446:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:447:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:458:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:519:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:524:46: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:525:46: branch_true: following ‘true’ branch (when ‘node’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:526:47: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:525:46: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:525:46: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:525:46: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:529:54: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:529:52: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:531:61: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:531:61: call_function: calling ‘cm_get_nickname’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:531:61: return_function: returning to ‘cm_certsave_n_main’ from ‘cm_get_nickname’
certmonger-0.79.21/src/certsave-n.c:530:61: call_function: calling ‘cm_get_nickname’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:530:61: return_function: returning to ‘cm_certsave_n_main’ from ‘cm_get_nickname’
certmonger-0.79.21/src/certsave-n.c:529:53: branch_true: following ‘true’ branch (when the strings are non-equal)...
certmonger-0.79.21/src/certsave-n.c:532:66: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:529:53: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:534:57: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:556:68: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:556:68: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:525:46: branch_true: following ‘true’ branch (when ‘node’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:526:47: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:525:46: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:525:46: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:525:46: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:529:54: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:529:52: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:563:60: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:563:60: branch_true: following ‘true’ branch (when ‘have_trust == 0’)...
certmonger-0.79.21/src/certsave-n.c:564:69: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:564:69: throw: if ‘CERT_GetCertTrust’ throws an exception...
certmonger-0.79.21/src/certsave-n.c:564:69: danger: ‘privkeys’ leaks here; was allocated at [(76)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/75)
#  562|   							 * trust. */
#  563|   							if (!have_trust) {
#  564|-> 								if (CERT_GetCertTrust(node->cert,
#  565|   									      &trust) == SECSuccess) {
#  566|   									have_trust = PR_TRUE;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def137]
certmonger-0.79.21/src/certsave-n.c:576:41: warning[-Wanalyzer-malloc-leak]: leak of ‘privkeys’
certmonger-0.79.21/src/certsave-n.c:103:1: enter_function: entry to ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:135:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:135:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:142:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:207:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:261:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:261:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:265:23: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:269:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:275:25: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:276:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:286:28: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:287:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:297:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:297:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:301:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:306:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:339:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:349:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:349:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:379:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:379:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:388:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:402:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:404:33: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:413:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:423:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:434:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:435:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:446:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:447:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:458:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:461:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:468:41: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:471:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:475:54: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:476:54: branch_true: following ‘true’ branch (when ‘node’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:477:55: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:476:54: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:476:54: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:476:54: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:481:77: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:480:60: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:482:82: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:480:61: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:495:72: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:483:65: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:483:65: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:504:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:504:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:519:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:576:41: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:576:41: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certsave-n.c:576:41: danger: ‘privkeys’ leaks here; was allocated at [(64)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/63)
#  574|   					CERT_DestroyCertList(certlist);
#  575|   				} else {
#  576|-> 					cm_log(3, "No duplicate subject name entries.\n");
#  577|   				}
#  578|   				/* Make one more attempt at finding an existing trust

Error: CPPCHECK_WARNING (CWE-457): [#def138]
certmonger-0.79.21/src/certsave-n.c:614: error[uninitvar]: Uninitialized variable: ierror
#  612|   					 * the configured token is not already internal */
#  613|   					internal_slot = PK11_GetInternalKeySlot();
#  614|-> 					if ((ierror == SECSuccess) && (sle->slot != internal_slot))
#  615|   					{
#  616|   						cm_log(3, "Imported to token, adding to internal\n");

Error: GCC_ANALYZER_WARNING (CWE-457): [#def139]
certmonger-0.79.21/src/certsave-n.c:614:44: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘ierror’
certmonger-0.79.21/src/certsave-n.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:135:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:135:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:142:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:207:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:261:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:261:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:265:23: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:269:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:275:25: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:276:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:286:28: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:287:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:297:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:297:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:301:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:306:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:339:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:349:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:349:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:379:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:379:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:388:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:402:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:404:33: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:413:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:423:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:434:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:435:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:446:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:447:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:458:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:601:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:608:49: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:614:44: danger: use of uninitialized value ‘ierror’ here
#  612|   					 * the configured token is not already internal */
#  613|   					internal_slot = PK11_GetInternalKeySlot();
#  614|-> 					if ((ierror == SECSuccess) && (sle->slot != internal_slot))
#  615|   					{
#  616|   						cm_log(3, "Imported to token, adding to internal\n");

Error: COMPILER_WARNING (CWE-457): [#def140]
certmonger-0.79.21/src/certsave-n.c:614:44: warning[-Wmaybe-uninitialized]: ‘ierror’ may be used uninitialized
#  614 |                                         if ((ierror == SECSuccess) && (sle->slot != internal_slot))
#      |                                            ^
certmonger-0.79.21/src/certsave-n.c:603:51: note: ‘ierror’ was declared here
#  603 |                                         SECStatus ierror;
#      |                                                   ^~~~~~
#  612|   					 * the configured token is not already internal */
#  613|   					internal_slot = PK11_GetInternalKeySlot();
#  614|-> 					if ((ierror == SECSuccess) && (sle->slot != internal_slot))
#  615|   					{
#  616|   						cm_log(3, "Imported to token, adding to internal\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def141]
certmonger-0.79.21/src/certsave-n.c:822:49: warning[-Wanalyzer-malloc-leak]: leak of ‘privkeys’
certmonger-0.79.21/src/certsave-n.c:103:1: enter_function: entry to ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:135:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:135:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:142:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:207:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:261:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:261:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:265:23: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:269:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:275:25: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:276:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:286:28: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:287:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:297:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:297:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:301:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:306:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:339:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:349:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:349:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:379:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:379:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:388:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:402:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:404:33: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:413:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:423:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:434:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:435:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:446:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:447:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:458:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:601:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:629:41: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:797:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:804:38: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:804:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:805:37: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:804:37: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:806:70: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:809:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:810:54: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:811:54: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:815:60: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:816:62: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:818:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:818:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:822:49: throw: if ‘SECKEY_DestroyPrivateKeyList’ throws an exception...
certmonger-0.79.21/src/certsave-n.c:822:49: danger: ‘privkeys’ leaks here; was allocated at [(62)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/61)
#  820|   							}
#  821|   						}
#  822|-> 						SECKEY_DestroyPrivateKeyList(privkeylist);
#  823|   					}
#  824|   				}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def142]
certmonger-0.79.21/src/certsave-n.c:831:59: warning[-Wanalyzer-malloc-leak]: leak of ‘privkeys’
certmonger-0.79.21/src/certsave-n.c:103:1: enter_function: entry to ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:135:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:135:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:142:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:207:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:261:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:261:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:265:23: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:269:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:275:25: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:276:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:286:28: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:287:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:297:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:297:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:301:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:306:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:339:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:349:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:349:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:379:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:379:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:388:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:402:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:404:33: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:413:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:423:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:434:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:435:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:446:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:447:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:458:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:601:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:629:41: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:797:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:804:38: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:804:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:805:37: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:804:37: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:806:70: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:809:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:810:54: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:811:54: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:815:60: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:816:62: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:818:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:818:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:825:36: branch_true: following ‘true’ branch (when ‘privkeys’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:825:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:829:53: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:831:59: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:831:59: throw: if ‘PK11_GetCertFromPrivateKey’ throws an exception...
certmonger-0.79.21/src/certsave-n.c:831:59: danger: ‘privkeys’ leaks here; was allocated at [(62)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/61)
#  829|   					for (i = 0; privkeys[i] != NULL; i++) {
#  830|   						privkey = privkeys[i];
#  831|-> 						oldcert = PK11_GetCertFromPrivateKey(privkey);
#  832|   						if (!entry->cm_key_preserve && (oldcert == NULL)) {
#  833|   							/* We're not preserving

Error: GCC_ANALYZER_WARNING (CWE-401): [#def143]
certmonger-0.79.21/src/certsave-n.c:837:57: warning[-Wanalyzer-malloc-leak]: leak of ‘privkeys’
certmonger-0.79.21/src/certsave-n.c:103:1: enter_function: entry to ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:135:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:135:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:142:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:207:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:261:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:261:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:265:23: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:269:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:275:25: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:276:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:286:28: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:287:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:297:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:297:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:301:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:306:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:339:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:349:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:349:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:379:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:379:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:388:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:402:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:404:33: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:413:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:423:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:434:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:435:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:446:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:447:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:458:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:601:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:629:41: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:797:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:804:38: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:804:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:805:37: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:804:37: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:806:70: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:809:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:810:54: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:811:54: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:815:60: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:816:62: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:818:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:818:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:825:36: branch_true: following ‘true’ branch (when ‘privkeys’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:825:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:829:53: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:831:59: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:832:52: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:837:57: throw: if ‘PK11_DeleteTokenPrivateKey’ throws an exception...
certmonger-0.79.21/src/certsave-n.c:837:57: danger: ‘privkeys’ leaks here; was allocated at [(62)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/61)
#  835|   							 * this one.  No need to mess
#  836|   							 * with its nickname first. */
#  837|-> 							PK11_DeleteTokenPrivateKey(privkey, PR_FALSE);
#  838|   							if (error == SECSuccess) {
#  839|   								cm_log(3, "Removed old key.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def144]
certmonger-0.79.21/src/certsave-n.c:841:70: warning[-Wanalyzer-malloc-leak]: leak of ‘privkeys’
certmonger-0.79.21/src/certsave-n.c:103:1: enter_function: entry to ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:135:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:135:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:142:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:207:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:261:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:261:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:265:23: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:269:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:275:25: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:276:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:286:28: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:287:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:297:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:297:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:301:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:306:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:339:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:349:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:349:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:379:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:379:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:388:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:402:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:404:33: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:413:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:423:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:434:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:435:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:446:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:447:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:458:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:601:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:629:41: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:797:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:804:38: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:804:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:805:37: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:804:37: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:806:70: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:809:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:810:54: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:811:54: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:815:60: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:816:62: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:818:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:818:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:825:36: branch_true: following ‘true’ branch (when ‘privkeys’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:825:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:829:53: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:831:59: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:832:52: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:838:60: branch_false: following ‘false’ branch (when ‘error != 0’)...
certmonger-0.79.21/src/certsave-n.c:841:70: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:841:70: throw: if ‘PORT_GetError’ throws an exception...
certmonger-0.79.21/src/certsave-n.c:841:70: danger: ‘privkeys’ leaks here; was allocated at [(62)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/61)
#  839|   								cm_log(3, "Removed old key.\n");
#  840|   							} else {
#  841|-> 								ec = PORT_GetError();
#  842|   								if (ec != 0) {
#  843|   									es = PR_ErrorToName(ec);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def145]
certmonger-0.79.21/src/certsave-n.c:843:78: warning[-Wanalyzer-malloc-leak]: leak of ‘privkeys’
certmonger-0.79.21/src/certsave-n.c:103:1: enter_function: entry to ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:135:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:135:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:142:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:207:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:261:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:261:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:265:23: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:269:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:275:25: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:276:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:286:28: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:287:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:297:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:297:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:301:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:306:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:339:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:349:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:349:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:379:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:379:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:388:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:402:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:404:33: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:413:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:423:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:434:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:435:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:446:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:447:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:458:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:601:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:629:41: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:797:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:804:38: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:804:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:805:37: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:804:37: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:806:70: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:809:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:810:54: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:811:54: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:815:60: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:816:62: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:818:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:818:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:825:36: branch_true: following ‘true’ branch (when ‘privkeys’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:825:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:829:53: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:831:59: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:832:52: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:838:60: branch_false: following ‘false’ branch (when ‘error != 0’)...
certmonger-0.79.21/src/certsave-n.c:841:70: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:842:68: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:843:78: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:843:78: throw: if ‘PR_ErrorToName’ throws an exception...
certmonger-0.79.21/src/certsave-n.c:843:78: danger: ‘privkeys’ leaks here; was allocated at [(62)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/61)
#  841|   								ec = PORT_GetError();
#  842|   								if (ec != 0) {
#  843|-> 									es = PR_ErrorToName(ec);
#  844|   								} else {
#  845|   									es = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def146]
certmonger-0.79.21/src/certsave-n.c:848:73: warning[-Wanalyzer-malloc-leak]: leak of ‘privkeys’
certmonger-0.79.21/src/certsave-n.c:103:1: enter_function: entry to ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:135:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:135:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:142:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:207:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:261:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:261:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:265:23: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:269:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:275:25: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:276:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:286:28: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:287:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:297:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:297:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:301:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:306:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:339:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:349:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:349:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:379:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:379:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:388:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:402:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:404:33: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:413:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:423:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:434:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:435:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:446:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:447:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:458:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:601:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:629:41: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:797:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:804:38: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:804:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:805:37: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:804:37: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:806:70: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:809:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:810:54: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:811:54: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:815:60: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:816:62: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:818:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:818:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:825:36: branch_true: following ‘true’ branch (when ‘privkeys’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:825:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:829:53: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:831:59: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:832:52: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:838:60: branch_false: following ‘false’ branch (when ‘error != 0’)...
certmonger-0.79.21/src/certsave-n.c:841:70: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:842:68: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:843:78: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:847:68: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:848:73: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:848:73: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certsave-n.c:848:73: danger: ‘privkeys’ leaks here; was allocated at [(62)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/61)
#  846|   								}
#  847|   								if (es != NULL) {
#  848|-> 									cm_log(0, "Failed "
#  849|   									       "to remove "
#  850|   									       "old key: "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def147]
certmonger-0.79.21/src/certsave-n.c:853:73: warning[-Wanalyzer-malloc-leak]: leak of ‘privkeys’
certmonger-0.79.21/src/certsave-n.c:103:1: enter_function: entry to ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:135:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:135:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:142:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:207:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:261:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:261:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:265:23: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:269:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:275:25: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:276:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:286:28: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:287:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:297:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:297:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:301:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:306:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:339:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:349:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:349:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:379:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:379:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:388:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:402:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:404:33: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:413:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:423:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:434:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:435:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:446:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:447:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:458:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:601:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:629:41: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:797:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:804:38: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:804:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:805:37: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:804:37: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:806:70: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:809:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:810:54: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:811:54: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:815:60: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:816:62: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:818:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:818:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:825:36: branch_true: following ‘true’ branch (when ‘privkeys’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:825:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:829:53: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:831:59: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:832:52: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:838:60: branch_false: following ‘false’ branch (when ‘error != 0’)...
certmonger-0.79.21/src/certsave-n.c:841:70: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:853:73: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certsave-n.c:853:73: danger: ‘privkeys’ leaks here; was allocated at [(62)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/61)
#  851|   									       "%s.\n", es);
#  852|   								} else {
#  853|-> 									cm_log(0, "Failed "
#  854|   									       "to remove "
#  855|   									       "old key.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def148]
certmonger-0.79.21/src/certsave-n.c:868:65: warning[-Wanalyzer-malloc-leak]: leak of ‘privkeys’
certmonger-0.79.21/src/certsave-n.c:103:1: enter_function: entry to ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:135:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:135:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:142:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:207:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:261:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:261:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:265:23: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:269:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:275:25: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:276:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:286:28: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:287:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:297:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:297:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:301:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:306:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:339:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:349:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:349:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:379:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:379:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:388:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:402:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:404:33: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:413:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:423:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:434:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:435:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:446:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:447:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:458:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:601:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:629:41: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:797:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:804:38: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:804:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:805:37: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:804:37: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:806:70: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:809:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:810:54: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:811:54: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:815:60: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:816:62: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:818:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:818:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:825:36: branch_true: following ‘true’ branch (when ‘privkeys’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:825:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:829:53: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:831:59: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:868:65: throw: if ‘PK11_SetPrivateKeyNickname’ throws an exception...
certmonger-0.79.21/src/certsave-n.c:868:65: danger: ‘privkeys’ leaks here; was allocated at [(62)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/61)
#  866|   							 * list the keys in the
#  867|   							 * database. */
#  868|-> 							error = PK11_SetPrivateKeyNickname(privkey, "");
#  869|   							if (error == SECSuccess) {
#  870|   								cm_log(3, "Removed "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def149]
certmonger-0.79.21/src/certsave-n.c:870:65: warning[-Wanalyzer-malloc-leak]: leak of ‘privkeys’
certmonger-0.79.21/src/certsave-n.c:103:1: enter_function: entry to ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:135:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:135:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:142:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:207:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:261:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:261:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:265:23: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:269:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:275:25: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:276:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:286:28: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:287:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:297:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:297:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:301:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:306:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:339:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:349:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:349:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:379:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:379:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:388:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:402:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:404:33: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:413:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:423:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:434:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:435:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:446:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:447:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:458:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:601:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:629:41: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:797:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:804:38: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:804:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:805:37: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:804:37: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:806:70: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:809:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:810:54: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:811:54: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:815:60: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:816:62: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:818:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:818:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:825:36: branch_true: following ‘true’ branch (when ‘privkeys’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:825:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:829:53: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:831:59: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:869:60: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:870:65: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:870:65: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certsave-n.c:870:65: danger: ‘privkeys’ leaks here; was allocated at [(62)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/61)
#  868|   							error = PK11_SetPrivateKeyNickname(privkey, "");
#  869|   							if (error == SECSuccess) {
#  870|-> 								cm_log(3, "Removed "
#  871|   								       "name from old "
#  872|   								       "key.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def150]
certmonger-0.79.21/src/certsave-n.c:874:70: warning[-Wanalyzer-malloc-leak]: leak of ‘privkeys’
certmonger-0.79.21/src/certsave-n.c:103:1: enter_function: entry to ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:135:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:135:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:142:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:207:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:261:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:261:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:265:23: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:269:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:275:25: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:276:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:286:28: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:287:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:297:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:297:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:301:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:306:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:339:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:349:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:349:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:379:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:379:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:388:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:402:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:404:33: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:413:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:423:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:434:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:435:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:446:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:447:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:458:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:601:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:629:41: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:797:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:804:38: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:804:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:805:37: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:804:37: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:806:70: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:809:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:810:54: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:811:54: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:815:60: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:816:62: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:818:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:818:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:825:36: branch_true: following ‘true’ branch (when ‘privkeys’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:825:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:829:53: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:831:59: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:869:60: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:874:70: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:874:70: throw: if ‘PORT_GetError’ throws an exception...
certmonger-0.79.21/src/certsave-n.c:874:70: danger: ‘privkeys’ leaks here; was allocated at [(62)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/61)
#  872|   								       "key.\n");
#  873|   							} else {
#  874|-> 								ec = PORT_GetError();
#  875|   								if (ec != 0) {
#  876|   									es = PR_ErrorToName(ec);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def151]
certmonger-0.79.21/src/certsave-n.c:876:78: warning[-Wanalyzer-malloc-leak]: leak of ‘privkeys’
certmonger-0.79.21/src/certsave-n.c:103:1: enter_function: entry to ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:135:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:135:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:142:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:207:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:261:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:261:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:265:23: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:269:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:275:25: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:276:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:286:28: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:287:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:297:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:297:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:301:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:306:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:339:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:349:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:349:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:379:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:379:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:388:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:402:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:404:33: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:413:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:423:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:434:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:435:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:446:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:447:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:458:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:601:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:629:41: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:797:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:804:38: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:804:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:805:37: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:804:37: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:806:70: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:809:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:810:54: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:811:54: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:815:60: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:816:62: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:818:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:818:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:825:36: branch_true: following ‘true’ branch (when ‘privkeys’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:825:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:829:53: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:831:59: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:869:60: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:874:70: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:875:68: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:876:78: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:876:78: throw: if ‘PR_ErrorToName’ throws an exception...
certmonger-0.79.21/src/certsave-n.c:876:78: danger: ‘privkeys’ leaks here; was allocated at [(62)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/61)
#  874|   								ec = PORT_GetError();
#  875|   								if (ec != 0) {
#  876|-> 									es = PR_ErrorToName(ec);
#  877|   								} else {
#  878|   									es = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def152]
certmonger-0.79.21/src/certsave-n.c:881:73: warning[-Wanalyzer-malloc-leak]: leak of ‘privkeys’
certmonger-0.79.21/src/certsave-n.c:103:1: enter_function: entry to ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:135:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:135:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:142:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:207:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:261:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:261:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:265:23: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:269:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:275:25: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:276:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:286:28: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:287:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:297:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:297:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:301:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:306:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:339:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:349:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:349:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:379:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:379:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:388:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:402:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:404:33: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:413:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:423:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:434:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:435:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:446:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:447:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:458:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:601:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:629:41: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:797:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:804:38: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:804:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:805:37: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:804:37: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:806:70: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:809:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:810:54: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:811:54: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:815:60: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:816:62: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:818:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:818:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:825:36: branch_true: following ‘true’ branch (when ‘privkeys’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:825:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:829:53: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:831:59: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:869:60: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:874:70: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:875:68: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:876:78: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:880:68: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:881:73: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:881:73: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certsave-n.c:881:73: danger: ‘privkeys’ leaks here; was allocated at [(62)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/61)
#  879|   								}
#  880|   								if (es != NULL) {
#  881|-> 									cm_log(0, "Failed "
#  882|   									       "to unname "
#  883|   									       "old key: "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def153]
certmonger-0.79.21/src/certsave-n.c:886:73: warning[-Wanalyzer-malloc-leak]: leak of ‘privkeys’
certmonger-0.79.21/src/certsave-n.c:103:1: enter_function: entry to ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:135:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:135:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:142:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:207:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:261:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:261:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:265:23: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:269:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:275:25: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:276:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:286:28: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:287:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:297:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:297:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:301:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:306:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:339:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:349:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:349:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:379:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:379:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:388:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:402:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:404:33: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:413:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:423:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:434:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:435:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:446:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:447:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:458:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:601:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:629:41: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:797:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:804:38: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:804:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:805:37: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:804:37: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:806:70: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:809:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:810:54: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:811:54: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:815:60: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:816:62: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:818:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:818:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:825:36: branch_true: following ‘true’ branch (when ‘privkeys’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:825:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:829:53: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:831:59: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:869:60: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:874:70: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:886:73: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certsave-n.c:886:73: danger: ‘privkeys’ leaks here; was allocated at [(62)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/61)
#  884|   									       "%s.\n", es);
#  885|   								} else {
#  886|-> 									cm_log(0, "Failed "
#  887|   									       "to unname "
#  888|   									       "old key.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def154]
certmonger-0.79.21/src/certsave-n.c:891:57: warning[-Wanalyzer-malloc-leak]: leak of ‘privkeys’
certmonger-0.79.21/src/certsave-n.c:103:1: enter_function: entry to ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:135:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:135:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:142:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:207:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:261:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:261:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:265:23: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:269:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:275:25: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:276:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:286:28: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:287:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:297:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:297:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:301:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:306:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:339:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:349:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:349:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:379:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:379:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:388:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:402:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:404:33: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:413:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:423:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:434:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:435:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:446:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:447:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:458:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:601:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:629:41: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:797:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:804:38: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:804:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:805:37: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:804:37: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:806:70: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:809:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:810:54: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:811:54: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:815:60: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:816:62: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:818:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:818:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:825:36: branch_true: following ‘true’ branch (when ‘privkeys’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:825:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:829:53: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:831:59: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:891:57: throw: if ‘SECKEY_DestroyPrivateKey’ throws an exception...
certmonger-0.79.21/src/certsave-n.c:891:57: danger: ‘privkeys’ leaks here; was allocated at [(62)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/61)
#  889|   								}
#  890|   							}
#  891|-> 							SECKEY_DestroyPrivateKey(privkey);
#  892|   						}
#  893|   						if (oldcert != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def155]
certmonger-0.79.21/src/certsave-n.c:894:57: warning[-Wanalyzer-malloc-leak]: leak of ‘privkeys’
certmonger-0.79.21/src/certsave-n.c:103:1: enter_function: entry to ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:135:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:135:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:142:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:207:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:261:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:261:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:265:23: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:269:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:275:25: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:276:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:286:28: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:287:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:297:21: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:297:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:301:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:306:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:339:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:349:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:349:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:379:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:379:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:388:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:402:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:404:33: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:406:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:413:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:423:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:434:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:435:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:446:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:447:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:458:33: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:601:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:629:41: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:797:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-n.c:804:38: branch_false: ...to here
certmonger-0.79.21/src/certsave-n.c:804:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:805:37: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:804:37: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:806:70: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:809:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:810:54: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:811:54: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:815:60: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:816:62: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:818:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:818:76: call_function: inlined call to ‘add_privkey_to_list’ from ‘cm_certsave_n_main’
certmonger-0.79.21/src/certsave-n.c:825:36: branch_true: following ‘true’ branch (when ‘privkeys’ is non-NULL)...
certmonger-0.79.21/src/certsave-n.c:825:36: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:829:53: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:831:59: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:893:52: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-n.c:894:57: branch_true: ...to here
certmonger-0.79.21/src/certsave-n.c:894:57: throw: if ‘CERT_DestroyCertificate’ throws an exception...
certmonger-0.79.21/src/certsave-n.c:894:57: danger: ‘privkeys’ leaks here; was allocated at [(62)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/61)
#  892|   						}
#  893|   						if (oldcert != NULL) {
#  894|-> 							CERT_DestroyCertificate(oldcert);
#  895|   						}
#  896|   					}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def156]
certmonger-0.79.21/src/certsave-o.c:81:12: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(filename, "r")’
certmonger-0.79.21/src/certsave-o.c:63:14: acquire_resource: opened here
certmonger-0.79.21/src/certsave-o.c:64:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:81:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:81:12: danger: ‘fopen(filename, "r")’ leaks here; was opened at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#   79|   		}
#   80|   	}
#   81|-> 	if (fstat(fileno(fp), &st) == -1) {
#   82|   		cm_log(1, "Error opening %s \"%s\" "
#   83|   		       "for reading: %s.\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def157]
certmonger-0.79.21/src/certsave-o.c:81:12: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "r")’
certmonger-0.79.21/src/certsave-o.c:63:14: acquire_memory: allocated here
certmonger-0.79.21/src/certsave-o.c:64:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:81:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:81:12: danger: ‘fopen(filename, "r")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#   79|   		}
#   80|   	}
#   81|-> 	if (fstat(fileno(fp), &st) == -1) {
#   82|   		cm_log(1, "Error opening %s \"%s\" "
#   83|   		       "for reading: %s.\n",

Error: GCC_ANALYZER_WARNING (CWE-775): [#def158]
certmonger-0.79.21/src/certsave-o.c:95:26: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(filename, "r")’
certmonger-0.79.21/src/certsave-o.c:63:14: acquire_resource: opened here
certmonger-0.79.21/src/certsave-o.c:64:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:81:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:81:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:95:26: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:95:26: danger: ‘fopen(filename, "r")’ leaks here; was opened at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
#   93|   		}
#   94|   	}
#   95|-> 	content = malloc(st.st_size + 1);
#   96|   	if (content == NULL) {
#   97|   		cm_log(1, "Error allocating memory for %s \"%s\".\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def159]
certmonger-0.79.21/src/certsave-o.c:95:26: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "r")’
certmonger-0.79.21/src/certsave-o.c:63:14: acquire_memory: allocated here
certmonger-0.79.21/src/certsave-o.c:64:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:81:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:81:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:95:26: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:95:26: danger: ‘fopen(filename, "r")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
#   93|   		}
#   94|   	}
#   95|-> 	content = malloc(st.st_size + 1);
#   96|   	if (content == NULL) {
#   97|   		cm_log(1, "Error allocating memory for %s \"%s\".\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def160]
certmonger-0.79.21/src/certsave-o.c:105:25: warning[-Wanalyzer-malloc-leak]: leak of ‘content’
certmonger-0.79.21/src/certsave-o.c:64:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:81:13: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:81:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:95:26: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:95:19: acquire_memory: allocated here
certmonger-0.79.21/src/certsave-o.c:96:12: branch_false: following ‘false’ branch (when ‘content’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:96:12: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:102:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:103:43: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:105:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certsave-o.c:105:25: danger: ‘content’ leaks here; was allocated at [(5)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/4)
#  103|   		i = fread(content + n, 1, st.st_size - n, fp);
#  104|   		if (i <= 0) {
#  105|-> 			cm_log(1, "Error reading %s \"%s\": %s.\n",
#  106|   			       what, filename, strerror(errno));
#  107|   			_exit(CM_CERTSAVE_STATUS_INTERNAL_ERROR);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def161]
certmonger-0.79.21/src/certsave-o.c:131:17: warning[-Wanalyzer-malloc-leak]: leak of ‘old_key’
certmonger-0.79.21/src/certsave-o.c:164:1: enter_function: entry to ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:178:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:184:9: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:208:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:210:27: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:210:27: call_function: calling ‘read_file_contents’ from ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:210:27: return_function: returning to ‘cm_certsave_o_main’ from ‘read_file_contents’
certmonger-0.79.21/src/certsave-o.c:215:12: branch_true: following ‘true’ branch (when ‘old_key’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:216:23: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:218:12: branch_true: following ‘true’ branch (when ‘bio’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:219:21: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:219:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:223:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:229:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:234:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:282:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:283:24: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:284:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:287:28: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:287:28: branch_true: following ‘true’ branch (when ‘old_pkey’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:288:53: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:307:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:308:37: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:308:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:325:46: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:325:45: branch_false: following ‘false’ branch (when ‘next_key’ is NULL)...
certmonger-0.79.21/src/certsave-o.c:362:44: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:362:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:368:49: call_function: calling ‘write_file_contents’ from ‘cm_certsave_o_main’
#  129|   	fp = fopen(filename, "w");
#  130|   	if (fp == NULL) {
#  131|-> 		cm_log(1, "Error opening %s \"%s\" "
#  132|   		       "for writing: %s.\n",
#  133|   		       what, filename, strerror(errno));

Error: GCC_ANALYZER_WARNING (CWE-775): [#def162]
certmonger-0.79.21/src/certsave-o.c:145:17: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(filename, "w")’
certmonger-0.79.21/src/certsave-o.c:129:14: acquire_resource: opened here
certmonger-0.79.21/src/certsave-o.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:144:12: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:144:12: branch_true: following ‘true’ branch (when ‘is_key != 0’)...
certmonger-0.79.21/src/certsave-o.c:145:17: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:145:17: throw: if ‘util_set_fd_entry_key_owner’ throws an exception...
certmonger-0.79.21/src/certsave-o.c:145:17: danger: ‘fopen(filename, "w")’ leaks here; was opened at [(1)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/0)
#  143|   	}
#  144|   	if (is_key) {
#  145|-> 		util_set_fd_entry_key_owner(fileno(fp), filename, entry);
#  146|   	} else {
#  147|   		util_set_fd_entry_cert_owner(fileno(fp), filename, entry);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def163]
certmonger-0.79.21/src/certsave-o.c:145:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "w")’
certmonger-0.79.21/src/certsave-o.c:129:14: acquire_memory: allocated here
certmonger-0.79.21/src/certsave-o.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:144:12: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:144:12: branch_true: following ‘true’ branch (when ‘is_key != 0’)...
certmonger-0.79.21/src/certsave-o.c:145:17: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:145:17: throw: if ‘util_set_fd_entry_key_owner’ throws an exception...
certmonger-0.79.21/src/certsave-o.c:145:17: danger: ‘fopen(filename, "w")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/0)
#  143|   	}
#  144|   	if (is_key) {
#  145|-> 		util_set_fd_entry_key_owner(fileno(fp), filename, entry);
#  146|   	} else {
#  147|   		util_set_fd_entry_cert_owner(fileno(fp), filename, entry);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def164]
certmonger-0.79.21/src/certsave-o.c:145:17: warning[-Wanalyzer-malloc-leak]: leak of ‘old_key’
certmonger-0.79.21/src/certsave-o.c:164:1: enter_function: entry to ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:178:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:184:9: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:208:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:210:27: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:210:27: call_function: calling ‘read_file_contents’ from ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:210:27: return_function: returning to ‘cm_certsave_o_main’ from ‘read_file_contents’
certmonger-0.79.21/src/certsave-o.c:215:12: branch_true: following ‘true’ branch (when ‘old_key’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:216:23: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:218:12: branch_true: following ‘true’ branch (when ‘bio’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:219:21: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:219:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:223:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:229:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:234:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:282:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:283:24: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:284:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:287:28: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:287:28: branch_true: following ‘true’ branch (when ‘old_pkey’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:288:53: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:307:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:308:37: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:308:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:325:46: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:325:45: branch_false: following ‘false’ branch (when ‘next_key’ is NULL)...
certmonger-0.79.21/src/certsave-o.c:362:44: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:362:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:368:49: call_function: calling ‘write_file_contents’ from ‘cm_certsave_o_main’
#  143|   	}
#  144|   	if (is_key) {
#  145|-> 		util_set_fd_entry_key_owner(fileno(fp), filename, entry);
#  146|   	} else {
#  147|   		util_set_fd_entry_cert_owner(fileno(fp), filename, entry);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def165]
certmonger-0.79.21/src/certsave-o.c:147:17: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(filename, "w")’
certmonger-0.79.21/src/certsave-o.c:129:14: acquire_resource: opened here
certmonger-0.79.21/src/certsave-o.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:144:12: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:144:12: branch_false: following ‘false’ branch (when ‘is_key == 0’)...
certmonger-0.79.21/src/certsave-o.c:147:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:147:17: throw: if ‘util_set_fd_entry_cert_owner’ throws an exception...
certmonger-0.79.21/src/certsave-o.c:147:17: danger: ‘fopen(filename, "w")’ leaks here; was opened at [(1)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/0)
#  145|   		util_set_fd_entry_key_owner(fileno(fp), filename, entry);
#  146|   	} else {
#  147|-> 		util_set_fd_entry_cert_owner(fileno(fp), filename, entry);
#  148|   	}
#  149|   	n = 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def166]
certmonger-0.79.21/src/certsave-o.c:147:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "w")’
certmonger-0.79.21/src/certsave-o.c:129:14: acquire_memory: allocated here
certmonger-0.79.21/src/certsave-o.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:144:12: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:144:12: branch_false: following ‘false’ branch (when ‘is_key == 0’)...
certmonger-0.79.21/src/certsave-o.c:147:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:147:17: throw: if ‘util_set_fd_entry_cert_owner’ throws an exception...
certmonger-0.79.21/src/certsave-o.c:147:17: danger: ‘fopen(filename, "w")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/0)
#  145|   		util_set_fd_entry_key_owner(fileno(fp), filename, entry);
#  146|   	} else {
#  147|-> 		util_set_fd_entry_cert_owner(fileno(fp), filename, entry);
#  148|   	}
#  149|   	n = 0;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def167]
certmonger-0.79.21/src/certsave-o.c:152:45: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(filename, "w")’
certmonger-0.79.21/src/certsave-o.c:129:14: acquire_resource: opened here
certmonger-0.79.21/src/certsave-o.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:144:12: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:151:16: branch_true: following ‘true’ branch (when ‘n < len’)...
certmonger-0.79.21/src/certsave-o.c:152:45: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:152:45: danger: ‘fopen(filename, "w")’ leaks here; was opened at [(1)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/0)
#  150|   	len = strlen(contents);
#  151|   	while (n < len) {
#  152|-> 		i = fwrite(contents + n, 1, len - n, fp);
#  153|   		if (i <= 0) {
#  154|   			cm_log(1, "Error writing %s \"%s\": %s.\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def168]
certmonger-0.79.21/src/certsave-o.c:152:45: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "w")’
certmonger-0.79.21/src/certsave-o.c:129:14: acquire_memory: allocated here
certmonger-0.79.21/src/certsave-o.c:130:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:144:12: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:151:16: branch_true: following ‘true’ branch (when ‘n < len’)...
certmonger-0.79.21/src/certsave-o.c:152:45: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:152:45: danger: ‘fopen(filename, "w")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/0)
#  150|   	len = strlen(contents);
#  151|   	while (n < len) {
#  152|-> 		i = fwrite(contents + n, 1, len - n, fp);
#  153|   		if (i <= 0) {
#  154|   			cm_log(1, "Error writing %s \"%s\": %s.\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def169]
certmonger-0.79.21/src/certsave-o.c:154:25: warning[-Wanalyzer-malloc-leak]: leak of ‘old_key’
certmonger-0.79.21/src/certsave-o.c:164:1: enter_function: entry to ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:178:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:184:9: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:208:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:210:27: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:210:27: call_function: calling ‘read_file_contents’ from ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:210:27: return_function: returning to ‘cm_certsave_o_main’ from ‘read_file_contents’
certmonger-0.79.21/src/certsave-o.c:215:12: branch_true: following ‘true’ branch (when ‘old_key’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:216:23: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:218:12: branch_true: following ‘true’ branch (when ‘bio’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:219:21: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:219:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:223:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:229:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:234:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:282:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:283:24: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:284:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:287:28: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:287:28: branch_true: following ‘true’ branch (when ‘old_pkey’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:288:53: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:307:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:308:37: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:308:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:325:46: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:325:45: branch_false: following ‘false’ branch (when ‘next_key’ is NULL)...
certmonger-0.79.21/src/certsave-o.c:362:44: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:362:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:368:49: call_function: calling ‘write_file_contents’ from ‘cm_certsave_o_main’
#  152|   		i = fwrite(contents + n, 1, len - n, fp);
#  153|   		if (i <= 0) {
#  154|-> 			cm_log(1, "Error writing %s \"%s\": %s.\n",
#  155|   			       what, filename, strerror(errno));
#  156|   			_exit(CM_CERTSAVE_STATUS_INTERNAL_ERROR);

Error: COMPILER_WARNING (CWE-563): [#def170]
certmonger-0.79.21/src/certsave-o.c:164:24: warning[-Wunused-parameter]: unused parameter ‘fd’
#  164 | cm_certsave_o_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#      |                    ~~~~^~
#  162|   
#  163|   static int
#  164|-> cm_certsave_o_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#  165|   		   void *userdata)
#  166|   {

Error: COMPILER_WARNING (CWE-563): [#def171]
certmonger-0.79.21/src/certsave-o.c:164:48: warning[-Wunused-parameter]: unused parameter ‘ca’
#  164 | cm_certsave_o_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#      |                            ~~~~~~~~~~~~~~~~~~~~^~
#  162|   
#  163|   static int
#  164|-> cm_certsave_o_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#  165|   		   void *userdata)
#  166|   {

Error: COMPILER_WARNING (CWE-563): [#def172]
certmonger-0.79.21/src/certsave-o.c:165:26: warning[-Wunused-parameter]: unused parameter ‘userdata’
#  165 |                    void *userdata)
#      |                    ~~~~~~^~~~~~~~
#  163|   static int
#  164|   cm_certsave_o_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#  165|-> 		   void *userdata)
#  166|   {
#  167|   	int status = -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def173]
certmonger-0.79.21/src/certsave-o.c:216:23: warning[-Wanalyzer-malloc-leak]: leak of ‘old_key’
certmonger-0.79.21/src/certsave-o.c:164:1: enter_function: entry to ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:178:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:184:9: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:208:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:210:27: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:210:27: call_function: calling ‘read_file_contents’ from ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:210:27: return_function: returning to ‘cm_certsave_o_main’ from ‘read_file_contents’
certmonger-0.79.21/src/certsave-o.c:215:12: branch_true: following ‘true’ branch (when ‘old_key’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:216:23: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:216:23: throw: if ‘BIO_new_mem_buf’ throws an exception...
certmonger-0.79.21/src/certsave-o.c:216:23: danger: ‘old_key’ leaks here; was allocated at [(12)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/11)
#  214|   	/* Decrypt the old key. */
#  215|   	if (old_key != NULL) {
#  216|-> 		bio = BIO_new_mem_buf(old_key, -1);
#  217|   	}
#  218|   	if (bio != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def174]
certmonger-0.79.21/src/certsave-o.c:219:21: warning[-Wanalyzer-malloc-leak]: leak of ‘old_key’
certmonger-0.79.21/src/certsave-o.c:164:1: enter_function: entry to ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:178:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:184:9: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:208:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:210:27: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:210:27: call_function: calling ‘read_file_contents’ from ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:210:27: return_function: returning to ‘cm_certsave_o_main’ from ‘read_file_contents’
certmonger-0.79.21/src/certsave-o.c:215:12: branch_true: following ‘true’ branch (when ‘old_key’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:216:23: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:218:12: branch_true: following ‘true’ branch (when ‘bio’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:219:21: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:219:21: throw: if ‘cm_pin_read_for_key’ throws an exception...
certmonger-0.79.21/src/certsave-o.c:219:21: danger: ‘old_key’ leaks here; was allocated at [(12)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/11)
#  217|   	}
#  218|   	if (bio != NULL) {
#  219|-> 		if (cm_pin_read_for_key(entry, &pin) != 0) {
#  220|   			cm_log(1, "Error reading key encryption PIN.\n");
#  221|   			_exit(CM_CERTSAVE_STATUS_AUTH);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def175]
certmonger-0.79.21/src/certsave-o.c:220:25: warning[-Wanalyzer-malloc-leak]: leak of ‘old_key’
certmonger-0.79.21/src/certsave-o.c:164:1: enter_function: entry to ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:178:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:184:9: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:208:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:210:27: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:210:27: call_function: calling ‘read_file_contents’ from ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:210:27: return_function: returning to ‘cm_certsave_o_main’ from ‘read_file_contents’
certmonger-0.79.21/src/certsave-o.c:215:12: branch_true: following ‘true’ branch (when ‘old_key’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:216:23: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:218:12: branch_true: following ‘true’ branch (when ‘bio’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:219:21: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:219:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:220:25: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:220:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certsave-o.c:220:25: danger: ‘old_key’ leaks here; was allocated at [(12)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/11)
#  218|   	if (bio != NULL) {
#  219|   		if (cm_pin_read_for_key(entry, &pin) != 0) {
#  220|-> 			cm_log(1, "Error reading key encryption PIN.\n");
#  221|   			_exit(CM_CERTSAVE_STATUS_AUTH);
#  222|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def176]
certmonger-0.79.21/src/certsave-o.c:226:28: warning[-Wanalyzer-malloc-leak]: leak of ‘old_key’
certmonger-0.79.21/src/certsave-o.c:164:1: enter_function: entry to ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:178:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:184:9: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:208:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:210:27: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:210:27: call_function: calling ‘read_file_contents’ from ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:210:27: return_function: returning to ‘cm_certsave_o_main’ from ‘read_file_contents’
certmonger-0.79.21/src/certsave-o.c:215:12: branch_true: following ‘true’ branch (when ‘old_key’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:216:23: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:218:12: branch_true: following ‘true’ branch (when ‘bio’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:219:21: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:219:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:223:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:226:28: throw: if ‘PEM_read_bio_PrivateKey’ throws an exception...
certmonger-0.79.21/src/certsave-o.c:226:28: danger: ‘old_key’ leaks here; was allocated at [(12)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/11)
#  224|   		cb_data.entry = entry;
#  225|   		cb_data.n_attempts = 0;
#  226|-> 		old_pkey = PEM_read_bio_PrivateKey(bio, NULL,
#  227|   						   cm_pin_read_for_key_ossl_cb,
#  228|   						   &cb_data);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def177]
certmonger-0.79.21/src/certsave-o.c:230:25: warning[-Wanalyzer-malloc-leak]: leak of ‘old_key’
certmonger-0.79.21/src/certsave-o.c:164:1: enter_function: entry to ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:178:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:184:9: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:208:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:210:27: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:210:27: call_function: calling ‘read_file_contents’ from ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:210:27: return_function: returning to ‘cm_certsave_o_main’ from ‘read_file_contents’
certmonger-0.79.21/src/certsave-o.c:215:12: branch_true: following ‘true’ branch (when ‘old_key’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:216:23: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:218:12: branch_true: following ‘true’ branch (when ‘bio’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:219:21: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:219:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:223:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:229:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:230:25: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:230:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certsave-o.c:230:25: danger: ‘old_key’ leaks here; was allocated at [(12)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/11)
#  228|   						   &cb_data);
#  229|   		if (old_pkey == NULL) {
#  230|-> 			cm_log(1, "Internal error reading key from \"%s\".\n",
#  231|   			       entry->cm_key_storage_location);
#  232|   			_exit(CM_CERTSAVE_STATUS_AUTH); /* XXX */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def178]
certmonger-0.79.21/src/certsave-o.c:237:33: warning[-Wanalyzer-malloc-leak]: leak of ‘old_key’
certmonger-0.79.21/src/certsave-o.c:164:1: enter_function: entry to ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:178:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:184:9: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:208:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:210:27: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:210:27: call_function: calling ‘read_file_contents’ from ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:210:27: return_function: returning to ‘cm_certsave_o_main’ from ‘read_file_contents’
certmonger-0.79.21/src/certsave-o.c:215:12: branch_true: following ‘true’ branch (when ‘old_key’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:216:23: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:218:12: branch_true: following ‘true’ branch (when ‘bio’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:219:21: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:219:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:223:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:229:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:234:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:234:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:235:29: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:234:29: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:236:30: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:234:29: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:237:33: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:237:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certsave-o.c:237:33: danger: ‘old_key’ leaks here; was allocated at [(12)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/11)
#  235|   			    (strlen(pin) > 0) &&
#  236|   			    (cb_data.n_attempts == 0)) {
#  237|-> 				cm_log(1, "PIN was not needed to read private "
#  238|   				       "key '%s', though one was provided. "
#  239|   				       "Treating this as an error.\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def179]
certmonger-0.79.21/src/certsave-o.c:281:15: warning[-Wanalyzer-malloc-leak]: leak of ‘old_key’
certmonger-0.79.21/src/certsave-o.c:164:1: enter_function: entry to ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:178:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:184:9: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:208:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:210:27: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:210:27: call_function: calling ‘read_file_contents’ from ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:210:27: return_function: returning to ‘cm_certsave_o_main’ from ‘read_file_contents’
certmonger-0.79.21/src/certsave-o.c:215:12: branch_true: following ‘true’ branch (when ‘old_key’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:216:23: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:218:12: branch_true: following ‘true’ branch (when ‘bio’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:219:21: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:219:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:223:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:229:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:234:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:281:15: throw: if ‘BIO_new_mem_buf’ throws an exception...
certmonger-0.79.21/src/certsave-o.c:281:15: danger: ‘old_key’ leaks here; was allocated at [(12)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/11)
#  279|   
#  280|   	/* Save the certificate itself. */
#  281|-> 	bio = BIO_new_mem_buf(entry->cm_cert, -1);
#  282|   	if (bio != NULL) {
#  283|   		cert = PEM_read_bio_X509(bio, NULL, NULL, NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def180]
certmonger-0.79.21/src/certsave-o.c:283:24: warning[-Wanalyzer-malloc-leak]: leak of ‘old_key’
certmonger-0.79.21/src/certsave-o.c:164:1: enter_function: entry to ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:178:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:184:9: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:208:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:210:27: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:210:27: call_function: calling ‘read_file_contents’ from ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:210:27: return_function: returning to ‘cm_certsave_o_main’ from ‘read_file_contents’
certmonger-0.79.21/src/certsave-o.c:215:12: branch_true: following ‘true’ branch (when ‘old_key’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:216:23: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:218:12: branch_true: following ‘true’ branch (when ‘bio’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:219:21: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:219:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:223:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:229:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:234:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:282:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:283:24: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:283:24: throw: if ‘PEM_read_bio_X509’ throws an exception...
certmonger-0.79.21/src/certsave-o.c:283:24: danger: ‘old_key’ leaks here; was allocated at [(12)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/11)
#  281|   	bio = BIO_new_mem_buf(entry->cm_cert, -1);
#  282|   	if (bio != NULL) {
#  283|-> 		cert = PEM_read_bio_X509(bio, NULL, NULL, NULL);
#  284|   		if (cert != NULL) {
#  285|   			/* Double-check that we're not trying to rotate in a

Error: COMPILER_WARNING (CWE-477): [#def181]
certmonger-0.79.21/src/certsave-o.c: scope_hint: In function ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:288:29: warning[-Wdeprecated-declarations]: ‘EVP_PKEY_cmp’ is deprecated: Since OpenSSL 3.0
#  288 |                             (EVP_PKEY_cmp(old_pkey, X509_get_pubkey(cert)) == 1)) {
#      |                             ^
/usr/include/openssl/pem.h:22: included_from: Included from here.
certmonger-0.79.21/src/certsave-o.c:35: included_from: Included from here.
/usr/include/openssl/evp.h:1488:5: note: declared here
# 1488 | int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b);
#      |     ^~~~~~~~~~~~
#  286|   			 * key that we won't actually be using. */
#  287|   			if ((old_pkey != NULL) &&
#  288|-> 			    (EVP_PKEY_cmp(old_pkey, X509_get_pubkey(cert)) == 1)) {
#  289|   				entry->cm_key_next_marker = NULL;
#  290|   				if (next_key != NULL) {

Error: COMPILER_WARNING (CWE-477): [#def182]
certmonger-0.79.21/src/certsave-o.c:288:29: warning[-Wdeprecated-declarations]: ‘EVP_PKEY_cmp’ is deprecated: Since OpenSSL 3.0
#  286|   			 * key that we won't actually be using. */
#  287|   			if ((old_pkey != NULL) &&
#  288|-> 			    (EVP_PKEY_cmp(old_pkey, X509_get_pubkey(cert)) == 1)) {
#  289|   				entry->cm_key_next_marker = NULL;
#  290|   				if (next_key != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def183]
certmonger-0.79.21/src/certsave-o.c:288:30: warning[-Wanalyzer-malloc-leak]: leak of ‘old_key’
certmonger-0.79.21/src/certsave-o.c:164:1: enter_function: entry to ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:178:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:184:9: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:208:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:210:27: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:210:27: call_function: calling ‘read_file_contents’ from ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:210:27: return_function: returning to ‘cm_certsave_o_main’ from ‘read_file_contents’
certmonger-0.79.21/src/certsave-o.c:215:12: branch_true: following ‘true’ branch (when ‘old_key’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:216:23: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:218:12: branch_true: following ‘true’ branch (when ‘bio’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:219:21: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:219:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:223:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:229:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:234:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:282:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:283:24: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:284:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:287:28: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:287:28: branch_true: following ‘true’ branch (when ‘old_pkey’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:288:53: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:288:30: throw: if ‘EVP_PKEY_cmp’ throws an exception...
certmonger-0.79.21/src/certsave-o.c:288:30: danger: ‘old_key’ leaks here; was allocated at [(12)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/11)
#  286|   			 * key that we won't actually be using. */
#  287|   			if ((old_pkey != NULL) &&
#  288|-> 			    (EVP_PKEY_cmp(old_pkey, X509_get_pubkey(cert)) == 1)) {
#  289|   				entry->cm_key_next_marker = NULL;
#  290|   				if (next_key != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def184]
certmonger-0.79.21/src/certsave-o.c:288:53: warning[-Wanalyzer-malloc-leak]: leak of ‘old_key’
certmonger-0.79.21/src/certsave-o.c:164:1: enter_function: entry to ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:178:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:184:9: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:208:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:210:27: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:210:27: call_function: calling ‘read_file_contents’ from ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:210:27: return_function: returning to ‘cm_certsave_o_main’ from ‘read_file_contents’
certmonger-0.79.21/src/certsave-o.c:215:12: branch_true: following ‘true’ branch (when ‘old_key’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:216:23: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:218:12: branch_true: following ‘true’ branch (when ‘bio’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:219:21: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:219:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:223:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:229:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:234:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:282:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:283:24: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:284:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:287:28: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:287:28: branch_true: following ‘true’ branch (when ‘old_pkey’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:288:53: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:288:53: throw: if ‘X509_get_pubkey’ throws an exception...
certmonger-0.79.21/src/certsave-o.c:288:53: danger: ‘old_key’ leaks here; was allocated at [(12)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/11)
#  286|   			 * key that we won't actually be using. */
#  287|   			if ((old_pkey != NULL) &&
#  288|-> 			    (EVP_PKEY_cmp(old_pkey, X509_get_pubkey(cert)) == 1)) {
#  289|   				entry->cm_key_next_marker = NULL;
#  290|   				if (next_key != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def185]
certmonger-0.79.21/src/certsave-o.c:308:37: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(*entry.cm_cert_storage_location, "w")’
certmonger-0.79.21/src/certsave-o.c:164:1: enter_function: entry to ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:178:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:184:9: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:208:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:210:27: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:210:27: call_function: calling ‘read_file_contents’ from ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:210:27: return_function: returning to ‘cm_certsave_o_main’ from ‘read_file_contents’
certmonger-0.79.21/src/certsave-o.c:215:12: branch_true: following ‘true’ branch (when ‘old_key’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:216:23: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:218:12: branch_true: following ‘true’ branch (when ‘bio’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:219:21: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:219:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:223:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:229:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:234:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:282:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:283:24: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:284:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:287:28: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:287:28: branch_true: following ‘true’ branch (when ‘old_pkey’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:288:53: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:287:29: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:306:37: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:306:31: acquire_resource: opened here
certmonger-0.79.21/src/certsave-o.c:307:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:308:37: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:308:37: throw: if ‘PEM_write_X509’ throws an exception...
certmonger-0.79.21/src/certsave-o.c:308:37: danger: ‘fopen(*entry.cm_cert_storage_location, "w")’ leaks here; was opened at [(33)](sarif:/runs/0/results/27/codeFlows/0/threadFlows/0/locations/32)
#  306|   			pem = fopen(entry->cm_cert_storage_location, "w");
#  307|   			if (pem != NULL) {
#  308|-> 				if (PEM_write_X509(pem, cert) == 0) {
#  309|   					switch (errno) {
#  310|   					case EACCES:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def186]
certmonger-0.79.21/src/certsave-o.c:308:37: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(*entry.cm_cert_storage_location, "w")’
certmonger-0.79.21/src/certsave-o.c:164:1: enter_function: entry to ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:178:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:184:9: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:208:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:210:27: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:210:27: call_function: calling ‘read_file_contents’ from ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:210:27: return_function: returning to ‘cm_certsave_o_main’ from ‘read_file_contents’
certmonger-0.79.21/src/certsave-o.c:215:12: branch_true: following ‘true’ branch (when ‘old_key’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:216:23: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:218:12: branch_true: following ‘true’ branch (when ‘bio’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:219:21: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:219:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:223:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:229:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:234:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:282:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:283:24: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:284:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:287:28: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:287:28: branch_true: following ‘true’ branch (when ‘old_pkey’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:288:53: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:287:29: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:306:37: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:306:31: acquire_memory: allocated here
certmonger-0.79.21/src/certsave-o.c:307:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:308:37: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:308:37: throw: if ‘PEM_write_X509’ throws an exception...
certmonger-0.79.21/src/certsave-o.c:308:37: danger: ‘fopen(*entry.cm_cert_storage_location, "w")’ leaks here; was allocated at [(33)](sarif:/runs/0/results/29/codeFlows/0/threadFlows/0/locations/32)
#  306|   			pem = fopen(entry->cm_cert_storage_location, "w");
#  307|   			if (pem != NULL) {
#  308|-> 				if (PEM_write_X509(pem, cert) == 0) {
#  309|   					switch (errno) {
#  310|   					case EACCES:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def187]
certmonger-0.79.21/src/certsave-o.c:308:37: warning[-Wanalyzer-malloc-leak]: leak of ‘old_key’
certmonger-0.79.21/src/certsave-o.c:164:1: enter_function: entry to ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:178:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:184:9: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:208:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:210:27: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:210:27: call_function: calling ‘read_file_contents’ from ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:210:27: return_function: returning to ‘cm_certsave_o_main’ from ‘read_file_contents’
certmonger-0.79.21/src/certsave-o.c:215:12: branch_true: following ‘true’ branch (when ‘old_key’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:216:23: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:218:12: branch_true: following ‘true’ branch (when ‘bio’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:219:21: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:219:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:223:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:229:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:234:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:282:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:283:24: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:284:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:287:28: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:287:28: branch_true: following ‘true’ branch (when ‘old_pkey’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:288:53: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:287:29: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:306:37: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:307:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:308:37: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:308:37: throw: if ‘PEM_write_X509’ throws an exception...
certmonger-0.79.21/src/certsave-o.c:308:37: danger: ‘old_key’ leaks here; was allocated at [(12)](sarif:/runs/0/results/28/codeFlows/0/threadFlows/0/locations/11)
#  306|   			pem = fopen(entry->cm_cert_storage_location, "w");
#  307|   			if (pem != NULL) {
#  308|-> 				if (PEM_write_X509(pem, cert) == 0) {
#  309|   					switch (errno) {
#  310|   					case EACCES:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def188]
certmonger-0.79.21/src/certsave-o.c:318:41: warning[-Wanalyzer-malloc-leak]: leak of ‘old_key’
certmonger-0.79.21/src/certsave-o.c:164:1: enter_function: entry to ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:178:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:184:9: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:208:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:210:27: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:210:27: call_function: calling ‘read_file_contents’ from ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:210:27: return_function: returning to ‘cm_certsave_o_main’ from ‘read_file_contents’
certmonger-0.79.21/src/certsave-o.c:215:12: branch_true: following ‘true’ branch (when ‘old_key’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:216:23: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:218:12: branch_true: following ‘true’ branch (when ‘bio’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:219:21: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:219:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:223:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:229:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:234:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:282:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:283:24: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:284:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:287:28: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:287:28: branch_true: following ‘true’ branch (when ‘old_pkey’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:288:53: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:307:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:308:37: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:308:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:309:49: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:318:41: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certsave-o.c:318:41: danger: ‘old_key’ leaks here; was allocated at [(12)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/11)
#  316|   						break;
#  317|   					}
#  318|-> 					cm_log(1, "Error saving certificate "
#  319|   					       "to '%s': %s.\n",
#  320|   					       entry->cm_cert_storage_location,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def189]
certmonger-0.79.21/src/certsave-o.c:378:33: warning[-Wanalyzer-malloc-leak]: leak of ‘old_key’
certmonger-0.79.21/src/certsave-o.c:164:1: enter_function: entry to ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:178:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:184:9: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:208:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:210:27: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:210:27: call_function: calling ‘read_file_contents’ from ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:210:27: return_function: returning to ‘cm_certsave_o_main’ from ‘read_file_contents’
certmonger-0.79.21/src/certsave-o.c:215:12: branch_true: following ‘true’ branch (when ‘old_key’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:216:23: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:218:12: branch_true: following ‘true’ branch (when ‘bio’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:219:21: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:219:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:223:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:229:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:234:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:282:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:283:24: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:284:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:287:28: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:287:28: branch_true: following ‘true’ branch (when ‘old_pkey’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:288:53: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:307:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:308:37: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:378:33: throw: if ‘util_set_fd_entry_cert_owner’ throws an exception...
certmonger-0.79.21/src/certsave-o.c:378:33: danger: ‘old_key’ leaks here; was allocated at [(12)](sarif:/runs/0/results/31/codeFlows/0/threadFlows/0/locations/11)
#  376|   				/* Fixup the ownership and permissions on the
#  377|   				 * certificate file. */
#  378|-> 				util_set_fd_entry_cert_owner(fileno(pem),
#  379|   							     entry->cm_cert_storage_location,
#  380|   							     entry);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def190]
certmonger-0.79.21/src/certsave-o.c:392:33: warning[-Wanalyzer-malloc-leak]: leak of ‘old_key’
certmonger-0.79.21/src/certsave-o.c:164:1: enter_function: entry to ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:178:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:184:9: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:208:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:210:27: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:210:27: call_function: calling ‘read_file_contents’ from ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:210:27: return_function: returning to ‘cm_certsave_o_main’ from ‘read_file_contents’
certmonger-0.79.21/src/certsave-o.c:215:12: branch_true: following ‘true’ branch (when ‘old_key’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:216:23: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:218:12: branch_true: following ‘true’ branch (when ‘bio’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:219:21: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:219:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:223:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:229:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:234:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:282:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:283:24: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:284:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:287:28: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:287:28: branch_true: following ‘true’ branch (when ‘old_pkey’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:288:53: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:307:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:383:41: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:392:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certsave-o.c:392:33: danger: ‘old_key’ leaks here; was allocated at [(12)](sarif:/runs/0/results/32/codeFlows/0/threadFlows/0/locations/11)
#  390|   					break;
#  391|   				}
#  392|-> 				cm_log(1, "Error saving certificate "
#  393|   				       "to '%s': %s.\n",
#  394|   				       entry->cm_cert_storage_location,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def191]
certmonger-0.79.21/src/certsave-o.c:397:25: warning[-Wanalyzer-malloc-leak]: leak of ‘old_key’
certmonger-0.79.21/src/certsave-o.c:164:1: enter_function: entry to ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:178:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:184:9: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:208:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:210:27: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:210:27: call_function: calling ‘read_file_contents’ from ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:210:27: return_function: returning to ‘cm_certsave_o_main’ from ‘read_file_contents’
certmonger-0.79.21/src/certsave-o.c:215:12: branch_true: following ‘true’ branch (when ‘old_key’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:216:23: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:218:12: branch_true: following ‘true’ branch (when ‘bio’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:219:21: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:219:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:223:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:229:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:234:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:282:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:283:24: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:284:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:287:28: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:287:28: branch_true: following ‘true’ branch (when ‘old_pkey’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:288:53: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:397:25: throw: if ‘X509_free’ throws an exception...
certmonger-0.79.21/src/certsave-o.c:397:25: danger: ‘old_key’ leaks here; was allocated at [(12)](sarif:/runs/0/results/33/codeFlows/0/threadFlows/0/locations/11)
#  395|   				       strerror(errno));
#  396|   			}
#  397|-> 			X509_free(cert);
#  398|   		} else {
#  399|   			cm_log(1, "Error parsing certificate for saving.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def192]
certmonger-0.79.21/src/certsave-o.c:399:25: warning[-Wanalyzer-malloc-leak]: leak of ‘old_key’
certmonger-0.79.21/src/certsave-o.c:164:1: enter_function: entry to ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:178:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:184:9: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:208:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:210:27: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:210:27: call_function: calling ‘read_file_contents’ from ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:210:27: return_function: returning to ‘cm_certsave_o_main’ from ‘read_file_contents’
certmonger-0.79.21/src/certsave-o.c:215:12: branch_true: following ‘true’ branch (when ‘old_key’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:216:23: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:218:12: branch_true: following ‘true’ branch (when ‘bio’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:219:21: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:219:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:223:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:229:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:234:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:282:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:283:24: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:284:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:399:25: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:399:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certsave-o.c:399:25: danger: ‘old_key’ leaks here; was allocated at [(12)](sarif:/runs/0/results/34/codeFlows/0/threadFlows/0/locations/11)
#  397|   			X509_free(cert);
#  398|   		} else {
#  399|-> 			cm_log(1, "Error parsing certificate for saving.\n");
#  400|   			status = CM_CERTSAVE_STATUS_INTERNAL_ERROR;
#  401|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def193]
certmonger-0.79.21/src/certsave-o.c:402:17: warning[-Wanalyzer-malloc-leak]: leak of ‘old_key’
certmonger-0.79.21/src/certsave-o.c:164:1: enter_function: entry to ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:178:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:184:9: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:208:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:210:27: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:210:27: call_function: calling ‘read_file_contents’ from ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:210:27: return_function: returning to ‘cm_certsave_o_main’ from ‘read_file_contents’
certmonger-0.79.21/src/certsave-o.c:215:12: branch_true: following ‘true’ branch (when ‘old_key’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:216:23: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:218:12: branch_true: following ‘true’ branch (when ‘bio’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:219:21: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:219:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:223:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:229:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:234:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:282:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:283:24: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:402:17: throw: if ‘BIO_free’ throws an exception...
certmonger-0.79.21/src/certsave-o.c:402:17: danger: ‘old_key’ leaks here; was allocated at [(12)](sarif:/runs/0/results/35/codeFlows/0/threadFlows/0/locations/11)
#  400|   			status = CM_CERTSAVE_STATUS_INTERNAL_ERROR;
#  401|   		}
#  402|-> 		BIO_free(bio);
#  403|   	} else {
#  404|   		cm_log(1, "Error setting up to parse certificate.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def194]
certmonger-0.79.21/src/certsave-o.c:404:17: warning[-Wanalyzer-malloc-leak]: leak of ‘old_key’
certmonger-0.79.21/src/certsave-o.c:164:1: enter_function: entry to ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:178:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:184:9: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:208:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:210:27: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:210:27: call_function: calling ‘read_file_contents’ from ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:210:27: return_function: returning to ‘cm_certsave_o_main’ from ‘read_file_contents’
certmonger-0.79.21/src/certsave-o.c:215:12: branch_true: following ‘true’ branch (when ‘old_key’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:216:23: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:218:12: branch_true: following ‘true’ branch (when ‘bio’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:219:21: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:219:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:223:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:229:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:234:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:404:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:404:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/certsave-o.c:404:17: danger: ‘old_key’ leaks here; was allocated at [(12)](sarif:/runs/0/results/36/codeFlows/0/threadFlows/0/locations/11)
#  402|   		BIO_free(bio);
#  403|   	} else {
#  404|-> 		cm_log(1, "Error setting up to parse certificate.\n");
#  405|   		status = CM_CERTSAVE_STATUS_INTERNAL_ERROR;
#  406|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def195]
certmonger-0.79.21/src/certsave-o.c:408:17: warning[-Wanalyzer-malloc-leak]: leak of ‘old_key’
certmonger-0.79.21/src/certsave-o.c:164:1: enter_function: entry to ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:178:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:184:9: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:208:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/certsave-o.c:210:27: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:210:27: call_function: calling ‘read_file_contents’ from ‘cm_certsave_o_main’
certmonger-0.79.21/src/certsave-o.c:210:27: return_function: returning to ‘cm_certsave_o_main’ from ‘read_file_contents’
certmonger-0.79.21/src/certsave-o.c:215:12: branch_true: following ‘true’ branch (when ‘old_key’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:216:23: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:218:12: branch_true: following ‘true’ branch (when ‘bio’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:219:21: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:219:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:223:17: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:229:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/certsave-o.c:234:29: branch_false: ...to here
certmonger-0.79.21/src/certsave-o.c:407:12: branch_true: following ‘true’ branch (when ‘old_pkey’ is non-NULL)...
certmonger-0.79.21/src/certsave-o.c:408:17: branch_true: ...to here
certmonger-0.79.21/src/certsave-o.c:408:17: throw: if ‘EVP_PKEY_free’ throws an exception...
certmonger-0.79.21/src/certsave-o.c:408:17: danger: ‘old_key’ leaks here; was allocated at [(12)](sarif:/runs/0/results/37/codeFlows/0/threadFlows/0/locations/11)
#  406|   	}
#  407|   	if (old_pkey != NULL) {
#  408|-> 		EVP_PKEY_free(old_pkey);
#  409|   	}
#  410|   	free(next_key);

Error: COMPILER_WARNING (CWE-563): [#def196]
certmonger-0.79.21/src/cm.c: scope_hint: In function ‘cm_timer_h’
certmonger-0.79.21/src/cm.c:197:35: warning[-Wunused-parameter]: unused parameter ‘ec’
#  197 | cm_timer_h(struct tevent_context *ec, struct tevent_timer *te,
#      |            ~~~~~~~~~~~~~~~~~~~~~~~^~
#  195|   
#  196|   static void
#  197|-> cm_timer_h(struct tevent_context *ec, struct tevent_timer *te,
#  198|   	   struct timeval current_time, void *pvt)
#  199|   {

Error: COMPILER_WARNING (CWE-563): [#def197]
certmonger-0.79.21/src/cm.c:198:27: warning[-Wunused-parameter]: unused parameter ‘current_time’
#  198 |            struct timeval current_time, void *pvt)
#      |            ~~~~~~~~~~~~~~~^~~~~~~~~~~~
#  196|   static void
#  197|   cm_timer_h(struct tevent_context *ec, struct tevent_timer *te,
#  198|-> 	   struct timeval current_time, void *pvt)
#  199|   {
#  200|   	struct cm_context *context = pvt;

Error: COMPILER_WARNING (CWE-563): [#def198]
certmonger-0.79.21/src/cm.c: scope_hint: In function ‘cm_timeout_h’
certmonger-0.79.21/src/cm.c:231:37: warning[-Wunused-parameter]: unused parameter ‘ec’
#  231 | cm_timeout_h(struct tevent_context *ec, struct tevent_timer *te,
#      |              ~~~~~~~~~~~~~~~~~~~~~~~^~
#  229|   
#  230|   static void
#  231|-> cm_timeout_h(struct tevent_context *ec, struct tevent_timer *te,
#  232|   	     struct timeval current_time, void *pvt)
#  233|   {

Error: COMPILER_WARNING (CWE-563): [#def199]
certmonger-0.79.21/src/cm.c:231:62: warning[-Wunused-parameter]: unused parameter ‘te’
#  231 | cm_timeout_h(struct tevent_context *ec, struct tevent_timer *te,
#      |                                         ~~~~~~~~~~~~~~~~~~~~~^~
#  229|   
#  230|   static void
#  231|-> cm_timeout_h(struct tevent_context *ec, struct tevent_timer *te,
#  232|   	     struct timeval current_time, void *pvt)
#  233|   {

Error: COMPILER_WARNING (CWE-563): [#def200]
certmonger-0.79.21/src/cm.c:232:29: warning[-Wunused-parameter]: unused parameter ‘current_time’
#  232 |              struct timeval current_time, void *pvt)
#      |              ~~~~~~~~~~~~~~~^~~~~~~~~~~~
#  230|   static void
#  231|   cm_timeout_h(struct tevent_context *ec, struct tevent_timer *te,
#  232|-> 	     struct timeval current_time, void *pvt)
#  233|   {
#  234|   	struct cm_context *context = pvt;

Error: COMPILER_WARNING (CWE-563): [#def201]
certmonger-0.79.21/src/cm.c: scope_hint: In function ‘cm_fd_h’
certmonger-0.79.21/src/cm.c:275:32: warning[-Wunused-parameter]: unused parameter ‘ec’
#  275 | cm_fd_h(struct tevent_context *ec,
#      |         ~~~~~~~~~~~~~~~~~~~~~~~^~
#  273|   
#  274|   static void
#  275|-> cm_fd_h(struct tevent_context *ec,
#  276|   	struct tevent_fd *fde, uint16_t flags, void *pvt)
#  277|   {

Error: COMPILER_WARNING (CWE-563): [#def202]
certmonger-0.79.21/src/cm.c:276:41: warning[-Wunused-parameter]: unused parameter ‘flags’
#  276 |         struct tevent_fd *fde, uint16_t flags, void *pvt)
#      |                                ~~~~~~~~~^~~~~
#  274|   static void
#  275|   cm_fd_h(struct tevent_context *ec,
#  276|-> 	struct tevent_fd *fde, uint16_t flags, void *pvt)
#  277|   {
#  278|   	struct cm_context *context = pvt;

Error: COMPILER_WARNING (CWE-563): [#def203]
certmonger-0.79.21/src/cm.c: scope_hint: In function ‘cm_break_h’
certmonger-0.79.21/src/cm.c:309:35: warning[-Wunused-parameter]: unused parameter ‘ec’
#  309 | cm_break_h(struct tevent_context *ec, struct tevent_signal *se,
#      |            ~~~~~~~~~~~~~~~~~~~~~~~^~
#  307|   
#  308|   static void
#  309|-> cm_break_h(struct tevent_context *ec, struct tevent_signal *se,
#  310|   	   int signum, int count, void *siginfo, void *pvt)
#  311|   {

Error: COMPILER_WARNING (CWE-563): [#def204]
certmonger-0.79.21/src/cm.c:309:61: warning[-Wunused-parameter]: unused parameter ‘se’
#  309 | cm_break_h(struct tevent_context *ec, struct tevent_signal *se,
#      |                                       ~~~~~~~~~~~~~~~~~~~~~~^~
#  307|   
#  308|   static void
#  309|-> cm_break_h(struct tevent_context *ec, struct tevent_signal *se,
#  310|   	   int signum, int count, void *siginfo, void *pvt)
#  311|   {

Error: COMPILER_WARNING (CWE-563): [#def205]
certmonger-0.79.21/src/cm.c:310:28: warning[-Wunused-parameter]: unused parameter ‘count’
#  310 |            int signum, int count, void *siginfo, void *pvt)
#      |                        ~~~~^~~~~
#  308|   static void
#  309|   cm_break_h(struct tevent_context *ec, struct tevent_signal *se,
#  310|-> 	   int signum, int count, void *siginfo, void *pvt)
#  311|   {
#  312|   	struct cm_context *ctx = pvt;

Error: COMPILER_WARNING (CWE-563): [#def206]
certmonger-0.79.21/src/cm.c:310:41: warning[-Wunused-parameter]: unused parameter ‘siginfo’
#  310 |            int signum, int count, void *siginfo, void *pvt)
#      |                                   ~~~~~~^~~~~~~
#  308|   static void
#  309|   cm_break_h(struct tevent_context *ec, struct tevent_signal *se,
#  310|-> 	   int signum, int count, void *siginfo, void *pvt)
#  311|   {
#  312|   	struct cm_context *ctx = pvt;

Error: COMPILER_WARNING (CWE-563): [#def207]
certmonger-0.79.21/src/cm.c: scope_hint: In function ‘cm_netlink_delayed_h’
certmonger-0.79.21/src/cm.c:318:45: warning[-Wunused-parameter]: unused parameter ‘ec’
#  318 | cm_netlink_delayed_h(struct tevent_context *ec, struct tevent_timer *te,
#      |                      ~~~~~~~~~~~~~~~~~~~~~~~^~
#  316|   
#  317|   static void
#  318|-> cm_netlink_delayed_h(struct tevent_context *ec, struct tevent_timer *te,
#  319|   		     struct timeval current_time, void *pvt)
#  320|   {

Error: COMPILER_WARNING (CWE-563): [#def208]
certmonger-0.79.21/src/cm.c:319:37: warning[-Wunused-parameter]: unused parameter ‘current_time’
#  319 |                      struct timeval current_time, void *pvt)
#      |                      ~~~~~~~~~~~~~~~^~~~~~~~~~~~
#  317|   static void
#  318|   cm_netlink_delayed_h(struct tevent_context *ec, struct tevent_timer *te,
#  319|-> 		     struct timeval current_time, void *pvt)
#  320|   {
#  321|   	struct cm_context *ctx = pvt;

Error: COMPILER_WARNING (CWE-563): [#def209]
certmonger-0.79.21/src/cm.c: scope_hint: In function ‘cm_netlink_fd_h’
certmonger-0.79.21/src/cm.c:359:40: warning[-Wunused-parameter]: unused parameter ‘ec’
#  359 | cm_netlink_fd_h(struct tevent_context *ec,
#      |                 ~~~~~~~~~~~~~~~~~~~~~~~^~
#  357|   
#  358|   static void
#  359|-> cm_netlink_fd_h(struct tevent_context *ec,
#  360|   		struct tevent_fd *fde, uint16_t flags, void *pvt)
#  361|   {

Error: COMPILER_WARNING (CWE-563): [#def210]
certmonger-0.79.21/src/cm.c:360:49: warning[-Wunused-parameter]: unused parameter ‘flags’
#  360 |                 struct tevent_fd *fde, uint16_t flags, void *pvt)
#      |                                        ~~~~~~~~~^~~~~
#  358|   static void
#  359|   cm_netlink_fd_h(struct tevent_context *ec,
#  360|-> 		struct tevent_fd *fde, uint16_t flags, void *pvt)
#  361|   {
#  362|   	struct cm_context *ctx = pvt;

Error: COMPILER_WARNING (CWE-563): [#def211]
certmonger-0.79.21/src/cm.c: scope_hint: In function ‘cm_gate_fd_h’
certmonger-0.79.21/src/cm.c:705:59: warning[-Wunused-parameter]: unused parameter ‘fde’
#  705 | cm_gate_fd_h(struct tevent_context *ec, struct tevent_fd *fde,
#      |                                         ~~~~~~~~~~~~~~~~~~^~~
#  703|   
#  704|   static void
#  705|-> cm_gate_fd_h(struct tevent_context *ec, struct tevent_fd *fde,
#  706|   	     uint16_t flags, void *pvt)
#  707|   {

Error: COMPILER_WARNING (CWE-563): [#def212]
certmonger-0.79.21/src/cm.c:706:23: warning[-Wunused-parameter]: unused parameter ‘flags’
#  706 |              uint16_t flags, void *pvt)
#      |              ~~~~~~~~~^~~~~
#  704|   static void
#  705|   cm_gate_fd_h(struct tevent_context *ec, struct tevent_fd *fde,
#  706|-> 	     uint16_t flags, void *pvt)
#  707|   {
#  708|   	struct cm_context *ctx = pvt;

Error: COMPILER_WARNING (CWE-563): [#def213]
certmonger-0.79.21/src/cm.c: scope_hint: In function ‘cm_gate_run’
certmonger-0.79.21/src/cm.c:741:41: warning[-Wunused-parameter]: unused parameter ‘ca’
#  741 | cm_gate_run(int fd, struct cm_store_ca *ca, struct cm_store_entry *e,
#      |                     ~~~~~~~~~~~~~~~~~~~~^~
#  739|   
#  740|   static int
#  741|-> cm_gate_run(int fd, struct cm_store_ca *ca, struct cm_store_entry *e,
#  742|   	    void *data)
#  743|   {

Error: COMPILER_WARNING (CWE-563): [#def214]
certmonger-0.79.21/src/cm.c:741:68: warning[-Wunused-parameter]: unused parameter ‘e’
#  741 | cm_gate_run(int fd, struct cm_store_ca *ca, struct cm_store_entry *e,
#      |                                             ~~~~~~~~~~~~~~~~~~~~~~~^
#  739|   
#  740|   static int
#  741|-> cm_gate_run(int fd, struct cm_store_ca *ca, struct cm_store_entry *e,
#  742|   	    void *data)
#  743|   {

Error: COMPILER_WARNING (CWE-563): [#def215]
certmonger-0.79.21/src/csrgen-n.c: scope_hint: In function ‘cm_csrgen_n_main’
certmonger-0.79.21/src/csrgen-n.c:238:46: warning[-Wunused-parameter]: unused parameter ‘ca’
#  238 | cm_csrgen_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#      |                          ~~~~~~~~~~~~~~~~~~~~^~
#  236|   
#  237|   static int
#  238|-> cm_csrgen_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#  239|   		 void *userdata)
#  240|   {

Error: COMPILER_WARNING (CWE-563): [#def216]
certmonger-0.79.21/src/csrgen-n.c:239:24: warning[-Wunused-parameter]: unused parameter ‘userdata’
#  239 |                  void *userdata)
#      |                  ~~~~~~^~~~~~~~
#  237|   static int
#  238|   cm_csrgen_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#  239|-> 		 void *userdata)
#  240|   {
#  241|   	FILE *status;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def217]
certmonger-0.79.21/src/csrgen-n.c:277:16: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:277:16: throw: if ‘cm_keyiread_n_get_keys’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:277:16: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#  275|   
#  276|   	/* Start up NSS and find the key pair. */
#  277|-> 	keys = cm_keyiread_n_get_keys(entry, 0);
#  278|   	if (keys == NULL) {
#  279|   		cm_log(1, "Error finding key pair for %s('%s').\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def218]
certmonger-0.79.21/src/csrgen-n.c:279:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:279:17: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:279:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:279:17: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#  277|   	keys = cm_keyiread_n_get_keys(entry, 0);
#  278|   	if (keys == NULL) {
#  279|-> 		cm_log(1, "Error finding key pair for %s('%s').\n",
#  280|   		       entry->cm_busname, entry->cm_nickname);
#  281|   		PORT_FreeArena(arena, PR_TRUE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def219]
certmonger-0.79.21/src/csrgen-n.c:281:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:279:17: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:281:17: throw: if ‘PORT_FreeArena’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:281:17: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#  279|   		cm_log(1, "Error finding key pair for %s('%s').\n",
#  280|   		       entry->cm_busname, entry->cm_nickname);
#  281|-> 		PORT_FreeArena(arena, PR_TRUE);
#  282|   		_exit(CM_SUB_STATUS_ERROR_NO_TOKEN);
#  283|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def220]
certmonger-0.79.21/src/csrgen-n.c:301:36: warning[-Wanalyzer-malloc-leak]: leak of ‘item.data’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:295:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:296:13: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:295:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:297:17: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:299:29: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:300:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:301:36: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:301:36: throw: if ‘cm_store_hex_to_bin’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:301:36: danger: ‘item.data’ leaks here; was allocated at [(11)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/10)
#  299|   		item.data = malloc(item.len);
#  300|   		if (item.data != NULL) {
#  301|-> 			item.len = cm_store_hex_to_bin(entry->cm_template_subject_der,
#  302|   						       item.data, item.len);
#  303|   			name = PORT_ArenaZNew(arena, CERTName);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def221]
certmonger-0.79.21/src/csrgen-n.c:301:36: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:295:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:296:13: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:295:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:297:17: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:300:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:301:36: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:301:36: throw: if ‘cm_store_hex_to_bin’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:301:36: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/2)
#  299|   		item.data = malloc(item.len);
#  300|   		if (item.data != NULL) {
#  301|-> 			item.len = cm_store_hex_to_bin(entry->cm_template_subject_der,
#  302|   						       item.data, item.len);
#  303|   			name = PORT_ArenaZNew(arena, CERTName);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def222]
certmonger-0.79.21/src/csrgen-n.c:303:32: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:295:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:296:13: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:295:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:297:17: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:300:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:301:36: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:303:32: throw: if ‘PORT_ArenaZAlloc’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:303:32: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/2)
#  301|   			item.len = cm_store_hex_to_bin(entry->cm_template_subject_der,
#  302|   						       item.data, item.len);
#  303|-> 			name = PORT_ArenaZNew(arena, CERTName);
#  304|   			if (name != NULL) {
#  305|   				if (SEC_ASN1DecodeItem(arena, name,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def223]
certmonger-0.79.21/src/csrgen-n.c:305:37: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:295:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:296:13: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:295:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:297:17: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:300:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:301:36: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:304:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:305:37: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:305:37: throw: if ‘SEC_ASN1DecodeItem’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:305:37: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/2)
#  303|   			name = PORT_ArenaZNew(arena, CERTName);
#  304|   			if (name != NULL) {
#  305|-> 				if (SEC_ASN1DecodeItem(arena, name,
#  306|   						       CERT_NameTemplate,
#  307|   						       &item) != SECSuccess) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def224]
certmonger-0.79.21/src/csrgen-n.c:313:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:295:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:296:13: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:295:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:297:17: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:300:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:313:25: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:313:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:313:25: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/2)
#  311|   		}
#  312|   		if (name == NULL) {
#  313|-> 			cm_log(1, "Error parsing requested subject \"%s\".\n",
#  314|   			       entry->cm_template_subject_der);
#  315|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def225]
certmonger-0.79.21/src/csrgen-n.c:320:24: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:317:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:319:13: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:317:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:320:24: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:320:24: throw: if ‘CERT_AsciiToName’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:320:24: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/2)
#  318|   	    (entry->cm_template_subject != NULL) &&
#  319|   	    (strlen(entry->cm_template_subject) != 0)) {
#  320|-> 		name = CERT_AsciiToName(entry->cm_template_subject);
#  321|   		if (name == NULL) {
#  322|   			/* Force it. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def226]
certmonger-0.79.21/src/csrgen-n.c:327:29: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:317:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:319:13: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:317:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:320:24: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:321:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:323:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:327:29: throw: if ‘SEC_ASN1EncodeItem’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:327:29: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/2)
#  325|   			item.len = strlen(entry->cm_template_subject);
#  326|   			memset(&utf8, 0, sizeof(utf8));
#  327|-> 			if (SEC_ASN1EncodeItem(arena, &utf8, &item,
#  328|   					       SEC_PrintableStringTemplate) == &utf8) {
#  329|   				q = cm_store_hex_from_bin(entry,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def227]
certmonger-0.79.21/src/csrgen-n.c:329:37: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:317:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:319:13: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:317:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:320:24: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:321:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:323:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:327:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:331:59: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:329:37: throw: if ‘cm_store_hex_from_bin’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:329:37: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/2)
#  327|   			if (SEC_ASN1EncodeItem(arena, &utf8, &item,
#  328|   					       SEC_PrintableStringTemplate) == &utf8) {
#  329|-> 				q = cm_store_hex_from_bin(entry,
#  330|   							  utf8.data,
#  331|   							  utf8.len);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def228]
certmonger-0.79.21/src/csrgen-n.c:333:45: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:317:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:319:13: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:317:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:320:24: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:321:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:323:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:327:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:331:59: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:332:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:333:45: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:333:45: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:333:45: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/2)
#  331|   							  utf8.len);
#  332|   				if (q != NULL) {
#  333|-> 					p = talloc_asprintf(q, "CN=#%s", q);
#  334|   					if (p != NULL) {
#  335|   						name = CERT_AsciiToName(p);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def229]
certmonger-0.79.21/src/csrgen-n.c:335:56: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:317:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:319:13: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:317:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:320:24: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:321:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:323:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:327:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:331:59: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:332:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:333:45: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:334:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:335:56: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:335:56: throw: if ‘CERT_AsciiToName’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:335:56: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/2)
#  333|   					p = talloc_asprintf(q, "CN=#%s", q);
#  334|   					if (p != NULL) {
#  335|-> 						name = CERT_AsciiToName(p);
#  336|   					}
#  337|   					talloc_free(q);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def230]
certmonger-0.79.21/src/csrgen-n.c:342:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:317:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:319:13: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:317:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:320:24: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:321:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:323:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:327:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:341:20: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:341:20: branch_true: following ‘true’ branch (when ‘name’ is NULL)...
certmonger-0.79.21/src/csrgen-n.c:342:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:342:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:342:25: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/2)
#  340|   		}
#  341|   		if (name == NULL) {
#  342|-> 			cm_log(1, "Error parsing requested subject name \"%s\".\n",
#  343|   			       entry->cm_template_subject);
#  344|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def231]
certmonger-0.79.21/src/csrgen-n.c:347:24: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:347:24: throw: if ‘CERT_AsciiToName’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:347:24: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/2)
#  345|   	}
#  346|   	if (name == NULL) {
#  347|-> 		name = CERT_AsciiToName("CN=" CM_DEFAULT_CERT_SUBJECT_CN);
#  348|   		if (name == NULL) {
#  349|   			cm_log(1, "Error parsing requested subject name \"%s\".\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def232]
certmonger-0.79.21/src/csrgen-n.c:349:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:348:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:349:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:349:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:349:25: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/2)
#  347|   		name = CERT_AsciiToName("CN=" CM_DEFAULT_CERT_SUBJECT_CN);
#  348|   		if (name == NULL) {
#  349|-> 			cm_log(1, "Error parsing requested subject name \"%s\".\n",
#  350|   			       "CN=" CM_DEFAULT_CERT_SUBJECT_CN);
#  351|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def233]
certmonger-0.79.21/src/csrgen-n.c:355:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:348:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:349:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:354:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:355:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:355:25: throw: if ‘SECKEY_DestroyPublicKey’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:355:25: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/2)
#  353|   	if (name == NULL) {
#  354|   		if (keys->pubkey != NULL) {
#  355|-> 			SECKEY_DestroyPublicKey(keys->pubkey);
#  356|   		}
#  357|   		if (keys->privkey != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def234]
certmonger-0.79.21/src/csrgen-n.c:358:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:348:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:349:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:354:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:357:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:357:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:358:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:358:25: throw: if ‘SECKEY_DestroyPrivateKey’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:358:25: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/2)
#  356|   		}
#  357|   		if (keys->privkey != NULL) {
#  358|-> 			SECKEY_DestroyPrivateKey(keys->privkey);
#  359|   		}
#  360|   		if (keys->pubkey_next != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def235]
certmonger-0.79.21/src/csrgen-n.c:361:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:348:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:349:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:354:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:357:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:357:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:360:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:360:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:361:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:361:25: throw: if ‘SECKEY_DestroyPublicKey’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:361:25: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/2)
#  359|   		}
#  360|   		if (keys->pubkey_next != NULL) {
#  361|-> 			SECKEY_DestroyPublicKey(keys->pubkey_next);
#  362|   		}
#  363|   		if (keys->privkey_next != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def236]
certmonger-0.79.21/src/csrgen-n.c:364:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:348:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:349:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:354:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:357:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:357:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:360:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:360:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:363:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:363:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:364:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:364:25: throw: if ‘SECKEY_DestroyPrivateKey’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:364:25: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/2)
#  362|   		}
#  363|   		if (keys->privkey_next != NULL) {
#  364|-> 			SECKEY_DestroyPrivateKey(keys->privkey_next);
#  365|   		}
#  366|   		PORT_FreeArena(arena, PR_TRUE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def237]
certmonger-0.79.21/src/csrgen-n.c:366:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:348:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:349:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:354:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:357:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:357:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:360:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:360:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:363:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:363:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:366:17: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:366:17: throw: if ‘PORT_FreeArena’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:366:17: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/2)
#  364|   			SECKEY_DestroyPrivateKey(keys->privkey_next);
#  365|   		}
#  366|-> 		PORT_FreeArena(arena, PR_TRUE);
#  367|   		error = NSS_ShutdownContext(keys->ctx);
#  368|   		PORT_FreeArena(keys->arena, PR_TRUE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def238]
certmonger-0.79.21/src/csrgen-n.c:377:22: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:348:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:376:12: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:376:12: branch_true: following ‘true’ branch (when ‘pubkey’ is NULL)...
certmonger-0.79.21/src/csrgen-n.c:377:22: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:377:22: throw: if ‘PORT_GetError’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:377:22: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/2)
#  375|   	/* Find the public key. */
#  376|   	if (pubkey == NULL) {
#  377|-> 		ec = PORT_GetError();
#  378|   		if (ec != 0) {
#  379|   			es = PR_ErrorToName(ec);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def239]
certmonger-0.79.21/src/csrgen-n.c:379:30: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:348:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:376:12: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:376:12: branch_true: following ‘true’ branch (when ‘pubkey’ is NULL)...
certmonger-0.79.21/src/csrgen-n.c:377:22: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:378:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:379:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:379:30: throw: if ‘PR_ErrorToName’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:379:30: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/2)
#  377|   		ec = PORT_GetError();
#  378|   		if (ec != 0) {
#  379|-> 			es = PR_ErrorToName(ec);
#  380|   		} else {
#  381|   			es = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def240]
certmonger-0.79.21/src/csrgen-n.c:384:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:348:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:376:12: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:376:12: branch_true: following ‘true’ branch (when ‘pubkey’ is NULL)...
certmonger-0.79.21/src/csrgen-n.c:377:22: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:378:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:379:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:383:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:384:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:384:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:384:25: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/2)
#  382|   		}
#  383|   		if (es != NULL) {
#  384|-> 			cm_log(1, "Error retrieving public key: %s.\n", es);
#  385|   		} else {
#  386|   			cm_log(1, "Error retrieving public key: %d.\n", ec);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def241]
certmonger-0.79.21/src/csrgen-n.c:386:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:348:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:376:12: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:376:12: branch_true: following ‘true’ branch (when ‘pubkey’ is NULL)...
certmonger-0.79.21/src/csrgen-n.c:377:22: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:378:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:386:25: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:386:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:386:25: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/2)
#  384|   			cm_log(1, "Error retrieving public key: %s.\n", es);
#  385|   		} else {
#  386|-> 			cm_log(1, "Error retrieving public key: %d.\n", ec);
#  387|   		}
#  388|   		if (keys->pubkey != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def242]
certmonger-0.79.21/src/csrgen-n.c:389:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:348:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:376:12: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:376:12: branch_true: following ‘true’ branch (when ‘pubkey’ is NULL)...
certmonger-0.79.21/src/csrgen-n.c:377:22: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:388:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:389:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:389:25: throw: if ‘SECKEY_DestroyPublicKey’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:389:25: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/2)
#  387|   		}
#  388|   		if (keys->pubkey != NULL) {
#  389|-> 			SECKEY_DestroyPublicKey(keys->pubkey);
#  390|   		}
#  391|   		if (keys->privkey != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def243]
certmonger-0.79.21/src/csrgen-n.c:392:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:348:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:376:12: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:376:12: branch_true: following ‘true’ branch (when ‘pubkey’ is NULL)...
certmonger-0.79.21/src/csrgen-n.c:377:22: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:388:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:391:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:391:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:392:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:392:25: throw: if ‘SECKEY_DestroyPrivateKey’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:392:25: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/2)
#  390|   		}
#  391|   		if (keys->privkey != NULL) {
#  392|-> 			SECKEY_DestroyPrivateKey(keys->privkey);
#  393|   		}
#  394|   		if (keys->pubkey_next != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def244]
certmonger-0.79.21/src/csrgen-n.c:395:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:348:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:376:12: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:376:12: branch_true: following ‘true’ branch (when ‘pubkey’ is NULL)...
certmonger-0.79.21/src/csrgen-n.c:377:22: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:388:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:391:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:391:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:394:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:394:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:395:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:395:25: throw: if ‘SECKEY_DestroyPublicKey’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:395:25: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/27/codeFlows/0/threadFlows/0/locations/2)
#  393|   		}
#  394|   		if (keys->pubkey_next != NULL) {
#  395|-> 			SECKEY_DestroyPublicKey(keys->pubkey_next);
#  396|   		}
#  397|   		if (keys->privkey_next != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def245]
certmonger-0.79.21/src/csrgen-n.c:398:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:348:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:376:12: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:376:12: branch_true: following ‘true’ branch (when ‘pubkey’ is NULL)...
certmonger-0.79.21/src/csrgen-n.c:377:22: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:388:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:391:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:391:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:394:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:394:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:397:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:397:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:398:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:398:25: throw: if ‘SECKEY_DestroyPrivateKey’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:398:25: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/28/codeFlows/0/threadFlows/0/locations/2)
#  396|   		}
#  397|   		if (keys->privkey_next != NULL) {
#  398|-> 			SECKEY_DestroyPrivateKey(keys->privkey_next);
#  399|   		}
#  400|   		PORT_FreeArena(arena, PR_TRUE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def246]
certmonger-0.79.21/src/csrgen-n.c:400:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:348:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:376:12: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:376:12: branch_true: following ‘true’ branch (when ‘pubkey’ is NULL)...
certmonger-0.79.21/src/csrgen-n.c:377:22: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:388:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:391:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:391:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:394:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:394:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:397:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:397:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:400:17: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:400:17: throw: if ‘PORT_FreeArena’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:400:17: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/29/codeFlows/0/threadFlows/0/locations/2)
#  398|   			SECKEY_DestroyPrivateKey(keys->privkey_next);
#  399|   		}
#  400|-> 		PORT_FreeArena(arena, PR_TRUE);
#  401|   		error = NSS_ShutdownContext(keys->ctx);
#  402|   		PORT_FreeArena(keys->arena, PR_TRUE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def247]
certmonger-0.79.21/src/csrgen-n.c:401:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:348:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:376:12: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:376:12: branch_true: following ‘true’ branch (when ‘pubkey’ is NULL)...
certmonger-0.79.21/src/csrgen-n.c:377:22: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:388:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:391:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:391:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:394:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:394:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:397:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:397:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:400:17: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:401:25: throw: if ‘NSS_ShutdownContext’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:401:25: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/2)
#  399|   		}
#  400|   		PORT_FreeArena(arena, PR_TRUE);
#  401|-> 		error = NSS_ShutdownContext(keys->ctx);
#  402|   		PORT_FreeArena(keys->arena, PR_TRUE);
#  403|   		if (error != SECSuccess) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def248]
certmonger-0.79.21/src/csrgen-n.c:402:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:348:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:376:12: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:376:12: branch_true: following ‘true’ branch (when ‘pubkey’ is NULL)...
certmonger-0.79.21/src/csrgen-n.c:377:22: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:388:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:391:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:391:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:394:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:394:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:397:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:397:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:400:17: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:402:17: throw: if ‘PORT_FreeArena’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:402:17: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/31/codeFlows/0/threadFlows/0/locations/2)
#  400|   		PORT_FreeArena(arena, PR_TRUE);
#  401|   		error = NSS_ShutdownContext(keys->ctx);
#  402|-> 		PORT_FreeArena(keys->arena, PR_TRUE);
#  403|   		if (error != SECSuccess) {
#  404|   			cm_log(1, "Error shutting down NSS.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def249]
certmonger-0.79.21/src/csrgen-n.c:404:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:348:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:376:12: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:376:12: branch_true: following ‘true’ branch (when ‘pubkey’ is NULL)...
certmonger-0.79.21/src/csrgen-n.c:377:22: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:388:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:391:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:391:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:394:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:394:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:397:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:397:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:400:17: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:403:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:404:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:404:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:404:25: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/32/codeFlows/0/threadFlows/0/locations/2)
#  402|   		PORT_FreeArena(keys->arena, PR_TRUE);
#  403|   		if (error != SECSuccess) {
#  404|-> 			cm_log(1, "Error shutting down NSS.\n");
#  405|   		}
#  406|   		fclose(status);

Error: CPPCHECK_WARNING (CWE-415): [#def250]
certmonger-0.79.21/src/csrgen-n.c:406: error[doubleFree]: Resource handle 'status' freed twice.
#  404|   			cm_log(1, "Error shutting down NSS.\n");
#  405|   		}
#  406|-> 		fclose(status);
#  407|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  408|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def251]
certmonger-0.79.21/src/csrgen-n.c:410:16: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-n.c:266:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:270:18: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:270:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-n.c:271:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:277:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:278:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:285:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:317:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:319:13: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:317:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-n.c:320:24: branch_true: ...to here
certmonger-0.79.21/src/csrgen-n.c:321:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-n.c:376:12: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:376:12: branch_false: following ‘false’ branch (when ‘pubkey’ is non-NULL)...
certmonger-0.79.21/src/csrgen-n.c:410:16: branch_false: ...to here
certmonger-0.79.21/src/csrgen-n.c:410:16: throw: if ‘SECKEY_CreateSubjectPublicKeyInfo’ throws an exception...
certmonger-0.79.21/src/csrgen-n.c:410:16: danger: ‘status’ leaks here; was allocated at [(3)](sarif:/runs/0/results/33/codeFlows/0/threadFlows/0/locations/2)
#  408|   	}
#  409|   	/* Generate a subjectPublicKeyInfo. */
#  410|-> 	spki = SECKEY_CreateSubjectPublicKeyInfo(pubkey);
#  411|   	if (spki == NULL) {
#  412|   		ec = PORT_GetError();

Error: CPPCHECK_WARNING (CWE-415): [#def252]
certmonger-0.79.21/src/csrgen-n.c:437: error[doubleFree]: Resource handle 'status' freed twice.
#  435|   			cm_log(1, "Error shutting down NSS.\n");
#  436|   		}
#  437|-> 		fclose(status);
#  438|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  439|   	}

Error: CPPCHECK_WARNING (CWE-415): [#def253]
certmonger-0.79.21/src/csrgen-n.c:468: error[doubleFree]: Resource handle 'status' freed twice.
#  466|   			cm_log(1, "Error shutting down NSS.\n");
#  467|   		}
#  468|-> 		fclose(status);
#  469|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  470|   	}

Error: CPPCHECK_WARNING (CWE-415): [#def254]
certmonger-0.79.21/src/csrgen-n.c:510: error[doubleFree]: Resource handle 'status' freed twice.
#  508|   			cm_log(1, "Error shutting down NSS.\n");
#  509|   		}
#  510|-> 		fclose(status);
#  511|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  512|   	}

Error: CPPCHECK_WARNING (CWE-415): [#def255]
certmonger-0.79.21/src/csrgen-n.c:537: error[doubleFree]: Resource handle 'status' freed twice.
#  535|   			cm_log(1, "Error shutting down NSS.\n");
#  536|   		}
#  537|-> 		fclose(status);
#  538|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  539|   	}

Error: CPPCHECK_WARNING (CWE-415): [#def256]
certmonger-0.79.21/src/csrgen-n.c:561: error[doubleFree]: Resource handle 'status' freed twice.
#  559|   			cm_log(1, "Error shutting down NSS.\n");
#  560|   		}
#  561|-> 		fclose(status);
#  562|   		_exit(CM_SUB_STATUS_ERROR_AUTH);
#  563|   	}

Error: CPPCHECK_WARNING (CWE-415): [#def257]
certmonger-0.79.21/src/csrgen-n.c:589: error[doubleFree]: Resource handle 'status' freed twice.
#  587|   			cm_log(1, "Error shutting down NSS.\n");
#  588|   		}
#  589|-> 		fclose(status);
#  590|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  591|   	}

Error: CPPCHECK_WARNING (CWE-415): [#def258]
certmonger-0.79.21/src/csrgen-n.c:618: error[doubleFree]: Resource handle 'status' freed twice.
#  616|   			cm_log(1, "Error shutting down NSS.\n");
#  617|   		}
#  618|-> 		fclose(status);
#  619|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  620|   	}

Error: CPPCHECK_WARNING (CWE-415): [#def259]
certmonger-0.79.21/src/csrgen-n.c:644: error[doubleFree]: Resource handle 'status' freed twice.
#  642|   			cm_log(1, "Error shutting down NSS.\n");
#  643|   		}
#  644|-> 		fclose(status);
#  645|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  646|   	}

Error: CPPCHECK_WARNING (CWE-415): [#def260]
certmonger-0.79.21/src/csrgen-n.c:672: error[doubleFree]: Resource handle 'status' freed twice.
#  670|   			cm_log(1, "Error shutting down NSS.\n");
#  671|   		}
#  672|-> 		fclose(status);
#  673|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  674|   	}

Error: CPPCHECK_WARNING (CWE-415): [#def261]
certmonger-0.79.21/src/csrgen-n.c:698: error[doubleFree]: Resource handle 'status' freed twice.
#  696|   			cm_log(1, "Error shutting down NSS.\n");
#  697|   		}
#  698|-> 		fclose(status);
#  699|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  700|   	}

Error: CPPCHECK_WARNING (CWE-415): [#def262]
certmonger-0.79.21/src/csrgen-n.c:725: error[doubleFree]: Resource handle 'status' freed twice.
#  723|   			cm_log(1, "Error shutting down NSS.\n");
#  724|   		}
#  725|-> 		fclose(status);
#  726|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  727|   	}

Error: CPPCHECK_WARNING (CWE-415): [#def263]
certmonger-0.79.21/src/csrgen-n.c:752: error[doubleFree]: Resource handle 'status' freed twice.
#  750|   			cm_log(1, "Error shutting down NSS.\n");
#  751|   		}
#  752|-> 		fclose(status);
#  753|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  754|   	}

Error: CPPCHECK_WARNING (CWE-415): [#def264]
certmonger-0.79.21/src/csrgen-n.c:824: error[doubleFree]: Resource handle 'status' freed twice.
#  822|   			cm_log(1, "Error shutting down NSS.\n");
#  823|   		}
#  824|-> 		fclose(status);
#  825|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  826|   	}

Error: CPPCHECK_WARNING (CWE-415): [#def265]
certmonger-0.79.21/src/csrgen-n.c:853: error[doubleFree]: Resource handle 'status' freed twice.
#  851|   			cm_log(1, "Error shutting down NSS.\n");
#  852|   		}
#  853|-> 		fclose(status);
#  854|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  855|   	}

Error: CPPCHECK_WARNING (CWE-415): [#def266]
certmonger-0.79.21/src/csrgen-n.c:881: error[doubleFree]: Resource handle 'status' freed twice.
#  879|   			cm_log(1, "Error shutting down NSS.\n");
#  880|   		}
#  881|-> 		fclose(status);
#  882|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  883|   	}

Error: CPPCHECK_WARNING (CWE-415): [#def267]
certmonger-0.79.21/src/csrgen-n.c:909: error[doubleFree]: Resource handle 'status' freed twice.
#  907|   			cm_log(1, "Error shutting down NSS.\n");
#  908|   		}
#  909|-> 		fclose(status);
#  910|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  911|   	}

Error: CPPCHECK_WARNING (CWE-415): [#def268]
certmonger-0.79.21/src/csrgen-n.c:936: error[doubleFree]: Resource handle 'status' freed twice.
#  934|   			cm_log(1, "Error shutting down NSS.\n");
#  935|   		}
#  936|-> 		fclose(status);
#  937|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  938|   	}

Error: CPPCHECK_WARNING (CWE-416): [#def269]
certmonger-0.79.21/src/csrgen-n.c:944: error[deallocuse]: Dereferencing 'status' after it is deallocated / released
#  942|   	b643 = NSSBase64_EncodeItem(arena, NULL, -1, &esminicert);
#  943|   	if ((b64 != NULL) && (b642 != NULL)) {
#  944|-> 		fprintf(status, "-----BEGIN CERTIFICATE REQUEST-----\n");
#  945|   		p = b64;
#  946|   		while (*p != '\0') {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def270]
certmonger-0.79.21/src/csrgen-o.c:88:19: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:167:1: enter_function: entry to ‘cm_csrgen_o_main’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:266:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:268:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:279:29: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:281:29: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:279:29: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:282:43: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:282:43: call_function: calling ‘ldap_dn_to_X509_NAME’ from ‘cm_csrgen_o_main’
#   86|   	LDAPRDN rdn = NULL;
#   87|   	LDAPAVA *attr = NULL;
#   88|-> 	int ret = ldap_str2dn(s, &dn, LDAP_DN_FORMAT_LDAPV3);
#   89|   	if (ret != LDAP_SUCCESS)
#   90|   		return NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def271]
certmonger-0.79.21/src/csrgen-o.c:92:31: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:167:1: enter_function: entry to ‘cm_csrgen_o_main’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:266:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:268:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:279:29: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:281:29: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:279:29: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:282:43: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:282:43: call_function: calling ‘ldap_dn_to_X509_NAME’ from ‘cm_csrgen_o_main’
#   90|   		return NULL;
#   91|   
#   92|-> 	X509_NAME *x509name = X509_NAME_new();
#   93|   	if (x509name == NULL)
#   94|   		return NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def272]
certmonger-0.79.21/src/csrgen-o.c:103:44: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:167:1: enter_function: entry to ‘cm_csrgen_o_main’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:266:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:268:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:279:29: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:281:29: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:279:29: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:282:43: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:282:43: call_function: calling ‘ldap_dn_to_X509_NAME’ from ‘cm_csrgen_o_main’
#  101|   
#  102|   			// process attribute type
#  103|-> 			ASN1_OBJECT *obj = OBJ_txt2obj(
#  104|   				attr->la_attr.bv_val,
#  105|   				0 /* allow dotted OIDs */);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def273]
certmonger-0.79.21/src/csrgen-o.c:110:52: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:167:1: enter_function: entry to ‘cm_csrgen_o_main’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:266:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:268:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:279:29: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:281:29: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:279:29: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:282:43: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:282:43: call_function: calling ‘ldap_dn_to_X509_NAME’ from ‘cm_csrgen_o_main’
#  108|   				// i.e. "CN", "O", etc.
#  109|   				// Convert to upper and try again.
#  110|-> 				char *attr_upper = str_to_upper(attr->la_attr.bv_val);
#  111|   				if (attr_upper != NULL) {
#  112|   					obj = OBJ_txt2obj(attr_upper, 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def274]
certmonger-0.79.21/src/csrgen-o.c:146:9: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:167:1: enter_function: entry to ‘cm_csrgen_o_main’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:266:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:268:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:279:29: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:281:29: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:279:29: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:282:43: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:282:43: call_function: calling ‘ldap_dn_to_X509_NAME’ from ‘cm_csrgen_o_main’
#  144|   		}
#  145|   	}
#  146|-> 	ldap_dnfree(dn);
#  147|   	return x509name;
#  148|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def275]
certmonger-0.79.21/src/csrgen-o.c:153:24: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:167:1: enter_function: entry to ‘cm_csrgen_o_main’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:266:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:268:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:288:28: branch_true: following ‘true’ branch (when ‘subject’ is NULL)...
certmonger-0.79.21/src/csrgen-o.c:289:43: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:289:43: call_function: calling ‘cn_to_X509_NAME’ from ‘cm_csrgen_o_main’
#  151|   static X509_NAME *
#  152|   cn_to_X509_NAME(const char *s) {
#  153|-> 	X509_NAME *n = X509_NAME_new();
#  154|   	if (n != NULL) {
#  155|   		X509_NAME_add_entry_by_txt(

Error: GCC_ANALYZER_WARNING (CWE-401): [#def276]
certmonger-0.79.21/src/csrgen-o.c:155:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:167:1: enter_function: entry to ‘cm_csrgen_o_main’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:266:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:268:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:288:28: branch_true: following ‘true’ branch (when ‘subject’ is NULL)...
certmonger-0.79.21/src/csrgen-o.c:289:43: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:289:43: call_function: calling ‘cn_to_X509_NAME’ from ‘cm_csrgen_o_main’
#  153|   	X509_NAME *n = X509_NAME_new();
#  154|   	if (n != NULL) {
#  155|-> 		X509_NAME_add_entry_by_txt(
#  156|   			n,
#  157|   			"CN",

Error: COMPILER_WARNING (CWE-563): [#def277]
certmonger-0.79.21/src/csrgen-o.c: scope_hint: In function ‘cm_csrgen_o_main’
certmonger-0.79.21/src/csrgen-o.c:167:46: warning[-Wunused-parameter]: unused parameter ‘ca’
#  167 | cm_csrgen_o_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#      |                          ~~~~~~~~~~~~~~~~~~~~^~
#  165|   
#  166|   static int
#  167|-> cm_csrgen_o_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#  168|   		 void *userdata)
#  169|   {

Error: COMPILER_WARNING (CWE-563): [#def278]
certmonger-0.79.21/src/csrgen-o.c:168:24: warning[-Wunused-parameter]: unused parameter ‘userdata’
#  168 |                  void *userdata)
#      |                  ~~~~~~^~~~~~~~
#  166|   static int
#  167|   cm_csrgen_o_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#  168|-> 		 void *userdata)
#  169|   {
#  170|   	struct cm_pin_cb_data cb_data;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def279]
certmonger-0.79.21/src/csrgen-o.c:201:28: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:199:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:200:13: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:199:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:201:53: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:201:28: throw: if ‘util_build_next_filename’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:201:28: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/0)
#  199|   	if ((entry->cm_key_next_marker != NULL) &&
#  200|   	    (strlen(entry->cm_key_next_marker) > 0)) {
#  201|-> 		filename = util_build_next_filename(entry->cm_key_storage_location, entry->cm_key_next_marker);
#  202|   		if (filename == NULL) {
#  203|   			cm_log(1, "Error opening key file for reading: %s.\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def280]
certmonger-0.79.21/src/csrgen-o.c:203:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:199:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:200:13: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:199:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:201:53: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:202:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:204:41: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:203:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:203:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/0)
#  201|   		filename = util_build_next_filename(entry->cm_key_storage_location, entry->cm_key_next_marker);
#  202|   		if (filename == NULL) {
#  203|-> 			cm_log(1, "Error opening key file for reading: %s.\n",
#  204|   			       strerror(errno));
#  205|   			_exit(CM_SUB_STATUS_INTERNAL_ERROR);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def281]
certmonger-0.79.21/src/csrgen-o.c:213:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:212:21: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:212:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:213:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:213:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:213:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/0)
#  211|   	if (keyfp == NULL) {
#  212|   		if (errno != ENOENT) {
#  213|-> 			cm_log(1, "Error opening key file \"%s\" "
#  214|   			       "for reading: %s.\n",
#  215|   			       filename, strerror(errno));

Error: GCC_ANALYZER_WARNING (CWE-775): [#def282]
certmonger-0.79.21/src/csrgen-o.c:219:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(filename, "r")’
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:210:17: acquire_resource: opened here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:219:9: throw: if ‘util_set_fd_entry_key_owner’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:219:9: danger: ‘fopen(filename, "r")’ leaks here; was opened at [(3)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/2)
#  217|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  218|   	}
#  219|-> 	util_set_fd_entry_key_owner(fileno(keyfp), filename, entry);
#  220|   	if (filename != entry->cm_key_storage_location) {
#  221|   		free(filename);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def283]
certmonger-0.79.21/src/csrgen-o.c:219:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "r")’
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:210:17: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:219:9: throw: if ‘util_set_fd_entry_key_owner’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:219:9: danger: ‘fopen(filename, "r")’ leaks here; was allocated at [(3)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/2)
#  217|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  218|   	}
#  219|-> 	util_set_fd_entry_key_owner(fileno(keyfp), filename, entry);
#  220|   	if (filename != entry->cm_key_storage_location) {
#  221|   		free(filename);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def284]
certmonger-0.79.21/src/csrgen-o.c:219:9: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:219:9: throw: if ‘util_set_fd_entry_key_owner’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:219:9: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/0)
#  217|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  218|   	}
#  219|-> 	util_set_fd_entry_key_owner(fileno(keyfp), filename, entry);
#  220|   	if (filename != entry->cm_key_storage_location) {
#  221|   		free(filename);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def285]
certmonger-0.79.21/src/csrgen-o.c:220:25: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(filename, "r")’
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:210:17: acquire_resource: opened here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:224:9: throw: if ‘util_o_init’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:220:25: danger: ‘fopen(filename, "r")’ leaks here; was opened at [(3)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/2)
#  218|   	}
#  219|   	util_set_fd_entry_key_owner(fileno(keyfp), filename, entry);
#  220|-> 	if (filename != entry->cm_key_storage_location) {
#  221|   		free(filename);
#  222|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def286]
certmonger-0.79.21/src/csrgen-o.c:220:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "r")’
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:210:17: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:224:9: throw: if ‘util_o_init’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:220:25: danger: ‘fopen(filename, "r")’ leaks here; was allocated at [(3)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/2)
#  218|   	}
#  219|   	util_set_fd_entry_key_owner(fileno(keyfp), filename, entry);
#  220|-> 	if (filename != entry->cm_key_storage_location) {
#  221|   		free(filename);
#  222|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def287]
certmonger-0.79.21/src/csrgen-o.c:224:9: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:224:9: throw: if ‘util_o_init’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:224:9: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/0)
#  222|   	}
#  223|   	filename = NULL;
#  224|-> 	util_o_init();
#  225|   	ERR_load_crypto_strings();
#  226|   	pkey = EVP_PKEY_new();

Error: GCC_ANALYZER_WARNING (CWE-401): [#def288]
certmonger-0.79.21/src/csrgen-o.c:226:16: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:226:16: throw: if ‘EVP_PKEY_new’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:226:16: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/0)
#  224|   	util_o_init();
#  225|   	ERR_load_crypto_strings();
#  226|-> 	pkey = EVP_PKEY_new();
#  227|   	if (pkey == NULL) {
#  228|   		cm_log(1, "Internal error generating CSR.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def289]
certmonger-0.79.21/src/csrgen-o.c:228:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:228:17: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:228:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:228:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/0)
#  226|   	pkey = EVP_PKEY_new();
#  227|   	if (pkey == NULL) {
#  228|-> 		cm_log(1, "Internal error generating CSR.\n");
#  229|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  230|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def290]
certmonger-0.79.21/src/csrgen-o.c:231:13: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:13: throw: if ‘cm_pin_read_for_key’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:231:13: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/0)
#  229|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  230|   	}
#  231|-> 	if (cm_pin_read_for_key(entry, &pin) != 0) {
#  232|   		cm_log(1, "Internal error reading key encryption PIN.\n");
#  233|   		_exit(CM_SUB_STATUS_ERROR_AUTH);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def291]
certmonger-0.79.21/src/csrgen-o.c:232:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:232:17: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:232:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:232:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/0)
#  230|   	}
#  231|   	if (cm_pin_read_for_key(entry, &pin) != 0) {
#  232|-> 		cm_log(1, "Internal error reading key encryption PIN.\n");
#  233|   		_exit(CM_SUB_STATUS_ERROR_AUTH);
#  234|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def292]
certmonger-0.79.21/src/csrgen-o.c:238:16: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:238:16: throw: if ‘PEM_read_PrivateKey’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:238:16: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/0)
#  236|   	cb_data.entry = entry;
#  237|   	cb_data.n_attempts = 0;
#  238|-> 	pkey = PEM_read_PrivateKey(keyfp, NULL,
#  239|   				   cm_pin_read_for_key_ossl_cb, &cb_data);
#  240|   	if (pkey == NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def293]
certmonger-0.79.21/src/csrgen-o.c:242:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:241:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:242:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:242:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/27/codeFlows/0/threadFlows/0/locations/0)
#  240|   	if (pkey == NULL) {
#  241|   		error = errno;
#  242|-> 		cm_log(1, "Error reading private key '%s': %s.\n",
#  243|   		       entry->cm_key_storage_location, strerror(error));
#  244|   		while ((error = ERR_get_error()) != 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def294]
certmonger-0.79.21/src/csrgen-o.c:244:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:241:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:244:33: throw: if ‘ERR_get_error’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:244:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/28/codeFlows/0/threadFlows/0/locations/0)
#  242|   		cm_log(1, "Error reading private key '%s': %s.\n",
#  243|   		       entry->cm_key_storage_location, strerror(error));
#  244|-> 		while ((error = ERR_get_error()) != 0) {
#  245|   			ERR_error_string_n(error, buf, sizeof(buf));
#  246|   			cm_log(1, "%s\n", buf);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def295]
certmonger-0.79.21/src/csrgen-o.c:245:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:241:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:244:24: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:245:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:245:25: throw: if ‘ERR_error_string_n’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:245:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/29/codeFlows/0/threadFlows/0/locations/0)
#  243|   		       entry->cm_key_storage_location, strerror(error));
#  244|   		while ((error = ERR_get_error()) != 0) {
#  245|-> 			ERR_error_string_n(error, buf, sizeof(buf));
#  246|   			cm_log(1, "%s\n", buf);
#  247|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def296]
certmonger-0.79.21/src/csrgen-o.c:246:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:241:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:244:24: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:245:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:246:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:246:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/0)
#  244|   		while ((error = ERR_get_error()) != 0) {
#  245|   			ERR_error_string_n(error, buf, sizeof(buf));
#  246|-> 			cm_log(1, "%s\n", buf);
#  247|   		}
#  248|   		_exit(CM_SUB_STATUS_ERROR_AUTH); /* XXX */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def297]
certmonger-0.79.21/src/csrgen-o.c:253:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:250:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:251:21: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:252:22: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:253:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:253:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:253:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/31/codeFlows/0/threadFlows/0/locations/0)
#  251|   		    (strlen(pin) > 0) &&
#  252|   		    (cb_data.n_attempts == 0)) {
#  253|-> 			cm_log(1, "PIN was not needed to read private "
#  254|   			       "key '%s', though one was provided. "
#  255|   			       "Treating this as an error.\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def298]
certmonger-0.79.21/src/csrgen-o.c:257:41: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:250:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:251:21: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:252:22: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:253:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:257:41: throw: if ‘ERR_get_error’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:257:41: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/32/codeFlows/0/threadFlows/0/locations/0)
#  255|   			       "Treating this as an error.\n",
#  256|   			       entry->cm_key_storage_location);
#  257|-> 			while ((error = ERR_get_error()) != 0) {
#  258|   				ERR_error_string_n(error, buf, sizeof(buf));
#  259|   				cm_log(1, "%s\n", buf);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def299]
certmonger-0.79.21/src/csrgen-o.c:258:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:250:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:251:21: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:252:22: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:253:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:257:32: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:258:33: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:258:33: throw: if ‘ERR_error_string_n’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:258:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/33/codeFlows/0/threadFlows/0/locations/0)
#  256|   			       entry->cm_key_storage_location);
#  257|   			while ((error = ERR_get_error()) != 0) {
#  258|-> 				ERR_error_string_n(error, buf, sizeof(buf));
#  259|   				cm_log(1, "%s\n", buf);
#  260|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def300]
certmonger-0.79.21/src/csrgen-o.c:259:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:250:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:251:21: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:252:22: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:253:25: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:257:32: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:258:33: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:259:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:259:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/34/codeFlows/0/threadFlows/0/locations/0)
#  257|   			while ((error = ERR_get_error()) != 0) {
#  258|   				ERR_error_string_n(error, buf, sizeof(buf));
#  259|-> 				cm_log(1, "%s\n", buf);
#  260|   			}
#  261|   			_exit(CM_SUB_STATUS_ERROR_AUTH); /* XXX */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def301]
certmonger-0.79.21/src/csrgen-o.c:265:23: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:265:23: throw: if ‘X509_REQ_new’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:265:23: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/35/codeFlows/0/threadFlows/0/locations/0)
#  263|   	}
#  264|   	if (pkey != NULL) {
#  265|-> 		req = X509_REQ_new();
#  266|   		if (req != NULL) {
#  267|   			subject = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def302]
certmonger-0.79.21/src/csrgen-o.c:273:45: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:266:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:268:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:268:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:269:29: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:268:29: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:270:37: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:271:40: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:272:36: branch_true: following ‘true’ branch (when ‘name’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:273:45: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:273:45: throw: if ‘cm_store_hex_to_bin’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:273:45: danger: ‘name’ leaks here; was allocated at [(17)](sarif:/runs/0/results/36/codeFlows/0/threadFlows/0/locations/16)
#  271|   				name = malloc(i);
#  272|   				if (name != NULL) {
#  273|-> 					i = cm_store_hex_to_bin(entry->cm_template_subject_der,
#  274|   								name, i);
#  275|   					nametmp = name;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def303]
certmonger-0.79.21/src/csrgen-o.c:273:45: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:266:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:268:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:268:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:269:29: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:268:29: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:270:37: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:272:36: branch_true: following ‘true’ branch (when ‘name’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:273:45: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:273:45: throw: if ‘cm_store_hex_to_bin’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:273:45: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/37/codeFlows/0/threadFlows/0/locations/0)
#  271|   				name = malloc(i);
#  272|   				if (name != NULL) {
#  273|-> 					i = cm_store_hex_to_bin(entry->cm_template_subject_der,
#  274|   								name, i);
#  275|   					nametmp = name;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def304]
certmonger-0.79.21/src/csrgen-o.c:276:51: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:266:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:268:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:268:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:269:29: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:268:29: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:270:37: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:272:36: branch_true: following ‘true’ branch (when ‘name’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:273:45: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:276:51: throw: if ‘d2i_X509_NAME’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:276:51: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/38/codeFlows/0/threadFlows/0/locations/0)
#  274|   								name, i);
#  275|   					nametmp = name;
#  276|-> 					subject = d2i_X509_NAME(NULL, &nametmp, i);
#  277|   				}
#  278|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def305]
certmonger-0.79.21/src/csrgen-o.c:292:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:266:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:268:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:268:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:269:29: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:268:29: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:270:37: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:272:36: branch_true: following ‘true’ branch (when ‘name’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:273:45: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:279:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:292:33: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:292:33: throw: if ‘util_X509_REQ_set_subject_name’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:292:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/39/codeFlows/0/threadFlows/0/locations/0)
#  290|   			}
#  291|   			if (subject != NULL) {
#  292|-> 				util_X509_REQ_set_subject_name(req, subject);
#  293|   			}
#  294|   			X509_REQ_set_pubkey(req, pkey);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def306]
certmonger-0.79.21/src/csrgen-o.c:294:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:167:1: enter_function: entry to ‘cm_csrgen_o_main’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:266:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:268:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:288:28: branch_true: following ‘true’ branch (when ‘subject’ is NULL)...
certmonger-0.79.21/src/csrgen-o.c:289:43: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:289:43: call_function: calling ‘cn_to_X509_NAME’ from ‘cm_csrgen_o_main’
certmonger-0.79.21/src/csrgen-o.c:289:43: return_function: returning to ‘cm_csrgen_o_main’ from ‘cn_to_X509_NAME’
certmonger-0.79.21/src/csrgen-o.c:291:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:294:25: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:294:25: throw: if ‘X509_REQ_set_pubkey’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:294:25: danger: ‘status’ leaks here; was allocated at [(2)](sarif:/runs/0/results/40/codeFlows/0/threadFlows/0/locations/1)
#  292|   				util_X509_REQ_set_subject_name(req, subject);
#  293|   			}
#  294|-> 			X509_REQ_set_pubkey(req, pkey);
#  295|   			X509_REQ_set_version(req, SEC_CERTIFICATE_REQUEST_VERSION);
#  296|   			/* Add attributes. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def307]
certmonger-0.79.21/src/csrgen-o.c:295:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:167:1: enter_function: entry to ‘cm_csrgen_o_main’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:266:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:268:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:288:28: branch_true: following ‘true’ branch (when ‘subject’ is NULL)...
certmonger-0.79.21/src/csrgen-o.c:289:43: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:289:43: call_function: calling ‘cn_to_X509_NAME’ from ‘cm_csrgen_o_main’
certmonger-0.79.21/src/csrgen-o.c:289:43: return_function: returning to ‘cm_csrgen_o_main’ from ‘cn_to_X509_NAME’
certmonger-0.79.21/src/csrgen-o.c:291:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:294:25: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:295:25: throw: if ‘X509_REQ_set_version’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:295:25: danger: ‘status’ leaks here; was allocated at [(2)](sarif:/runs/0/results/41/codeFlows/0/threadFlows/0/locations/1)
#  293|   			}
#  294|   			X509_REQ_set_pubkey(req, pkey);
#  295|-> 			X509_REQ_set_version(req, SEC_CERTIFICATE_REQUEST_VERSION);
#  296|   			/* Add attributes. */
#  297|   			extensions = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def308]
certmonger-0.79.21/src/csrgen-o.c:298:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:167:1: enter_function: entry to ‘cm_csrgen_o_main’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:266:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:268:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:288:28: branch_true: following ‘true’ branch (when ‘subject’ is NULL)...
certmonger-0.79.21/src/csrgen-o.c:289:43: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:289:43: call_function: calling ‘cn_to_X509_NAME’ from ‘cm_csrgen_o_main’
certmonger-0.79.21/src/csrgen-o.c:289:43: return_function: returning to ‘cm_csrgen_o_main’ from ‘cn_to_X509_NAME’
certmonger-0.79.21/src/csrgen-o.c:291:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:294:25: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:298:25: throw: if ‘cm_certext_build_csr_extensions’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:298:25: danger: ‘status’ leaks here; was allocated at [(2)](sarif:/runs/0/results/42/codeFlows/0/threadFlows/0/locations/1)
#  296|   			/* Add attributes. */
#  297|   			extensions = NULL;
#  298|-> 			cm_certext_build_csr_extensions(entry, NULL,
#  299|   							&extensions,
#  300|   							&extensions_len);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def309]
certmonger-0.79.21/src/csrgen-o.c:303:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:167:1: enter_function: entry to ‘cm_csrgen_o_main’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:266:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:268:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:288:28: branch_true: following ‘true’ branch (when ‘subject’ is NULL)...
certmonger-0.79.21/src/csrgen-o.c:289:43: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:289:43: call_function: calling ‘cn_to_X509_NAME’ from ‘cm_csrgen_o_main’
certmonger-0.79.21/src/csrgen-o.c:289:43: return_function: returning to ‘cm_csrgen_o_main’ from ‘cn_to_X509_NAME’
certmonger-0.79.21/src/csrgen-o.c:291:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:294:25: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:301:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:302:29: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:301:29: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:303:33: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:303:33: throw: if ‘X509_REQ_add1_attr_by_NID’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:303:33: danger: ‘status’ leaks here; was allocated at [(2)](sarif:/runs/0/results/43/codeFlows/0/threadFlows/0/locations/1)
#  301|   			if ((extensions != NULL) &&
#  302|   			    (extensions_len> 0)) {
#  303|-> 				X509_REQ_add1_attr_by_NID(req,
#  304|   							  NID_ext_req,
#  305|   							  V_ASN1_SEQUENCE,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def310]
certmonger-0.79.21/src/csrgen-o.c:319:30: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:167:1: enter_function: entry to ‘cm_csrgen_o_main’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:266:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:268:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:288:28: branch_true: following ‘true’ branch (when ‘subject’ is NULL)...
certmonger-0.79.21/src/csrgen-o.c:289:43: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:289:43: call_function: calling ‘cn_to_X509_NAME’ from ‘cm_csrgen_o_main’
certmonger-0.79.21/src/csrgen-o.c:289:43: return_function: returning to ‘cm_csrgen_o_main’ from ‘cn_to_X509_NAME’
certmonger-0.79.21/src/csrgen-o.c:291:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:294:25: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:318:28: branch_true: following ‘true’ branch (when ‘nickname’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:319:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:319:30: throw: if ‘cm_store_utf8_to_bmp_string’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:319:30: danger: ‘status’ leaks here; was allocated at [(2)](sarif:/runs/0/results/44/codeFlows/0/threadFlows/0/locations/1)
#  317|   			}
#  318|   			if ((nickname != NULL) &&
#  319|-> 			    (cm_store_utf8_to_bmp_string(nickname, &bmp,
#  320|   							 &bmpcount) == 0)) {
#  321|   				X509_REQ_add1_attr_by_NID(req,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def311]
certmonger-0.79.21/src/csrgen-o.c:321:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:167:1: enter_function: entry to ‘cm_csrgen_o_main’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:266:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:268:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:288:28: branch_true: following ‘true’ branch (when ‘subject’ is NULL)...
certmonger-0.79.21/src/csrgen-o.c:289:43: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:289:43: call_function: calling ‘cn_to_X509_NAME’ from ‘cm_csrgen_o_main’
certmonger-0.79.21/src/csrgen-o.c:289:43: return_function: returning to ‘cm_csrgen_o_main’ from ‘cn_to_X509_NAME’
certmonger-0.79.21/src/csrgen-o.c:291:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:294:25: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:318:28: branch_true: following ‘true’ branch (when ‘nickname’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:319:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:318:29: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:321:33: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:321:33: throw: if ‘X509_REQ_add1_attr_by_NID’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:321:33: danger: ‘status’ leaks here; was allocated at [(2)](sarif:/runs/0/results/45/codeFlows/0/threadFlows/0/locations/1)
#  319|   			    (cm_store_utf8_to_bmp_string(nickname, &bmp,
#  320|   							 &bmpcount) == 0)) {
#  321|-> 				X509_REQ_add1_attr_by_NID(req,
#  322|   							  NID_friendlyName,
#  323|   							  V_ASN1_BMPSTRING,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def312]
certmonger-0.79.21/src/csrgen-o.c:328:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:167:1: enter_function: entry to ‘cm_csrgen_o_main’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:266:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:268:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:288:28: branch_true: following ‘true’ branch (when ‘subject’ is NULL)...
certmonger-0.79.21/src/csrgen-o.c:289:43: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:289:43: call_function: calling ‘cn_to_X509_NAME’ from ‘cm_csrgen_o_main’
certmonger-0.79.21/src/csrgen-o.c:289:43: return_function: returning to ‘cm_csrgen_o_main’ from ‘cn_to_X509_NAME’
certmonger-0.79.21/src/csrgen-o.c:291:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:294:25: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:318:28: branch_true: following ‘true’ branch (when ‘nickname’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:319:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:318:29: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:328:33: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:328:33: throw: if ‘cm_csrgen_read_challenge_password’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:328:33: danger: ‘status’ leaks here; was allocated at [(2)](sarif:/runs/0/results/46/codeFlows/0/threadFlows/0/locations/1)
#  326|   				free(bmp);
#  327|   			}
#  328|-> 			error = cm_csrgen_read_challenge_password(entry,
#  329|   								  &password);
#  330|   			if (error != 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def313]
certmonger-0.79.21/src/csrgen-o.c:331:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:266:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:268:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:288:28: branch_true: following ‘true’ branch (when ‘subject’ is NULL)...
certmonger-0.79.21/src/csrgen-o.c:289:43: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:291:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:294:25: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:330:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:331:33: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:331:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:331:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/47/codeFlows/0/threadFlows/0/locations/0)
#  329|   								  &password);
#  330|   			if (error != 0) {
#  331|-> 				cm_log(1, "Error reading challenge password: %s.\n",
#  332|   				       strerror(error));
#  333|   				while ((error = ERR_get_error()) != 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def314]
certmonger-0.79.21/src/csrgen-o.c:333:49: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:266:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:268:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:288:28: branch_true: following ‘true’ branch (when ‘subject’ is NULL)...
certmonger-0.79.21/src/csrgen-o.c:289:43: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:291:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:294:25: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:330:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:331:33: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:333:49: throw: if ‘ERR_get_error’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:333:49: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/48/codeFlows/0/threadFlows/0/locations/0)
#  331|   				cm_log(1, "Error reading challenge password: %s.\n",
#  332|   				       strerror(error));
#  333|-> 				while ((error = ERR_get_error()) != 0) {
#  334|   					ERR_error_string_n(error, buf, sizeof(buf));
#  335|   					cm_log(1, "%s\n", buf);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def315]
certmonger-0.79.21/src/csrgen-o.c:334:41: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:266:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:268:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:288:28: branch_true: following ‘true’ branch (when ‘subject’ is NULL)...
certmonger-0.79.21/src/csrgen-o.c:289:43: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:291:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:294:25: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:330:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:331:33: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:333:40: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:334:41: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:334:41: throw: if ‘ERR_error_string_n’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:334:41: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/49/codeFlows/0/threadFlows/0/locations/0)
#  332|   				       strerror(error));
#  333|   				while ((error = ERR_get_error()) != 0) {
#  334|-> 					ERR_error_string_n(error, buf, sizeof(buf));
#  335|   					cm_log(1, "%s\n", buf);
#  336|   				}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def316]
certmonger-0.79.21/src/csrgen-o.c:335:41: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:266:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:268:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:288:28: branch_true: following ‘true’ branch (when ‘subject’ is NULL)...
certmonger-0.79.21/src/csrgen-o.c:289:43: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:291:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:294:25: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:330:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:331:33: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:333:40: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:334:41: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:335:41: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:335:41: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/50/codeFlows/0/threadFlows/0/locations/0)
#  333|   				while ((error = ERR_get_error()) != 0) {
#  334|   					ERR_error_string_n(error, buf, sizeof(buf));
#  335|-> 					cm_log(1, "%s\n", buf);
#  336|   				}
#  337|   				_exit(CM_SUB_STATUS_ERROR_AUTH); /* XXX */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def317]
certmonger-0.79.21/src/csrgen-o.c:341:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:167:1: enter_function: entry to ‘cm_csrgen_o_main’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:266:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:268:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:288:28: branch_true: following ‘true’ branch (when ‘subject’ is NULL)...
certmonger-0.79.21/src/csrgen-o.c:289:43: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:289:43: call_function: calling ‘cn_to_X509_NAME’ from ‘cm_csrgen_o_main’
certmonger-0.79.21/src/csrgen-o.c:289:43: return_function: returning to ‘cm_csrgen_o_main’ from ‘cn_to_X509_NAME’
certmonger-0.79.21/src/csrgen-o.c:291:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:294:25: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:318:28: branch_true: following ‘true’ branch (when ‘nickname’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:319:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:330:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:339:25: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:340:28: branch_true: following ‘true’ branch (when ‘upassword’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:345:59: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:341:33: throw: if ‘X509_REQ_add1_attr_by_NID’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:341:33: danger: ‘status’ leaks here; was allocated at [(2)](sarif:/runs/0/results/51/codeFlows/0/threadFlows/0/locations/1)
#  339|   			upassword = (unsigned char *) password;
#  340|   			if (password != NULL) {
#  341|-> 				X509_REQ_add1_attr_by_NID(req,
#  342|   							  NID_pkcs9_challengePassword,
#  343|   							  V_ASN1_PRINTABLESTRING,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def318]
certmonger-0.79.21/src/csrgen-o.c:347:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:167:1: enter_function: entry to ‘cm_csrgen_o_main’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:266:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:268:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:288:28: branch_true: following ‘true’ branch (when ‘subject’ is NULL)...
certmonger-0.79.21/src/csrgen-o.c:289:43: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:289:43: call_function: calling ‘cn_to_X509_NAME’ from ‘cm_csrgen_o_main’
certmonger-0.79.21/src/csrgen-o.c:289:43: return_function: returning to ‘cm_csrgen_o_main’ from ‘cn_to_X509_NAME’
certmonger-0.79.21/src/csrgen-o.c:291:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:294:25: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:330:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:339:25: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:340:28: branch_false: following ‘false’ branch (when ‘upassword’ is NULL)...
certmonger-0.79.21/src/csrgen-o.c:347:25: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:347:25: throw: if ‘cm_prefs_ossl_hash’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:347:25: danger: ‘status’ leaks here; was allocated at [(2)](sarif:/runs/0/results/52/codeFlows/0/threadFlows/0/locations/1)
#  345|   							  strlen(password));
#  346|   			}
#  347|-> 			X509_REQ_sign(req, pkey, cm_prefs_ossl_hash());
#  348|   			PEM_write_X509_REQ(status, req);
#  349|   			/* Generate the SPKAC. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def319]
certmonger-0.79.21/src/csrgen-o.c:348:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:167:1: enter_function: entry to ‘cm_csrgen_o_main’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:266:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:268:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:288:28: branch_true: following ‘true’ branch (when ‘subject’ is NULL)...
certmonger-0.79.21/src/csrgen-o.c:289:43: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:289:43: call_function: calling ‘cn_to_X509_NAME’ from ‘cm_csrgen_o_main’
certmonger-0.79.21/src/csrgen-o.c:289:43: return_function: returning to ‘cm_csrgen_o_main’ from ‘cn_to_X509_NAME’
certmonger-0.79.21/src/csrgen-o.c:291:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:294:25: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:330:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:339:25: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:348:25: throw: if ‘PEM_write_X509_REQ’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:348:25: danger: ‘status’ leaks here; was allocated at [(2)](sarif:/runs/0/results/54/codeFlows/0/threadFlows/0/locations/1)
#  346|   			}
#  347|   			X509_REQ_sign(req, pkey, cm_prefs_ossl_hash());
#  348|-> 			PEM_write_X509_REQ(status, req);
#  349|   			/* Generate the SPKAC. */
#  350|   			memset(&spkac, 0, sizeof(spkac));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def320]
certmonger-0.79.21/src/csrgen-o.c:377:45: warning[-Wanalyzer-malloc-leak]: leak of ‘uq’
certmonger-0.79.21/src/csrgen-o.c:167:1: enter_function: entry to ‘cm_csrgen_o_main’
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:266:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:268:30: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:288:28: branch_true: following ‘true’ branch (when ‘subject’ is NULL)...
certmonger-0.79.21/src/csrgen-o.c:289:43: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:289:43: call_function: calling ‘cn_to_X509_NAME’ from ‘cm_csrgen_o_main’
certmonger-0.79.21/src/csrgen-o.c:289:43: return_function: returning to ‘cm_csrgen_o_main’ from ‘cn_to_X509_NAME’
certmonger-0.79.21/src/csrgen-o.c:291:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:294:25: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:330:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:339:25: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:373:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:374:38: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:374:38: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:375:36: branch_true: following ‘true’ branch (when ‘up’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:376:41: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:377:45: throw: if ‘i2d_PUBKEY’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:377:45: danger: ‘uq’ leaks here; was allocated at [(27)](sarif:/runs/0/results/55/codeFlows/0/threadFlows/0/locations/26)
#  375|   				if (up != NULL) {
#  376|   					uq = up;
#  377|-> 					if (i2d_PUBKEY(pkey, &uq) == len) {
#  378|   						if (EVP_Digest(up, uq - up, md, &mdlen, cm_prefs_ossl_hash(), NULL)) {
#  379|   							spkihex = cm_store_hex_from_bin(NULL, md, mdlen);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def321]
certmonger-0.79.21/src/csrgen-o.c:448:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:266:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:448:25: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:448:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:448:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/56/codeFlows/0/threadFlows/0/locations/0)
#  446|   			fprintf(status, "%s\n", mcb64 ? mcb64 : "");
#  447|   		} else {
#  448|-> 			cm_log(1, "Error creating template certificate.\n");
#  449|   			while ((error = ERR_get_error()) != 0) {
#  450|   				ERR_error_string_n(error, buf, sizeof(buf));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def322]
certmonger-0.79.21/src/csrgen-o.c:449:41: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:266:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:448:25: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:449:41: throw: if ‘ERR_get_error’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:449:41: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/57/codeFlows/0/threadFlows/0/locations/0)
#  447|   		} else {
#  448|   			cm_log(1, "Error creating template certificate.\n");
#  449|-> 			while ((error = ERR_get_error()) != 0) {
#  450|   				ERR_error_string_n(error, buf, sizeof(buf));
#  451|   				cm_log(1, "%s\n", buf);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def323]
certmonger-0.79.21/src/csrgen-o.c:450:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:266:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:448:25: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:449:32: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:450:33: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:450:33: throw: if ‘ERR_error_string_n’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:450:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/58/codeFlows/0/threadFlows/0/locations/0)
#  448|   			cm_log(1, "Error creating template certificate.\n");
#  449|   			while ((error = ERR_get_error()) != 0) {
#  450|-> 				ERR_error_string_n(error, buf, sizeof(buf));
#  451|   				cm_log(1, "%s\n", buf);
#  452|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def324]
certmonger-0.79.21/src/csrgen-o.c:451:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/csrgen-o.c:195:18: acquire_memory: allocated here
certmonger-0.79.21/src/csrgen-o.c:196:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/csrgen-o.c:199:14: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:211:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:219:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:227:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:231:13: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:231:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:235:9: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:240:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:250:21: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:266:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/csrgen-o.c:448:25: branch_false: ...to here
certmonger-0.79.21/src/csrgen-o.c:449:32: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/csrgen-o.c:450:33: branch_true: ...to here
certmonger-0.79.21/src/csrgen-o.c:451:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/csrgen-o.c:451:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/59/codeFlows/0/threadFlows/0/locations/0)
#  449|   			while ((error = ERR_get_error()) != 0) {
#  450|   				ERR_error_string_n(error, buf, sizeof(buf));
#  451|-> 				cm_log(1, "%s\n", buf);
#  452|   			}
#  453|   			_exit(CM_SUB_STATUS_INTERNAL_ERROR);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def325]
certmonger-0.79.21/src/dogtag.c:111:23: warning[-Wanalyzer-malloc-leak]: leak of ‘aoptions’
certmonger-0.79.21/src/dogtag.c:912:1: enter_function: entry to ‘main’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1108:17: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1116:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1120:14: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1121:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1126:15: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1185:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1186:23: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1187:20: branch_true: following ‘true’ branch (when ‘tmp’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1188:29: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1188:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1189:42: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1189:42: call_function: calling ‘serial_hex_from_cert’ from ‘main’
#  109|   
#  110|   	if ((cert != NULL) && (strlen(cert) > 0)) {
#  111|-> 		pem = talloc_strdup(NULL, cert);
#  112|   		if (pem != NULL) {
#  113|   			c = CERT_DecodeCertFromPackage(pem, strlen(pem));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def326]
certmonger-0.79.21/src/dogtag.c:111:23: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:912:1: enter_function: entry to ‘main’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1034:29: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1108:17: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1116:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1120:14: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1121:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1126:15: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1185:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1186:23: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1187:20: branch_true: following ‘true’ branch (when ‘tmp’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1188:29: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1188:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1189:42: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1189:42: call_function: calling ‘serial_hex_from_cert’ from ‘main’
#  109|   
#  110|   	if ((cert != NULL) && (strlen(cert) > 0)) {
#  111|-> 		pem = talloc_strdup(NULL, cert);
#  112|   		if (pem != NULL) {
#  113|   			c = CERT_DecodeCertFromPackage(pem, strlen(pem));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def327]
certmonger-0.79.21/src/dogtag.c:113:29: warning[-Wanalyzer-malloc-leak]: leak of ‘aoptions’
certmonger-0.79.21/src/dogtag.c:912:1: enter_function: entry to ‘main’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1108:17: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1116:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1120:14: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1121:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1126:15: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1185:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1186:23: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1187:20: branch_true: following ‘true’ branch (when ‘tmp’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1188:29: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1188:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1189:42: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1189:42: call_function: calling ‘serial_hex_from_cert’ from ‘main’
#  111|   		pem = talloc_strdup(NULL, cert);
#  112|   		if (pem != NULL) {
#  113|-> 			c = CERT_DecodeCertFromPackage(pem, strlen(pem));
#  114|   			if (c != NULL) {
#  115|   				ret = cm_store_hex_from_bin(NULL,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def328]
certmonger-0.79.21/src/dogtag.c:113:29: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:912:1: enter_function: entry to ‘main’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1034:29: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1108:17: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1116:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1120:14: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1121:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1126:15: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1185:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1186:23: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1187:20: branch_true: following ‘true’ branch (when ‘tmp’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1188:29: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1188:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1189:42: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1189:42: call_function: calling ‘serial_hex_from_cert’ from ‘main’
#  111|   		pem = talloc_strdup(NULL, cert);
#  112|   		if (pem != NULL) {
#  113|-> 			c = CERT_DecodeCertFromPackage(pem, strlen(pem));
#  114|   			if (c != NULL) {
#  115|   				ret = cm_store_hex_from_bin(NULL,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def329]
certmonger-0.79.21/src/dogtag.c:177:26: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:166:21: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:177:26: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/dogtag.c:177:26: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/7)
#  175|   			op = op_retrieve;
#  176|   		}
#  177|-> 		params = talloc_asprintf(ctx, "requestId=%s", q);
#  178|   		free(p);
#  179|   		free(q);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def330]
certmonger-0.79.21/src/dogtag.c:177:26: warning[-Wanalyzer-malloc-leak]: leak of ‘q’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:166:21: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:177:26: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/dogtag.c:177:26: danger: ‘q’ leaks here; was allocated at [(17)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/16)
#  175|   			op = op_retrieve;
#  176|   		}
#  177|-> 		params = talloc_asprintf(ctx, "requestId=%s", q);
#  178|   		free(p);
#  179|   		free(q);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def331]
certmonger-0.79.21/src/dogtag.c:189:24: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:189:24: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/7)
#  187|   	case op_none:
#  188|   		printf(_("Internal error: unknown state.\n"));
#  189|-> 		return CM_SUBMIT_STATUS_UNCONFIGURED;
#  190|   		break;
#  191|   	case op_submit:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def332]
certmonger-0.79.21/src/dogtag.c:193:23: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:193:23: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/dogtag.c:193:23: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/7)
#  191|   	case op_submit:
#  192|   		method = DOGTAG_PROFILE_SUBMIT_METHOD;
#  193|-> 		url = talloc_asprintf(ctx, "%s/%s", eeurl,
#  194|   				      use_agent_submission ?
#  195|   				      DOGTAG_PROFILE_SUBMIT_AGENT_RESOURCE :

Error: GCC_ANALYZER_WARNING (CWE-401): [#def333]
certmonger-0.79.21/src/dogtag.c:197:28: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:197:28: throw: if ‘cm_submit_u_url_encode’ throws an exception...
certmonger-0.79.21/src/dogtag.c:197:28: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/7)
#  195|   				      DOGTAG_PROFILE_SUBMIT_AGENT_RESOURCE :
#  196|   				      DOGTAG_PROFILE_SUBMIT_RESOURCE);
#  197|-> 		template = cm_submit_u_url_encode(template);
#  198|   		if ((serial != NULL) && (strlen(serial) > 0) && !force_new) {
#  199|   			/* Renew-by-serial. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def334]
certmonger-0.79.21/src/dogtag.c:200:34: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:198:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:200:34: throw: if ‘cm_submit_u_url_encode’ throws an exception...
certmonger-0.79.21/src/dogtag.c:200:34: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/7)
#  198|   		if ((serial != NULL) && (strlen(serial) > 0) && !force_new) {
#  199|   			/* Renew-by-serial. */
#  200|-> 			serial = cm_submit_u_url_encode(serial);
#  201|   			params = talloc_asprintf(ctx,
#  202|   						 "profileId=%s&"

Error: GCC_ANALYZER_WARNING (CWE-401): [#def335]
certmonger-0.79.21/src/dogtag.c:201:34: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:198:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:201:34: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/dogtag.c:201:34: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/7)
#  199|   			/* Renew-by-serial. */
#  200|   			serial = cm_submit_u_url_encode(serial);
#  201|-> 			params = talloc_asprintf(ctx,
#  202|   						 "profileId=%s&"
#  203|   						 "serial_num=%s&"

Error: GCC_ANALYZER_WARNING (CWE-401): [#def336]
certmonger-0.79.21/src/dogtag.c:212:35: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:212:35: throw: if ‘poptGetArg’ throws an exception...
certmonger-0.79.21/src/dogtag.c:212:35: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/7)
#  210|   			 * environment, or from the command-line, that we're
#  211|   			 * going to submit for signing. */
#  212|-> 			csrfile = poptGetArg(pctx);
#  213|   			if (csrfile != NULL) {
#  214|   				csr = cm_submit_u_from_file(csrfile);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def337]
certmonger-0.79.21/src/dogtag.c:214:39: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:213:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:214:39: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:214:39: throw: if ‘cm_submit_u_from_file’ throws an exception...
certmonger-0.79.21/src/dogtag.c:214:39: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/7)
#  212|   			csrfile = poptGetArg(pctx);
#  213|   			if (csrfile != NULL) {
#  214|-> 				csr = cm_submit_u_from_file(csrfile);
#  215|   			} else {
#  216|   				csr = getenv(CM_SUBMIT_CSR_ENV);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def338]
certmonger-0.79.21/src/dogtag.c:229:33: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:217:36: branch_false: following ‘false’ branch (when ‘csr’ is NULL)...
certmonger-0.79.21/src/dogtag.c:222:36: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:229:33: throw: if ‘poptPrintUsage’ throws an exception...
certmonger-0.79.21/src/dogtag.c:229:33: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/7)
#  227|   					       CM_SUBMIT_CSR_ENV);
#  228|   				}
#  229|-> 				poptPrintUsage(pctx, stdout, 0);
#  230|   				free(csr);
#  231|   				return CM_SUBMIT_STATUS_UNCONFIGURED;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def339]
certmonger-0.79.21/src/dogtag.c:233:31: warning[-Wanalyzer-malloc-leak]: leak of ‘csr’
certmonger-0.79.21/src/dogtag.c:213:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:216:39: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:217:36: branch_true: following ‘true’ branch (when ‘csr’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:218:47: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:218:47: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:221:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:233:31: throw: if ‘cm_submit_u_url_encode’ throws an exception...
certmonger-0.79.21/src/dogtag.c:233:31: danger: ‘csr’ leaks here; was allocated at [(7)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/6)
#  231|   				return CM_SUBMIT_STATUS_UNCONFIGURED;
#  232|   			}
#  233|-> 			csr = cm_submit_u_url_encode(csr);
#  234|   			params = talloc_asprintf(ctx,
#  235|   						 "profileId=%s&"

Error: GCC_ANALYZER_WARNING (CWE-401): [#def340]
certmonger-0.79.21/src/dogtag.c:233:31: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:213:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:214:39: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:221:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:233:31: throw: if ‘cm_submit_u_url_encode’ throws an exception...
certmonger-0.79.21/src/dogtag.c:233:31: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/7)
#  231|   				return CM_SUBMIT_STATUS_UNCONFIGURED;
#  232|   			}
#  233|-> 			csr = cm_submit_u_url_encode(csr);
#  234|   			params = talloc_asprintf(ctx,
#  235|   						 "profileId=%s&"

Error: GCC_ANALYZER_WARNING (CWE-401): [#def341]
certmonger-0.79.21/src/dogtag.c:234:34: warning[-Wanalyzer-malloc-leak]: leak of ‘csr’
certmonger-0.79.21/src/dogtag.c:213:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:216:39: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:217:36: branch_true: following ‘true’ branch (when ‘csr’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:218:47: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:218:47: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:221:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:234:34: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/dogtag.c:234:34: danger: ‘csr’ leaks here; was allocated at [(7)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/6)
#  232|   			}
#  233|   			csr = cm_submit_u_url_encode(csr);
#  234|-> 			params = talloc_asprintf(ctx,
#  235|   						 "profileId=%s&"
#  236|   						 "cert_request_type=pkcs10&"

Error: GCC_ANALYZER_WARNING (CWE-401): [#def342]
certmonger-0.79.21/src/dogtag.c:234:34: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:213:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:214:39: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:221:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:234:34: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/dogtag.c:234:34: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/7)
#  232|   			}
#  233|   			csr = cm_submit_u_url_encode(csr);
#  234|-> 			params = talloc_asprintf(ctx,
#  235|   						 "profileId=%s&"
#  236|   						 "cert_request_type=pkcs10&"

Error: GCC_ANALYZER_WARNING (CWE-401): [#def343]
certmonger-0.79.21/src/dogtag.c:260:31: warning[-Wanalyzer-malloc-leak]: leak of ‘csr’
certmonger-0.79.21/src/dogtag.c:213:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:216:39: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:217:36: branch_true: following ‘true’ branch (when ‘csr’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:218:47: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:218:47: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:221:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:244:29: branch_false: following ‘false’ branch (when ‘j >= num_soptions’)...
certmonger-0.79.21/src/dogtag.c:259:20: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:259:20: branch_true: following ‘true’ branch (when ‘uid’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:260:31: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:260:31: throw: if ‘cm_submit_u_url_encode’ throws an exception...
certmonger-0.79.21/src/dogtag.c:260:31: danger: ‘csr’ leaks here; was allocated at [(7)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/6)
#  258|   		/* Add client creds. */
#  259|   		if (uid != NULL) {
#  260|-> 			uid = cm_submit_u_url_encode(uid);
#  261|   			params = talloc_asprintf(ctx, "%s&uid=%s", params, uid);
#  262|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def344]
certmonger-0.79.21/src/dogtag.c:260:31: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:244:29: branch_false: following ‘false’ branch (when ‘j >= num_soptions’)...
certmonger-0.79.21/src/dogtag.c:259:20: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:259:20: branch_true: following ‘true’ branch (when ‘uid’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:260:31: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:260:31: throw: if ‘cm_submit_u_url_encode’ throws an exception...
certmonger-0.79.21/src/dogtag.c:260:31: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/7)
#  258|   		/* Add client creds. */
#  259|   		if (uid != NULL) {
#  260|-> 			uid = cm_submit_u_url_encode(uid);
#  261|   			params = talloc_asprintf(ctx, "%s&uid=%s", params, uid);
#  262|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def345]
certmonger-0.79.21/src/dogtag.c:261:34: warning[-Wanalyzer-malloc-leak]: leak of ‘csr’
certmonger-0.79.21/src/dogtag.c:213:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:216:39: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:217:36: branch_true: following ‘true’ branch (when ‘csr’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:218:47: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:218:47: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:221:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:244:29: branch_false: following ‘false’ branch (when ‘j >= num_soptions’)...
certmonger-0.79.21/src/dogtag.c:259:20: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:259:20: branch_true: following ‘true’ branch (when ‘uid’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:260:31: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:261:34: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/dogtag.c:261:34: danger: ‘csr’ leaks here; was allocated at [(7)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/6)
#  259|   		if (uid != NULL) {
#  260|   			uid = cm_submit_u_url_encode(uid);
#  261|-> 			params = talloc_asprintf(ctx, "%s&uid=%s", params, uid);
#  262|   		}
#  263|   		if (udn != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def346]
certmonger-0.79.21/src/dogtag.c:261:34: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:244:29: branch_false: following ‘false’ branch (when ‘j >= num_soptions’)...
certmonger-0.79.21/src/dogtag.c:259:20: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:259:20: branch_true: following ‘true’ branch (when ‘uid’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:260:31: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:261:34: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/dogtag.c:261:34: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/7)
#  259|   		if (uid != NULL) {
#  260|   			uid = cm_submit_u_url_encode(uid);
#  261|-> 			params = talloc_asprintf(ctx, "%s&uid=%s", params, uid);
#  262|   		}
#  263|   		if (udn != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def347]
certmonger-0.79.21/src/dogtag.c:264:31: warning[-Wanalyzer-malloc-leak]: leak of ‘csr’
certmonger-0.79.21/src/dogtag.c:213:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:216:39: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:217:36: branch_true: following ‘true’ branch (when ‘csr’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:218:47: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:218:47: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:221:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:244:29: branch_false: following ‘false’ branch (when ‘j >= num_soptions’)...
certmonger-0.79.21/src/dogtag.c:259:20: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:263:20: branch_true: following ‘true’ branch (when ‘udn’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:264:31: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:264:31: throw: if ‘cm_submit_u_url_encode’ throws an exception...
certmonger-0.79.21/src/dogtag.c:264:31: danger: ‘csr’ leaks here; was allocated at [(7)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/6)
#  262|   		}
#  263|   		if (udn != NULL) {
#  264|-> 			udn = cm_submit_u_url_encode(udn);
#  265|   			params = talloc_asprintf(ctx, "%s&udn=%s", params, udn);
#  266|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def348]
certmonger-0.79.21/src/dogtag.c:264:31: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:244:29: branch_false: following ‘false’ branch (when ‘j >= num_soptions’)...
certmonger-0.79.21/src/dogtag.c:259:20: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:263:20: branch_true: following ‘true’ branch (when ‘udn’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:264:31: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:264:31: throw: if ‘cm_submit_u_url_encode’ throws an exception...
certmonger-0.79.21/src/dogtag.c:264:31: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/7)
#  262|   		}
#  263|   		if (udn != NULL) {
#  264|-> 			udn = cm_submit_u_url_encode(udn);
#  265|   			params = talloc_asprintf(ctx, "%s&udn=%s", params, udn);
#  266|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def349]
certmonger-0.79.21/src/dogtag.c:265:34: warning[-Wanalyzer-malloc-leak]: leak of ‘csr’
certmonger-0.79.21/src/dogtag.c:213:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:216:39: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:217:36: branch_true: following ‘true’ branch (when ‘csr’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:218:47: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:218:47: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:221:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:244:29: branch_false: following ‘false’ branch (when ‘j >= num_soptions’)...
certmonger-0.79.21/src/dogtag.c:259:20: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:263:20: branch_true: following ‘true’ branch (when ‘udn’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:264:31: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:265:34: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/dogtag.c:265:34: danger: ‘csr’ leaks here; was allocated at [(7)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/6)
#  263|   		if (udn != NULL) {
#  264|   			udn = cm_submit_u_url_encode(udn);
#  265|-> 			params = talloc_asprintf(ctx, "%s&udn=%s", params, udn);
#  266|   		}
#  267|   		if (pwd != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def350]
certmonger-0.79.21/src/dogtag.c:265:34: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:244:29: branch_false: following ‘false’ branch (when ‘j >= num_soptions’)...
certmonger-0.79.21/src/dogtag.c:259:20: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:263:20: branch_true: following ‘true’ branch (when ‘udn’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:264:31: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:265:34: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/dogtag.c:265:34: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/7)
#  263|   		if (udn != NULL) {
#  264|   			udn = cm_submit_u_url_encode(udn);
#  265|-> 			params = talloc_asprintf(ctx, "%s&udn=%s", params, udn);
#  266|   		}
#  267|   		if (pwd != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def351]
certmonger-0.79.21/src/dogtag.c:268:31: warning[-Wanalyzer-malloc-leak]: leak of ‘csr’
certmonger-0.79.21/src/dogtag.c:213:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:216:39: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:217:36: branch_true: following ‘true’ branch (when ‘csr’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:218:47: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:218:47: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:221:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:244:29: branch_false: following ‘false’ branch (when ‘j >= num_soptions’)...
certmonger-0.79.21/src/dogtag.c:259:20: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:267:20: branch_true: following ‘true’ branch (when ‘pwd’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:268:31: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:268:31: throw: if ‘cm_submit_u_url_encode’ throws an exception...
certmonger-0.79.21/src/dogtag.c:268:31: danger: ‘csr’ leaks here; was allocated at [(7)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/6)
#  266|   		}
#  267|   		if (pwd != NULL) {
#  268|-> 			pwd = cm_submit_u_url_encode(pwd);
#  269|   			params = talloc_asprintf(ctx, "%s&pwd=%s",
#  270|   						 params, pwd);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def352]
certmonger-0.79.21/src/dogtag.c:268:31: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:244:29: branch_false: following ‘false’ branch (when ‘j >= num_soptions’)...
certmonger-0.79.21/src/dogtag.c:259:20: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:267:20: branch_true: following ‘true’ branch (when ‘pwd’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:268:31: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:268:31: throw: if ‘cm_submit_u_url_encode’ throws an exception...
certmonger-0.79.21/src/dogtag.c:268:31: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/27/codeFlows/0/threadFlows/0/locations/7)
#  266|   		}
#  267|   		if (pwd != NULL) {
#  268|-> 			pwd = cm_submit_u_url_encode(pwd);
#  269|   			params = talloc_asprintf(ctx, "%s&pwd=%s",
#  270|   						 params, pwd);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def353]
certmonger-0.79.21/src/dogtag.c:269:34: warning[-Wanalyzer-malloc-leak]: leak of ‘csr’
certmonger-0.79.21/src/dogtag.c:213:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:216:39: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:217:36: branch_true: following ‘true’ branch (when ‘csr’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:218:47: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:218:47: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:221:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:244:29: branch_false: following ‘false’ branch (when ‘j >= num_soptions’)...
certmonger-0.79.21/src/dogtag.c:259:20: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:267:20: branch_true: following ‘true’ branch (when ‘pwd’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:268:31: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:269:34: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/dogtag.c:269:34: danger: ‘csr’ leaks here; was allocated at [(7)](sarif:/runs/0/results/28/codeFlows/0/threadFlows/0/locations/6)
#  267|   		if (pwd != NULL) {
#  268|   			pwd = cm_submit_u_url_encode(pwd);
#  269|-> 			params = talloc_asprintf(ctx, "%s&pwd=%s",
#  270|   						 params, pwd);
#  271|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def354]
certmonger-0.79.21/src/dogtag.c:269:34: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:244:29: branch_false: following ‘false’ branch (when ‘j >= num_soptions’)...
certmonger-0.79.21/src/dogtag.c:259:20: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:267:20: branch_true: following ‘true’ branch (when ‘pwd’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:268:31: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:269:34: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/dogtag.c:269:34: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/29/codeFlows/0/threadFlows/0/locations/7)
#  267|   		if (pwd != NULL) {
#  268|   			pwd = cm_submit_u_url_encode(pwd);
#  269|-> 			params = talloc_asprintf(ctx, "%s&pwd=%s",
#  270|   						 params, pwd);
#  271|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def355]
certmonger-0.79.21/src/dogtag.c:273:31: warning[-Wanalyzer-malloc-leak]: leak of ‘csr’
certmonger-0.79.21/src/dogtag.c:213:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:216:39: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:217:36: branch_true: following ‘true’ branch (when ‘csr’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:218:47: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:218:47: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:221:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:244:29: branch_false: following ‘false’ branch (when ‘j >= num_soptions’)...
certmonger-0.79.21/src/dogtag.c:259:20: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:272:20: branch_true: following ‘true’ branch (when ‘pin’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:273:31: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:273:31: throw: if ‘cm_submit_u_url_encode’ throws an exception...
certmonger-0.79.21/src/dogtag.c:273:31: danger: ‘csr’ leaks here; was allocated at [(7)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/6)
#  271|   		}
#  272|   		if (pin != NULL) {
#  273|-> 			pin = cm_submit_u_url_encode(pin);
#  274|   			params = talloc_asprintf(ctx, "%s&pin=%s",
#  275|   						 params, pin);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def356]
certmonger-0.79.21/src/dogtag.c:273:31: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:244:29: branch_false: following ‘false’ branch (when ‘j >= num_soptions’)...
certmonger-0.79.21/src/dogtag.c:259:20: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:272:20: branch_true: following ‘true’ branch (when ‘pin’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:273:31: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:273:31: throw: if ‘cm_submit_u_url_encode’ throws an exception...
certmonger-0.79.21/src/dogtag.c:273:31: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/31/codeFlows/0/threadFlows/0/locations/7)
#  271|   		}
#  272|   		if (pin != NULL) {
#  273|-> 			pin = cm_submit_u_url_encode(pin);
#  274|   			params = talloc_asprintf(ctx, "%s&pin=%s",
#  275|   						 params, pin);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def357]
certmonger-0.79.21/src/dogtag.c:274:34: warning[-Wanalyzer-malloc-leak]: leak of ‘csr’
certmonger-0.79.21/src/dogtag.c:213:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:216:39: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:217:36: branch_true: following ‘true’ branch (when ‘csr’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:218:47: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:218:47: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:221:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:244:29: branch_false: following ‘false’ branch (when ‘j >= num_soptions’)...
certmonger-0.79.21/src/dogtag.c:259:20: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:272:20: branch_true: following ‘true’ branch (when ‘pin’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:273:31: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:274:34: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/dogtag.c:274:34: danger: ‘csr’ leaks here; was allocated at [(7)](sarif:/runs/0/results/32/codeFlows/0/threadFlows/0/locations/6)
#  272|   		if (pin != NULL) {
#  273|   			pin = cm_submit_u_url_encode(pin);
#  274|-> 			params = talloc_asprintf(ctx, "%s&pin=%s",
#  275|   						 params, pin);
#  276|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def358]
certmonger-0.79.21/src/dogtag.c:274:34: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:244:29: branch_false: following ‘false’ branch (when ‘j >= num_soptions’)...
certmonger-0.79.21/src/dogtag.c:259:20: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:272:20: branch_true: following ‘true’ branch (when ‘pin’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:273:31: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:274:34: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/dogtag.c:274:34: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/33/codeFlows/0/threadFlows/0/locations/7)
#  272|   		if (pin != NULL) {
#  273|   			pin = cm_submit_u_url_encode(pin);
#  274|-> 			params = talloc_asprintf(ctx, "%s&pin=%s",
#  275|   						 params, pin);
#  276|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def359]
certmonger-0.79.21/src/dogtag.c:292:23: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:292:23: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/dogtag.c:292:23: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/34/codeFlows/0/threadFlows/0/locations/7)
#  290|   		/* Check if the certificate has been issued or rejected. */
#  291|   		method = DOGTAG_CHECK_REQUEST_METHOD;
#  292|-> 		url = talloc_asprintf(ctx, "%s/%s", eeurl, DOGTAG_CHECK_REQUEST_RESOURCE);
#  293|   		params = talloc_asprintf(ctx,
#  294|   					 "%s&"

Error: GCC_ANALYZER_WARNING (CWE-401): [#def360]
certmonger-0.79.21/src/dogtag.c:293:26: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:293:26: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/dogtag.c:293:26: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/35/codeFlows/0/threadFlows/0/locations/7)
#  291|   		method = DOGTAG_CHECK_REQUEST_METHOD;
#  292|   		url = talloc_asprintf(ctx, "%s/%s", eeurl, DOGTAG_CHECK_REQUEST_RESOURCE);
#  293|-> 		params = talloc_asprintf(ctx,
#  294|   					 "%s&"
#  295|   					 "xml=true",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def361]
certmonger-0.79.21/src/dogtag.c:303:25: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:300:20: branch_true: following ‘true’ branch (when ‘agenturl’ is NULL)...
certmonger-0.79.21/src/dogtag.c:301:32: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:303:25: throw: if ‘poptPrintUsage’ throws an exception...
certmonger-0.79.21/src/dogtag.c:303:25: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/36/codeFlows/0/threadFlows/0/locations/7)
#  301|   			printf(_("No agent URL (-A) given, and no default "
#  302|   				 "known.\n"));
#  303|-> 			poptPrintUsage(pctx, stdout, 0);
#  304|   			return CM_SUBMIT_STATUS_UNCONFIGURED;
#  305|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def362]
certmonger-0.79.21/src/dogtag.c:309:25: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:300:20: branch_false: following ‘false’ branch (when ‘agenturl’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:306:20: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:309:25: throw: if ‘poptPrintUsage’ throws an exception...
certmonger-0.79.21/src/dogtag.c:309:25: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/37/codeFlows/0/threadFlows/0/locations/7)
#  307|   			printf(_("No agent credentials (-n) given, but they "
#  308|   				 "are needed.\n"));
#  309|-> 			poptPrintUsage(pctx, stdout, 0);
#  310|   			return CM_SUBMIT_STATUS_UNCONFIGURED;
#  311|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def363]
certmonger-0.79.21/src/dogtag.c:315:23: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:300:20: branch_false: following ‘false’ branch (when ‘agenturl’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:306:20: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:306:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:315:23: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/dogtag.c:315:23: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/38/codeFlows/0/threadFlows/0/locations/7)
#  313|   		 * them and issuing a new certificate. */
#  314|   		method = DOGTAG_PROFILE_REVIEW_METHOD;
#  315|-> 		url = talloc_asprintf(ctx, "%s/%s", agenturl, DOGTAG_PROFILE_REVIEW_RESOURCE);
#  316|   		method2 = DOGTAG_PROFILE_PROCESS_METHOD;
#  317|   		url2 = talloc_asprintf(ctx, "%s/%s", agenturl, DOGTAG_PROFILE_PROCESS_RESOURCE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def364]
certmonger-0.79.21/src/dogtag.c:317:24: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:300:20: branch_false: following ‘false’ branch (when ‘agenturl’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:306:20: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:306:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:317:24: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/dogtag.c:317:24: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/39/codeFlows/0/threadFlows/0/locations/7)
#  315|   		url = talloc_asprintf(ctx, "%s/%s", agenturl, DOGTAG_PROFILE_REVIEW_RESOURCE);
#  316|   		method2 = DOGTAG_PROFILE_PROCESS_METHOD;
#  317|-> 		url2 = talloc_asprintf(ctx, "%s/%s", agenturl, DOGTAG_PROFILE_PROCESS_RESOURCE);
#  318|   		params = talloc_asprintf(ctx,
#  319|   					 "%s&"

Error: GCC_ANALYZER_WARNING (CWE-401): [#def365]
certmonger-0.79.21/src/dogtag.c:318:26: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:300:20: branch_false: following ‘false’ branch (when ‘agenturl’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:306:20: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:306:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:318:26: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/dogtag.c:318:26: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/40/codeFlows/0/threadFlows/0/locations/7)
#  316|   		method2 = DOGTAG_PROFILE_PROCESS_METHOD;
#  317|   		url2 = talloc_asprintf(ctx, "%s/%s", agenturl, DOGTAG_PROFILE_PROCESS_RESOURCE);
#  318|-> 		params = talloc_asprintf(ctx,
#  319|   					 "%s&"
#  320|   					 "xml=true",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def366]
certmonger-0.79.21/src/dogtag.c:322:27: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:300:20: branch_false: following ‘false’ branch (when ‘agenturl’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:306:20: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:306:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:322:27: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/dogtag.c:322:27: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/41/codeFlows/0/threadFlows/0/locations/7)
#  320|   					 "xml=true",
#  321|   					 params);
#  322|-> 		params2 = talloc_asprintf(ctx,
#  323|   					  "%s&"
#  324|   					  "op=approve",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def367]
certmonger-0.79.21/src/dogtag.c:331:23: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:331:23: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/dogtag.c:331:23: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/42/codeFlows/0/threadFlows/0/locations/7)
#  329|   		/* Retrieving the new certificate. */
#  330|   		method = DOGTAG_DISPLAY_CERT_METHOD;
#  331|-> 		url = talloc_asprintf(ctx, "%s/%s", eeurl, DOGTAG_DISPLAY_CERT_RESOURCE);
#  332|   		params = talloc_asprintf(ctx,
#  333|   					 "%s&"

Error: GCC_ANALYZER_WARNING (CWE-401): [#def368]
certmonger-0.79.21/src/dogtag.c:332:26: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:332:26: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/dogtag.c:332:26: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/43/codeFlows/0/threadFlows/0/locations/7)
#  330|   		method = DOGTAG_DISPLAY_CERT_METHOD;
#  331|   		url = talloc_asprintf(ctx, "%s/%s", eeurl, DOGTAG_DISPLAY_CERT_RESOURCE);
#  332|-> 		params = talloc_asprintf(ctx,
#  333|   					 "%s&"
#  334|   					 "importCert=true&"

Error: GCC_ANALYZER_WARNING (CWE-401): [#def369]
certmonger-0.79.21/src/dogtag.c:342:23: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:342:23: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/dogtag.c:342:23: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/44/codeFlows/0/threadFlows/0/locations/7)
#  340|   		/* Retrieving the list of profiles. */
#  341|   		method = DOGTAG_PROFILE_LIST_METHOD;
#  342|-> 		url = talloc_asprintf(ctx, "%s/%s", eeurl, DOGTAG_PROFILE_LIST_RESOURCE);
#  343|   		if (strlen(params) > 0) {
#  344|   			params = talloc_asprintf(ctx,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def370]
certmonger-0.79.21/src/dogtag.c:357:26: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:356:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:357:26: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:357:26: throw: if ‘cm_submit_u_from_file’ throws an exception...
certmonger-0.79.21/src/dogtag.c:357:26: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/45/codeFlows/0/threadFlows/0/locations/7)
#  355|   	/* Read the PIN, if we need to. */
#  356|   	if ((sslpinfile != NULL) && (sslpin == NULL)) {
#  357|-> 		sslpin = cm_submit_u_from_file(sslpinfile);
#  358|   		if (sslpin != NULL) {
#  359|   			sslpin = talloc_strndup(ctx, sslpin,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def371]
certmonger-0.79.21/src/dogtag.c:359:34: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:356:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:357:26: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:358:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:359:34: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:359:34: throw: if ‘talloc_strndup’ throws an exception...
certmonger-0.79.21/src/dogtag.c:359:34: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/46/codeFlows/0/threadFlows/0/locations/7)
#  357|   		sslpin = cm_submit_u_from_file(sslpinfile);
#  358|   		if (sslpin != NULL) {
#  359|-> 			sslpin = talloc_strndup(ctx, sslpin,
#  360|   						strcspn(sslpin, "\r\n"));
#  361|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def372]
certmonger-0.79.21/src/dogtag.c:370:24: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:369:16: branch_true: following ‘true’ branch (when ‘url’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:370:24: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:370:24: throw: if ‘cm_submit_h_init’ throws an exception...
certmonger-0.79.21/src/dogtag.c:370:24: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/47/codeFlows/0/threadFlows/0/locations/7)
#  368|   	hctx = NULL;
#  369|   	while (url != NULL) {
#  370|-> 		hctx = cm_submit_h_init(ctx, method, url, params, NULL, NULL, NULL,
#  371|   					cainfo, capath, sslcert, sslkey, sslpin,
#  372|   					cm_submit_h_negotiate_off,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def373]
certmonger-0.79.21/src/dogtag.c:383:17: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:369:16: branch_true: following ‘true’ branch (when ‘url’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:370:24: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:383:17: throw: if ‘cm_submit_h_run’ throws an exception...
certmonger-0.79.21/src/dogtag.c:383:17: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/48/codeFlows/0/threadFlows/0/locations/7)
#  381|   		lasturl = url;
#  382|   		lastparams = params;
#  383|-> 		cm_submit_h_run(hctx);
#  384|   		if (verbose > 0) {
#  385|   			fprintf(stderr, "%s \"%s?%s\"\n", method, url, params);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def374]
certmonger-0.79.21/src/dogtag.c:386:25: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:369:16: branch_true: following ‘true’ branch (when ‘url’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:370:24: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:384:20: branch_true: following ‘true’ branch (when ‘verbose > 0’)...
certmonger-0.79.21/src/dogtag.c:385:25: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:386:25: throw: if ‘cm_submit_h_result_code’ throws an exception...
certmonger-0.79.21/src/dogtag.c:386:25: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/49/codeFlows/0/threadFlows/0/locations/7)
#  384|   		if (verbose > 0) {
#  385|   			fprintf(stderr, "%s \"%s?%s\"\n", method, url, params);
#  386|-> 			fprintf(stderr, "code = %d\n", cm_submit_h_result_code(hctx));
#  387|   			fprintf(stderr, "code_text = \"%s\"\n", cm_submit_h_result_code_text(hctx));
#  388|   			syslog(LOG_DEBUG, "%s %s?%s\n", method, url, params);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def375]
certmonger-0.79.21/src/dogtag.c:387:25: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:369:16: branch_true: following ‘true’ branch (when ‘url’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:370:24: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:384:20: branch_true: following ‘true’ branch (when ‘verbose > 0’)...
certmonger-0.79.21/src/dogtag.c:385:25: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:387:25: throw: if ‘cm_submit_h_result_code_text’ throws an exception...
certmonger-0.79.21/src/dogtag.c:387:25: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/50/codeFlows/0/threadFlows/0/locations/7)
#  385|   			fprintf(stderr, "%s \"%s?%s\"\n", method, url, params);
#  386|   			fprintf(stderr, "code = %d\n", cm_submit_h_result_code(hctx));
#  387|-> 			fprintf(stderr, "code_text = \"%s\"\n", cm_submit_h_result_code_text(hctx));
#  388|   			syslog(LOG_DEBUG, "%s %s?%s\n", method, url, params);
#  389|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def376]
certmonger-0.79.21/src/dogtag.c:388:25: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:369:16: branch_true: following ‘true’ branch (when ‘url’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:370:24: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:384:20: branch_true: following ‘true’ branch (when ‘verbose > 0’)...
certmonger-0.79.21/src/dogtag.c:385:25: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:388:25: throw: if ‘syslog’ throws an exception...
certmonger-0.79.21/src/dogtag.c:388:25: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/51/codeFlows/0/threadFlows/0/locations/7)
#  386|   			fprintf(stderr, "code = %d\n", cm_submit_h_result_code(hctx));
#  387|   			fprintf(stderr, "code_text = \"%s\"\n", cm_submit_h_result_code_text(hctx));
#  388|-> 			syslog(LOG_DEBUG, "%s %s?%s\n", method, url, params);
#  389|   		}
#  390|   		results = cm_submit_h_results(hctx, NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def377]
certmonger-0.79.21/src/dogtag.c:390:27: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:369:16: branch_true: following ‘true’ branch (when ‘url’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:370:24: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:384:20: branch_true: following ‘true’ branch (when ‘verbose > 0’)...
certmonger-0.79.21/src/dogtag.c:385:25: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:390:27: throw: if ‘cm_submit_h_results’ throws an exception...
certmonger-0.79.21/src/dogtag.c:390:27: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/52/codeFlows/0/threadFlows/0/locations/7)
#  388|   			syslog(LOG_DEBUG, "%s %s?%s\n", method, url, params);
#  389|   		}
#  390|-> 		results = cm_submit_h_results(hctx, NULL);
#  391|   		if (verbose > 0) {
#  392|   			syslog(LOG_DEBUG, "%s", results);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def378]
certmonger-0.79.21/src/dogtag.c:392:25: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:369:16: branch_true: following ‘true’ branch (when ‘url’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:370:24: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:384:20: branch_true: following ‘true’ branch (when ‘verbose > 0’)...
certmonger-0.79.21/src/dogtag.c:385:25: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:391:20: branch_true: following ‘true’ branch (when ‘verbose > 0’)...
certmonger-0.79.21/src/dogtag.c:392:25: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:392:25: throw: if ‘syslog’ throws an exception...
certmonger-0.79.21/src/dogtag.c:392:25: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/53/codeFlows/0/threadFlows/0/locations/7)
#  390|   		results = cm_submit_h_results(hctx, NULL);
#  391|   		if (verbose > 0) {
#  392|-> 			syslog(LOG_DEBUG, "%s", results);
#  393|   		}
#  394|   		if (cm_submit_h_result_code(hctx) != 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def379]
certmonger-0.79.21/src/dogtag.c:394:21: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:369:16: branch_true: following ‘true’ branch (when ‘url’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:370:24: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:384:20: branch_true: following ‘true’ branch (when ‘verbose > 0’)...
certmonger-0.79.21/src/dogtag.c:385:25: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:391:20: branch_true: following ‘true’ branch (when ‘verbose > 0’)...
certmonger-0.79.21/src/dogtag.c:392:25: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:394:21: throw: if ‘cm_submit_h_result_code’ throws an exception...
certmonger-0.79.21/src/dogtag.c:394:21: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/54/codeFlows/0/threadFlows/0/locations/7)
#  392|   			syslog(LOG_DEBUG, "%s", results);
#  393|   		}
#  394|-> 		if (cm_submit_h_result_code(hctx) != 0) {
#  395|   			break;
#  396|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def380]
certmonger-0.79.21/src/dogtag.c:404:44: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:300:20: branch_false: following ‘false’ branch (when ‘agenturl’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:306:20: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:306:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:369:16: branch_true: following ‘true’ branch (when ‘url’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:370:24: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:384:20: branch_true: following ‘true’ branch (when ‘verbose > 0’)...
certmonger-0.79.21/src/dogtag.c:385:25: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:391:20: branch_true: following ‘true’ branch (when ‘verbose > 0’)...
certmonger-0.79.21/src/dogtag.c:392:25: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:394:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:398:17: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:398:17: branch_true: following ‘true’ branch (when ‘op == 3’)...
certmonger-0.79.21/src/dogtag.c:399:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:403:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:404:44: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:404:44: throw: if ‘cm_submit_d_xml_defaults’ throws an exception...
certmonger-0.79.21/src/dogtag.c:404:44: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/55/codeFlows/0/threadFlows/0/locations/7)
#  402|   			 * submission. */
#  403|   			if (results != NULL) {
#  404|-> 				defaults = cm_submit_d_xml_defaults(ctx,
#  405|   								    results);
#  406|   			} else {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def381]
certmonger-0.79.21/src/dogtag.c:467:13: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:369:16: branch_true: following ‘true’ branch (when ‘url’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:370:24: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:384:20: branch_true: following ‘true’ branch (when ‘verbose > 0’)...
certmonger-0.79.21/src/dogtag.c:385:25: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:391:20: branch_true: following ‘true’ branch (when ‘verbose > 0’)...
certmonger-0.79.21/src/dogtag.c:392:25: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:394:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:467:13: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:467:13: throw: if ‘cm_submit_h_result_code’ throws an exception...
certmonger-0.79.21/src/dogtag.c:467:13: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/56/codeFlows/0/threadFlows/0/locations/7)
#  465|   
#  466|   	/* Figure out what to output. */
#  467|-> 	if (cm_submit_h_result_code(hctx) != 0) {
#  468|   		if (cm_submit_h_result_code_text(hctx) != NULL) {
#  469|   			printf(_("Error %d connecting to %s: %s.\n"),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def382]
certmonger-0.79.21/src/dogtag.c:468:21: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:369:16: branch_true: following ‘true’ branch (when ‘url’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:370:24: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:384:20: branch_true: following ‘true’ branch (when ‘verbose > 0’)...
certmonger-0.79.21/src/dogtag.c:385:25: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:391:20: branch_true: following ‘true’ branch (when ‘verbose > 0’)...
certmonger-0.79.21/src/dogtag.c:392:25: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:394:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:467:13: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:467:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:468:21: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:468:21: throw: if ‘cm_submit_h_result_code_text’ throws an exception...
certmonger-0.79.21/src/dogtag.c:468:21: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/57/codeFlows/0/threadFlows/0/locations/7)
#  466|   	/* Figure out what to output. */
#  467|   	if (cm_submit_h_result_code(hctx) != 0) {
#  468|-> 		if (cm_submit_h_result_code_text(hctx) != NULL) {
#  469|   			printf(_("Error %d connecting to %s: %s.\n"),
#  470|   			       cm_submit_h_result_code(hctx),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def383]
certmonger-0.79.21/src/dogtag.c:469:25: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:369:16: branch_true: following ‘true’ branch (when ‘url’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:370:24: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:384:20: branch_true: following ‘true’ branch (when ‘verbose > 0’)...
certmonger-0.79.21/src/dogtag.c:385:25: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:391:20: branch_true: following ‘true’ branch (when ‘verbose > 0’)...
certmonger-0.79.21/src/dogtag.c:392:25: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:394:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:467:13: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:467:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:468:21: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:468:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:469:25: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:469:25: throw: if ‘cm_submit_h_result_code_text’ throws an exception...
certmonger-0.79.21/src/dogtag.c:469:25: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/58/codeFlows/0/threadFlows/0/locations/7)
#  467|   	if (cm_submit_h_result_code(hctx) != 0) {
#  468|   		if (cm_submit_h_result_code_text(hctx) != NULL) {
#  469|-> 			printf(_("Error %d connecting to %s: %s.\n"),
#  470|   			       cm_submit_h_result_code(hctx),
#  471|   			       lasturl,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def384]
certmonger-0.79.21/src/dogtag.c:474:25: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:369:16: branch_true: following ‘true’ branch (when ‘url’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:370:24: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:384:20: branch_true: following ‘true’ branch (when ‘verbose > 0’)...
certmonger-0.79.21/src/dogtag.c:385:25: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:391:20: branch_true: following ‘true’ branch (when ‘verbose > 0’)...
certmonger-0.79.21/src/dogtag.c:392:25: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:394:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:467:13: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:467:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:468:21: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:468:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:474:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:474:25: throw: if ‘cm_submit_h_result_code’ throws an exception...
certmonger-0.79.21/src/dogtag.c:474:25: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/60/codeFlows/0/threadFlows/0/locations/7)
#  472|   			       cm_submit_h_result_code_text(hctx));
#  473|   		} else {
#  474|-> 			printf(_("Error %d connecting to %s.\n"),
#  475|   			       cm_submit_h_result_code(hctx),
#  476|   			       lasturl);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def385]
certmonger-0.79.21/src/dogtag.c:503:23: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:369:16: branch_true: following ‘true’ branch (when ‘url’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:370:24: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:384:20: branch_true: following ‘true’ branch (when ‘verbose > 0’)...
certmonger-0.79.21/src/dogtag.c:385:25: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:391:20: branch_true: following ‘true’ branch (when ‘verbose > 0’)...
certmonger-0.79.21/src/dogtag.c:392:25: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:394:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:467:13: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:467:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:480:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:480:12: branch_false: following ‘false’ branch (when ‘results’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:485:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:503:23: throw: if ‘cm_submit_d_check_eval’ throws an exception...
certmonger-0.79.21/src/dogtag.c:503:23: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/61/codeFlows/0/threadFlows/0/locations/7)
#  501|   		break;
#  502|   	case op_check:
#  503|-> 		ret = cm_submit_d_check_eval(ctx, results, lasturl,
#  504|   					     can_agent, &p, &q,
#  505|   					     CM_RPC_PROTOCOL_JSON);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def386]
certmonger-0.79.21/src/dogtag.c:527:31: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:300:20: branch_false: following ‘false’ branch (when ‘agenturl’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:306:20: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:306:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:369:16: branch_true: following ‘true’ branch (when ‘url’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:370:24: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:384:20: branch_true: following ‘true’ branch (when ‘verbose > 0’)...
certmonger-0.79.21/src/dogtag.c:385:25: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:391:20: branch_true: following ‘true’ branch (when ‘verbose > 0’)...
certmonger-0.79.21/src/dogtag.c:392:25: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:394:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:467:13: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:467:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:480:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:480:12: branch_false: following ‘false’ branch (when ‘results’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:485:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:515:20: branch_false: following ‘false’ branch (when ‘url2’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:527:31: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:527:31: throw: if ‘cm_submit_d_review_eval’ throws an exception...
certmonger-0.79.21/src/dogtag.c:527:31: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/62/codeFlows/0/threadFlows/0/locations/7)
#  525|   			return ret;
#  526|   		} else {
#  527|-> 			ret = cm_submit_d_review_eval(ctx, results, lasturl,
#  528|   						      &p, &q);
#  529|   			if (p != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def387]
certmonger-0.79.21/src/dogtag.c:539:23: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:369:16: branch_true: following ‘true’ branch (when ‘url’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:370:24: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:384:20: branch_true: following ‘true’ branch (when ‘verbose > 0’)...
certmonger-0.79.21/src/dogtag.c:385:25: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:391:20: branch_true: following ‘true’ branch (when ‘verbose > 0’)...
certmonger-0.79.21/src/dogtag.c:392:25: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:394:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:467:13: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:467:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:480:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:480:12: branch_false: following ‘false’ branch (when ‘results’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:485:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:539:23: throw: if ‘cm_submit_d_fetch_eval’ throws an exception...
certmonger-0.79.21/src/dogtag.c:539:23: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/63/codeFlows/0/threadFlows/0/locations/7)
#  537|   		break;
#  538|   	case op_retrieve:
#  539|-> 		ret = cm_submit_d_fetch_eval(ctx, results, lasturl,
#  540|   					     &p, &q,
#  541|   					     CM_RPC_PROTOCOL_XML);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def388]
certmonger-0.79.21/src/dogtag.c:551:23: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:126:1: enter_function: entry to ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:163:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:164:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:164:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:164:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:165:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:165:19: call_function: calling ‘statevar’ from ‘xml_workflow’
certmonger-0.79.21/src/dogtag.c:165:19: return_function: returning to ‘xml_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:163:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:186:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:343:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:356:13: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:369:16: branch_true: following ‘true’ branch (when ‘url’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:370:24: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:384:20: branch_true: following ‘true’ branch (when ‘verbose > 0’)...
certmonger-0.79.21/src/dogtag.c:385:25: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:391:20: branch_true: following ‘true’ branch (when ‘verbose > 0’)...
certmonger-0.79.21/src/dogtag.c:392:25: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:394:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:467:13: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:467:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:480:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:480:12: branch_false: following ‘false’ branch (when ‘results’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:485:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:551:23: throw: if ‘cm_submit_d_profiles_eval’ throws an exception...
certmonger-0.79.21/src/dogtag.c:551:23: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/64/codeFlows/0/threadFlows/0/locations/7)
#  549|   		break;
#  550|   	case op_profiles:
#  551|-> 		ret = cm_submit_d_profiles_eval(ctx, results,
#  552|   						&p, &q,
#  553|   						CM_RPC_PROTOCOL_XML);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def389]
certmonger-0.79.21/src/dogtag.c:621:30: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:567:1: enter_function: entry to ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:607:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:608:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:608:19: call_function: calling ‘statevar’ from ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:608:19: return_function: returning to ‘ipa_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:607:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:609:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:609:19: call_function: calling ‘statevar’ from ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:609:19: return_function: returning to ‘ipa_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:607:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:610:21: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:621:30: throw: if ‘talloc_strdup’ throws an exception...
certmonger-0.79.21/src/dogtag.c:621:30: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/65/codeFlows/0/threadFlows/0/locations/7)
#  619|   			op = op_retrieve;
#  620|   		}
#  621|-> 		request_id = talloc_strdup(ctx, q);
#  622|   		free(p);
#  623|   		free(q);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def390]
certmonger-0.79.21/src/dogtag.c:621:30: warning[-Wanalyzer-malloc-leak]: leak of ‘q’
certmonger-0.79.21/src/dogtag.c:567:1: enter_function: entry to ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:607:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:608:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:608:19: call_function: calling ‘statevar’ from ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:608:19: return_function: returning to ‘ipa_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:607:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:609:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:609:19: call_function: calling ‘statevar’ from ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:609:19: return_function: returning to ‘ipa_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:607:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:610:21: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:621:30: throw: if ‘talloc_strdup’ throws an exception...
certmonger-0.79.21/src/dogtag.c:621:30: danger: ‘q’ leaks here; was allocated at [(17)](sarif:/runs/0/results/66/codeFlows/0/threadFlows/0/locations/16)
#  619|   			op = op_retrieve;
#  620|   		}
#  621|-> 		request_id = talloc_strdup(ctx, q);
#  622|   		free(p);
#  623|   		free(q);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def391]
certmonger-0.79.21/src/dogtag.c:630:24: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:567:1: enter_function: entry to ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:607:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:608:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:608:19: call_function: calling ‘statevar’ from ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:608:19: return_function: returning to ‘ipa_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:607:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:609:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:609:19: call_function: calling ‘statevar’ from ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:609:19: return_function: returning to ‘ipa_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:607:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:627:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:630:24: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/67/codeFlows/0/threadFlows/0/locations/7)
#  628|   	case op_none:
#  629|   		printf(_("Internal error: unknown state.\n"));
#  630|-> 		return CM_SUBMIT_STATUS_UNCONFIGURED;
#  631|   		break;
#  632|   	case op_submit:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def392]
certmonger-0.79.21/src/dogtag.c:638:27: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:567:1: enter_function: entry to ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:607:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:608:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:608:19: call_function: calling ‘statevar’ from ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:608:19: return_function: returning to ‘ipa_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:607:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:609:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:609:19: call_function: calling ‘statevar’ from ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:609:19: return_function: returning to ‘ipa_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:607:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:627:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:638:27: throw: if ‘poptGetArg’ throws an exception...
certmonger-0.79.21/src/dogtag.c:638:27: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/68/codeFlows/0/threadFlows/0/locations/7)
#  636|   		 * environment, or from the command-line, that we're
#  637|   		 * going to submit for signing. */
#  638|-> 		csrfile = poptGetArg(pctx);
#  639|   		if (csrfile != NULL) {
#  640|   			csr = cm_submit_u_from_file(csrfile);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def393]
certmonger-0.79.21/src/dogtag.c:640:31: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:567:1: enter_function: entry to ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:607:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:608:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:608:19: call_function: calling ‘statevar’ from ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:608:19: return_function: returning to ‘ipa_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:607:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:609:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:609:19: call_function: calling ‘statevar’ from ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:609:19: return_function: returning to ‘ipa_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:607:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:627:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:639:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:640:31: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:640:31: throw: if ‘cm_submit_u_from_file’ throws an exception...
certmonger-0.79.21/src/dogtag.c:640:31: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/69/codeFlows/0/threadFlows/0/locations/7)
#  638|   		csrfile = poptGetArg(pctx);
#  639|   		if (csrfile != NULL) {
#  640|-> 			csr = cm_submit_u_from_file(csrfile);
#  641|   		} else {
#  642|   			csr = getenv(CM_SUBMIT_CSR_ENV);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def394]
certmonger-0.79.21/src/dogtag.c:655:25: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:567:1: enter_function: entry to ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:607:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:608:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:608:19: call_function: calling ‘statevar’ from ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:608:19: return_function: returning to ‘ipa_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:607:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:609:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:609:19: call_function: calling ‘statevar’ from ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:609:19: return_function: returning to ‘ipa_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:607:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:627:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:643:28: branch_false: following ‘false’ branch (when ‘csr’ is NULL)...
certmonger-0.79.21/src/dogtag.c:648:28: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:655:25: throw: if ‘poptPrintUsage’ throws an exception...
certmonger-0.79.21/src/dogtag.c:655:25: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/70/codeFlows/0/threadFlows/0/locations/7)
#  653|   				       CM_SUBMIT_CSR_ENV);
#  654|   			}
#  655|-> 			poptPrintUsage(pctx, stdout, 0);
#  656|   			free(csr);
#  657|   			return CM_SUBMIT_STATUS_UNCONFIGURED;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def395]
certmonger-0.79.21/src/dogtag.c:662:17: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:567:1: enter_function: entry to ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:607:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:608:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:608:19: call_function: calling ‘statevar’ from ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:608:19: return_function: returning to ‘ipa_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:607:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:609:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:609:19: call_function: calling ‘statevar’ from ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:609:19: return_function: returning to ‘ipa_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:607:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:627:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:639:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:640:31: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:647:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:662:17: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/71/codeFlows/0/threadFlows/0/locations/7)
#  660|   		 * server expects.  IPA just wants base64-encoded binary data,
#  661|   		 * no whitepace. */
#  662|-> 		p = strstr(csr, "-----BEGIN");
#  663|   		if (p != NULL) {
#  664|   			p += strcspn(p, "\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def396]
certmonger-0.79.21/src/dogtag.c:689:28: warning[-Wanalyzer-malloc-leak]: leak of ‘csr’
certmonger-0.79.21/src/dogtag.c:639:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:642:31: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:643:28: branch_true: following ‘true’ branch (when ‘csr’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:644:39: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:644:39: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:647:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:663:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:670:21: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:671:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:671:20: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:674:24: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:674:24: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:677:24: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:682:21: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:682:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:689:28: throw: if ‘json_pack_ex’ throws an exception...
certmonger-0.79.21/src/dogtag.c:689:28: danger: ‘csr’ leaks here; was allocated at [(7)](sarif:/runs/0/results/72/codeFlows/0/threadFlows/0/locations/6)
#  687|   		}
#  688|   
#  689|-> 		json_req = json_pack_ex(&j_error, 0,
#  690|   								"{s:s, s:[[s], {s:s, s:s}]}",
#  691|   								"method", "cert_request",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def397]
certmonger-0.79.21/src/dogtag.c:699:28: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:567:1: enter_function: entry to ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:607:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:608:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:608:19: call_function: calling ‘statevar’ from ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:608:19: return_function: returning to ‘ipa_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:607:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:609:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:609:19: call_function: calling ‘statevar’ from ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:609:19: return_function: returning to ‘ipa_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:607:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:627:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:699:28: throw: if ‘json_pack_ex’ throws an exception...
certmonger-0.79.21/src/dogtag.c:699:28: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/73/codeFlows/0/threadFlows/0/locations/7)
#  697|   	case op_check:
#  698|   		/* Check if the certificate has been issued or rejected. */
#  699|-> 		json_req = json_pack_ex(&j_error, 0,
#  700|   								"{s:s, s:[[s],{}]}",
#  701|   								"method", "cert_status",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def398]
certmonger-0.79.21/src/dogtag.c:713:28: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:567:1: enter_function: entry to ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:607:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:608:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:608:19: call_function: calling ‘statevar’ from ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:608:19: return_function: returning to ‘ipa_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:607:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:609:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:609:19: call_function: calling ‘statevar’ from ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:609:19: return_function: returning to ‘ipa_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:607:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:627:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:713:28: throw: if ‘json_pack_ex’ throws an exception...
certmonger-0.79.21/src/dogtag.c:713:28: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/74/codeFlows/0/threadFlows/0/locations/7)
#  711|   		 * HINT: See cm_submit_d_xml_defaults. This might have to
#  712|   		 */
#  713|-> 		json_req = json_pack_ex(&j_error, 0,
#  714|   								"{s:s, s:[[s],{}]}",
#  715|   								"method", "cert_approve",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def399]
certmonger-0.79.21/src/dogtag.c:721:28: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:567:1: enter_function: entry to ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:607:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:608:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:608:19: call_function: calling ‘statevar’ from ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:608:19: return_function: returning to ‘ipa_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:607:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:609:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:609:19: call_function: calling ‘statevar’ from ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:609:19: return_function: returning to ‘ipa_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:607:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:627:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:721:28: throw: if ‘json_pack_ex’ throws an exception...
certmonger-0.79.21/src/dogtag.c:721:28: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/75/codeFlows/0/threadFlows/0/locations/7)
#  719|   	case op_retrieve:
#  720|   		/* Retrieving the new certificate. */
#  721|-> 		json_req = json_pack_ex(&j_error, 0,
#  722|   								"{s:s, s:[[s],{}]}",
#  723|   								"method", "cert_show",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def400]
certmonger-0.79.21/src/dogtag.c:728:28: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:567:1: enter_function: entry to ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:607:12: branch_true: following ‘true’ branch (when ‘savedstate’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:608:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:608:19: call_function: calling ‘statevar’ from ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:608:19: return_function: returning to ‘ipa_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:607:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:609:19: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:609:19: call_function: calling ‘statevar’ from ‘ipa_workflow’
certmonger-0.79.21/src/dogtag.c:609:19: return_function: returning to ‘ipa_workflow’ from ‘statevar’
certmonger-0.79.21/src/dogtag.c:607:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:627:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:728:28: throw: if ‘json_pack_ex’ throws an exception...
certmonger-0.79.21/src/dogtag.c:728:28: danger: ‘p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/76/codeFlows/0/threadFlows/0/locations/7)
#  726|   		break;
#  727|   	case op_profiles:
#  728|-> 		json_req = json_pack_ex(&j_error, 0,
#  729|   								"{s:s, s:[[],{s:s}]}",
#  730|   								"method", "certprofile_find",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def401]
certmonger-0.79.21/src/dogtag.c:1013:21: warning[-Wanalyzer-malloc-leak]: leak of ‘aoptions’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:21: throw: if ‘poptGetNextOpt’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1013:21: danger: ‘aoptions’ leaks here; was allocated at [(8)](sarif:/runs/0/results/78/codeFlows/0/threadFlows/0/locations/7)
# 1011|   	}
# 1012|   	poptSetOtherOptionHelp(pctx, "[options] -E EE-URL -A AGENT-URL [csrfile]");
# 1013|-> 	while ((c = poptGetNextOpt(pctx)) > 0) {
# 1014|   		switch (c) {
# 1015|   		case 's':

Error: GCC_ANALYZER_WARNING (CWE-401): [#def402]
certmonger-0.79.21/src/dogtag.c:1013:21: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1034:29: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:21: throw: if ‘poptGetNextOpt’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1013:21: danger: ‘p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/77/codeFlows/0/threadFlows/0/locations/10)
# 1011|   	}
# 1012|   	poptSetOtherOptionHelp(pctx, "[options] -E EE-URL -A AGENT-URL [csrfile]");
# 1013|-> 	while ((c = poptGetNextOpt(pctx)) > 0) {
# 1014|   		switch (c) {
# 1015|   		case 's':

Error: GCC_ANALYZER_WARNING (CWE-401): [#def403]
certmonger-0.79.21/src/dogtag.c:1016:34: warning[-Wanalyzer-malloc-leak]: leak of ‘aoptions’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1016:34: throw: if ‘util_dec_from_hex’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1016:34: danger: ‘aoptions’ leaks here; was allocated at [(8)](sarif:/runs/0/results/80/codeFlows/0/threadFlows/0/locations/7)
# 1014|   		switch (c) {
# 1015|   		case 's':
# 1016|-> 			serial = util_dec_from_hex(poptGetOptArg(pctx));
# 1017|   			break;
# 1018|   		case 'O':

Error: GCC_ANALYZER_WARNING (CWE-401): [#def404]
certmonger-0.79.21/src/dogtag.c:1016:34: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1034:29: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1016:34: throw: if ‘util_dec_from_hex’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1016:34: danger: ‘p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/79/codeFlows/0/threadFlows/0/locations/10)
# 1014|   		switch (c) {
# 1015|   		case 's':
# 1016|-> 			serial = util_dec_from_hex(poptGetOptArg(pctx));
# 1017|   			break;
# 1018|   		case 'O':

Error: GCC_ANALYZER_WARNING (CWE-401): [#def405]
certmonger-0.79.21/src/dogtag.c:1016:52: warning[-Wanalyzer-malloc-leak]: leak of ‘aoptions’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1016:52: throw: if ‘poptGetOptArg’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1016:52: danger: ‘aoptions’ leaks here; was allocated at [(8)](sarif:/runs/0/results/82/codeFlows/0/threadFlows/0/locations/7)
# 1014|   		switch (c) {
# 1015|   		case 's':
# 1016|-> 			serial = util_dec_from_hex(poptGetOptArg(pctx));
# 1017|   			break;
# 1018|   		case 'O':

Error: GCC_ANALYZER_WARNING (CWE-401): [#def406]
certmonger-0.79.21/src/dogtag.c:1016:52: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1034:29: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1016:52: throw: if ‘poptGetOptArg’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1016:52: danger: ‘p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/81/codeFlows/0/threadFlows/0/locations/10)
# 1014|   		switch (c) {
# 1015|   		case 's':
# 1016|-> 			serial = util_dec_from_hex(poptGetOptArg(pctx));
# 1017|   			break;
# 1018|   		case 'O':

Error: GCC_ANALYZER_WARNING (CWE-401): [#def407]
certmonger-0.79.21/src/dogtag.c:1019:35: warning[-Wanalyzer-malloc-leak]: leak of ‘aoptions’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1019:35: throw: if ‘poptGetOptArg’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1019:35: danger: ‘aoptions’ leaks here; was allocated at [(8)](sarif:/runs/0/results/84/codeFlows/0/threadFlows/0/locations/7)
# 1017|   			break;
# 1018|   		case 'O':
# 1019|-> 			poptarg = poptGetOptArg(pctx);
# 1020|   			if (strchr(poptarg, '=') == NULL) {
# 1021|   				printf(_("Profile params (-O) must be in the form of param=value.\n"));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def408]
certmonger-0.79.21/src/dogtag.c:1019:35: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1034:29: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1019:35: throw: if ‘poptGetOptArg’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1019:35: danger: ‘p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/83/codeFlows/0/threadFlows/0/locations/10)
# 1017|   			break;
# 1018|   		case 'O':
# 1019|-> 			poptarg = poptGetOptArg(pctx);
# 1020|   			if (strchr(poptarg, '=') == NULL) {
# 1021|   				printf(_("Profile params (-O) must be in the form of param=value.\n"));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def409]
certmonger-0.79.21/src/dogtag.c:1022:33: warning[-Wanalyzer-malloc-leak]: leak of ‘aoptions’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1021:40: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1022:33: throw: if ‘poptPrintUsage’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1022:33: danger: ‘aoptions’ leaks here; was allocated at [(8)](sarif:/runs/0/results/86/codeFlows/0/threadFlows/0/locations/7)
# 1020|   			if (strchr(poptarg, '=') == NULL) {
# 1021|   				printf(_("Profile params (-O) must be in the form of param=value.\n"));
# 1022|-> 				poptPrintUsage(pctx, stdout, 0);
# 1023|   				free(soptions);
# 1024|   				free(aoptions);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def410]
certmonger-0.79.21/src/dogtag.c:1022:33: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1034:29: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1021:40: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1022:33: throw: if ‘poptPrintUsage’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1022:33: danger: ‘p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/85/codeFlows/0/threadFlows/0/locations/10)
# 1020|   			if (strchr(poptarg, '=') == NULL) {
# 1021|   				printf(_("Profile params (-O) must be in the form of param=value.\n"));
# 1022|-> 				poptPrintUsage(pctx, stdout, 0);
# 1023|   				free(soptions);
# 1024|   				free(aoptions);

Error: GCC_ANALYZER_WARNING (CWE-415): [#def411]
certmonger-0.79.21/src/dogtag.c:1023:33: warning[-Wanalyzer-double-free]: double-‘free’ of ‘soptions’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1021:40: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1023:33: danger: second ‘free’ here
# 1021|   				printf(_("Profile params (-O) must be in the form of param=value.\n"));
# 1022|   				poptPrintUsage(pctx, stdout, 0);
# 1023|-> 				free(soptions);
# 1024|   				free(aoptions);
# 1025|   				return CM_SUBMIT_STATUS_UNCONFIGURED;

Error: CPPCHECK_WARNING (CWE-401): [#def412]
certmonger-0.79.21/src/dogtag.c:1027: error[memleakOnRealloc]: Common realloc mistake: 'aoptions' nulled but not freed upon failure
# 1025|   				return CM_SUBMIT_STATUS_UNCONFIGURED;
# 1026|   			}
# 1027|-> 			aoptions = realloc(aoptions,
# 1028|   					   ++num_aoptions * sizeof(*aoptions));
# 1029|   			if (aoptions == NULL) {

Error: GCC_ANALYZER_WARNING (CWE-415): [#def413]
certmonger-0.79.21/src/dogtag.c:1031:33: warning[-Wanalyzer-double-free]: double-‘free’ of ‘soptions’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_true: following ‘true’ branch (when ‘aoptions’ is NULL)...
certmonger-0.79.21/src/dogtag.c:1030:40: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1031:33: danger: second ‘free’ here
# 1029|   			if (aoptions == NULL) {
# 1030|   				printf(_("Out of memory.\n"));
# 1031|-> 				free(soptions);
# 1032|   				return CM_SUBMIT_STATUS_UNCONFIGURED;
# 1033|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def414]
certmonger-0.79.21/src/dogtag.c:1034:29: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1034:29: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1034:29: danger: ‘p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/89/codeFlows/0/threadFlows/0/locations/10)
# 1032|   				return CM_SUBMIT_STATUS_UNCONFIGURED;
# 1033|   			}
# 1034|-> 			p = strdup(poptarg);
# 1035|   			if (p == NULL) {
# 1036|   				printf(_("Out of memory.\n"));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def415]
certmonger-0.79.21/src/dogtag.c:1037:33: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1034:29: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_true: following ‘true’ branch (when ‘p’ is NULL)...
certmonger-0.79.21/src/dogtag.c:1036:40: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1037:33: danger: ‘<unknown>’ leaks here; was allocated at [(11)](sarif:/runs/0/results/90/codeFlows/0/threadFlows/0/locations/10)
# 1035|   			if (p == NULL) {
# 1036|   				printf(_("Out of memory.\n"));
# 1037|-> 				free(aoptions);
# 1038|   				free(soptions);
# 1039|   				return CM_SUBMIT_STATUS_UNCONFIGURED;

Error: GCC_ANALYZER_WARNING (CWE-415): [#def416]
certmonger-0.79.21/src/dogtag.c:1038:33: warning[-Wanalyzer-double-free]: double-‘free’ of ‘soptions’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_true: following ‘true’ branch (when ‘p’ is NULL)...
certmonger-0.79.21/src/dogtag.c:1036:40: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1038:33: danger: second ‘free’ here
# 1036|   				printf(_("Out of memory.\n"));
# 1037|   				free(aoptions);
# 1038|-> 				free(soptions);
# 1039|   				return CM_SUBMIT_STATUS_UNCONFIGURED;
# 1040|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def417]
certmonger-0.79.21/src/dogtag.c:1047:35: warning[-Wanalyzer-malloc-leak]: leak of ‘aoptions’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1047:35: throw: if ‘poptGetOptArg’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1047:35: danger: ‘aoptions’ leaks here; was allocated at [(8)](sarif:/runs/0/results/93/codeFlows/0/threadFlows/0/locations/7)
# 1045|   			break;
# 1046|   		case 'o':
# 1047|-> 			poptarg = poptGetOptArg(pctx);
# 1048|   			if (strchr(poptarg, '=') == NULL) {
# 1049|   				printf(_("Submit params (-o) must be in the form of param=value.\n"));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def418]
certmonger-0.79.21/src/dogtag.c:1047:35: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1034:29: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1047:35: throw: if ‘poptGetOptArg’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1047:35: danger: ‘p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/92/codeFlows/0/threadFlows/0/locations/10)
# 1045|   			break;
# 1046|   		case 'o':
# 1047|-> 			poptarg = poptGetOptArg(pctx);
# 1048|   			if (strchr(poptarg, '=') == NULL) {
# 1049|   				printf(_("Submit params (-o) must be in the form of param=value.\n"));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def419]
certmonger-0.79.21/src/dogtag.c:1050:33: warning[-Wanalyzer-malloc-leak]: leak of ‘aoptions’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1048:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1049:40: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1050:33: throw: if ‘poptPrintUsage’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1050:33: danger: ‘aoptions’ leaks here; was allocated at [(8)](sarif:/runs/0/results/95/codeFlows/0/threadFlows/0/locations/7)
# 1048|   			if (strchr(poptarg, '=') == NULL) {
# 1049|   				printf(_("Submit params (-o) must be in the form of param=value.\n"));
# 1050|-> 				poptPrintUsage(pctx, stdout, 0);
# 1051|   				free(soptions);
# 1052|   				free(aoptions);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def420]
certmonger-0.79.21/src/dogtag.c:1050:33: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1034:29: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1048:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1049:40: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1050:33: throw: if ‘poptPrintUsage’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1050:33: danger: ‘p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/94/codeFlows/0/threadFlows/0/locations/10)
# 1048|   			if (strchr(poptarg, '=') == NULL) {
# 1049|   				printf(_("Submit params (-o) must be in the form of param=value.\n"));
# 1050|-> 				poptPrintUsage(pctx, stdout, 0);
# 1051|   				free(soptions);
# 1052|   				free(aoptions);

Error: GCC_ANALYZER_WARNING (CWE-415): [#def421]
certmonger-0.79.21/src/dogtag.c:1051:33: warning[-Wanalyzer-double-free]: double-‘free’ of ‘soptions’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1048:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1049:40: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1051:33: danger: second ‘free’ here
# 1049|   				printf(_("Submit params (-o) must be in the form of param=value.\n"));
# 1050|   				poptPrintUsage(pctx, stdout, 0);
# 1051|-> 				free(soptions);
# 1052|   				free(aoptions);
# 1053|   				return CM_SUBMIT_STATUS_UNCONFIGURED;

Error: CPPCHECK_WARNING (CWE-401): [#def422]
certmonger-0.79.21/src/dogtag.c:1055: error[memleakOnRealloc]: Common realloc mistake: 'soptions' nulled but not freed upon failure
# 1053|   				return CM_SUBMIT_STATUS_UNCONFIGURED;
# 1054|   			}
# 1055|-> 			soptions = realloc(soptions,
# 1056|   					   ++num_soptions * sizeof(*soptions));
# 1057|   			if (soptions == NULL) {

Error: GCC_ANALYZER_WARNING (CWE-415): [#def423]
certmonger-0.79.21/src/dogtag.c:1055:36: warning[-Wanalyzer-double-free]: double-‘free’ of ‘soptions’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1048:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1055:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1055:36: danger: second ‘free’ here
# 1053|   				return CM_SUBMIT_STATUS_UNCONFIGURED;
# 1054|   			}
# 1055|-> 			soptions = realloc(soptions,
# 1056|   					   ++num_soptions * sizeof(*soptions));
# 1057|   			if (soptions == NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def424]
certmonger-0.79.21/src/dogtag.c:1098:17: warning[-Wanalyzer-malloc-leak]: leak of ‘aoptions’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1098:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1098:17: throw: if ‘poptPrintUsage’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1098:17: danger: ‘aoptions’ leaks here; was allocated at [(8)](sarif:/runs/0/results/99/codeFlows/0/threadFlows/0/locations/7)
# 1096|   	}
# 1097|   	if (c != -1) {
# 1098|-> 		poptPrintUsage(pctx, stdout, 0);
# 1099|   		free(soptions);
# 1100|   		free(aoptions);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def425]
certmonger-0.79.21/src/dogtag.c:1098:17: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1034:29: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1098:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1098:17: throw: if ‘poptPrintUsage’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1098:17: danger: ‘p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/98/codeFlows/0/threadFlows/0/locations/10)
# 1096|   	}
# 1097|   	if (c != -1) {
# 1098|-> 		poptPrintUsage(pctx, stdout, 0);
# 1099|   		free(soptions);
# 1100|   		free(aoptions);

Error: GCC_ANALYZER_WARNING (CWE-415): [#def426]
certmonger-0.79.21/src/dogtag.c:1099:17: warning[-Wanalyzer-double-free]: double-‘free’ of ‘soptions’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1098:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1099:17: danger: second ‘free’ here
# 1097|   	if (c != -1) {
# 1098|   		poptPrintUsage(pctx, stdout, 0);
# 1099|-> 		free(soptions);
# 1100|   		free(aoptions);
# 1101|   		return CM_SUBMIT_STATUS_UNCONFIGURED;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def427]
certmonger-0.79.21/src/dogtag.c:1106:17: warning[-Wanalyzer-malloc-leak]: leak of ‘aoptions’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1106:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1106:17: throw: if ‘cm_log_set_method’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1106:17: danger: ‘aoptions’ leaks here; was allocated at [(8)](sarif:/runs/0/results/102/codeFlows/0/threadFlows/0/locations/7)
# 1104|   	umask(S_IRWXG | S_IRWXO);
# 1105|   	if (isatty(STDERR_FILENO))
# 1106|-> 		cm_log_set_method(cm_log_stderr);
# 1107|   	else
# 1108|   		cm_log_set_method(cm_log_syslog);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def428]
certmonger-0.79.21/src/dogtag.c:1106:17: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1034:29: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1106:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1106:17: throw: if ‘cm_log_set_method’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1106:17: danger: ‘p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/101/codeFlows/0/threadFlows/0/locations/10)
# 1104|   	umask(S_IRWXG | S_IRWXO);
# 1105|   	if (isatty(STDERR_FILENO))
# 1106|-> 		cm_log_set_method(cm_log_stderr);
# 1107|   	else
# 1108|   		cm_log_set_method(cm_log_syslog);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def429]
certmonger-0.79.21/src/dogtag.c:1108:17: warning[-Wanalyzer-malloc-leak]: leak of ‘aoptions’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1108:17: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1108:17: throw: if ‘cm_log_set_method’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1108:17: danger: ‘aoptions’ leaks here; was allocated at [(8)](sarif:/runs/0/results/104/codeFlows/0/threadFlows/0/locations/7)
# 1106|   		cm_log_set_method(cm_log_stderr);
# 1107|   	else
# 1108|-> 		cm_log_set_method(cm_log_syslog);
# 1109|   	cm_log_set_level(verbose);
# 1110|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def430]
certmonger-0.79.21/src/dogtag.c:1108:17: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1034:29: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1108:17: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1108:17: throw: if ‘cm_log_set_method’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1108:17: danger: ‘p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/103/codeFlows/0/threadFlows/0/locations/10)
# 1106|   		cm_log_set_method(cm_log_stderr);
# 1107|   	else
# 1108|-> 		cm_log_set_method(cm_log_syslog);
# 1109|   	cm_log_set_level(verbose);
# 1110|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def431]
certmonger-0.79.21/src/dogtag.c:1109:9: warning[-Wanalyzer-malloc-leak]: leak of ‘aoptions’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1108:17: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1109:9: throw: if ‘cm_log_set_level’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1109:9: danger: ‘aoptions’ leaks here; was allocated at [(8)](sarif:/runs/0/results/106/codeFlows/0/threadFlows/0/locations/7)
# 1107|   	else
# 1108|   		cm_log_set_method(cm_log_syslog);
# 1109|-> 	cm_log_set_level(verbose);
# 1110|   
# 1111|   	nctx = NSS_InitContext(CM_DEFAULT_CERT_STORAGE_LOCATION,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def432]
certmonger-0.79.21/src/dogtag.c:1109:9: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1034:29: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1108:17: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1109:9: throw: if ‘cm_log_set_level’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1109:9: danger: ‘p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/105/codeFlows/0/threadFlows/0/locations/10)
# 1107|   	else
# 1108|   		cm_log_set_method(cm_log_syslog);
# 1109|-> 	cm_log_set_level(verbose);
# 1110|   
# 1111|   	nctx = NSS_InitContext(CM_DEFAULT_CERT_STORAGE_LOCATION,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def433]
certmonger-0.79.21/src/dogtag.c:1111:16: warning[-Wanalyzer-malloc-leak]: leak of ‘aoptions’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1108:17: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1111:16: throw: if ‘NSS_InitContext’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1111:16: danger: ‘aoptions’ leaks here; was allocated at [(8)](sarif:/runs/0/results/108/codeFlows/0/threadFlows/0/locations/7)
# 1109|   	cm_log_set_level(verbose);
# 1110|   
# 1111|-> 	nctx = NSS_InitContext(CM_DEFAULT_CERT_STORAGE_LOCATION,
# 1112|   			       NULL, NULL, NULL, NULL,
# 1113|   			       NSS_INIT_NOCERTDB |

Error: GCC_ANALYZER_WARNING (CWE-401): [#def434]
certmonger-0.79.21/src/dogtag.c:1111:16: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1034:29: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1108:17: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1111:16: throw: if ‘NSS_InitContext’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1111:16: danger: ‘p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/107/codeFlows/0/threadFlows/0/locations/10)
# 1109|   	cm_log_set_level(verbose);
# 1110|   
# 1111|-> 	nctx = NSS_InitContext(CM_DEFAULT_CERT_STORAGE_LOCATION,
# 1112|   			       NULL, NULL, NULL, NULL,
# 1113|   			       NSS_INIT_NOCERTDB |

Error: GCC_ANALYZER_WARNING (CWE-401): [#def435]
certmonger-0.79.21/src/dogtag.c:1117:17: warning[-Wanalyzer-malloc-leak]: leak of ‘aoptions’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1108:17: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1116:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1117:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1117:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1117:17: danger: ‘aoptions’ leaks here; was allocated at [(8)](sarif:/runs/0/results/110/codeFlows/0/threadFlows/0/locations/7)
# 1115|   			       NSS_INIT_NOROOTINIT);
# 1116|   	if (nctx == NULL) {
# 1117|-> 		cm_log(1, "Unable to initialize NSS.\n");
# 1118|   		_exit(1);
# 1119|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def436]
certmonger-0.79.21/src/dogtag.c:1117:17: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1034:29: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1108:17: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1116:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1117:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1117:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1117:17: danger: ‘p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/109/codeFlows/0/threadFlows/0/locations/10)
# 1115|   			       NSS_INIT_NOROOTINIT);
# 1116|   	if (nctx == NULL) {
# 1117|-> 		cm_log(1, "Unable to initialize NSS.\n");
# 1118|   		_exit(1);
# 1119|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def437]
certmonger-0.79.21/src/dogtag.c:1120:14: warning[-Wanalyzer-malloc-leak]: leak of ‘aoptions’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1108:17: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1116:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1120:14: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1120:14: throw: if ‘util_n_fips_hook’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1120:14: danger: ‘aoptions’ leaks here; was allocated at [(8)](sarif:/runs/0/results/112/codeFlows/0/threadFlows/0/locations/7)
# 1118|   		_exit(1);
# 1119|   	}
# 1120|-> 	es = util_n_fips_hook();
# 1121|   	if (es != NULL) {
# 1122|   		cm_log(1, "Error putting NSS into FIPS mode: %s\n", es);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def438]
certmonger-0.79.21/src/dogtag.c:1120:14: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1034:29: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1108:17: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1116:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1120:14: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1120:14: throw: if ‘util_n_fips_hook’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1120:14: danger: ‘p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/111/codeFlows/0/threadFlows/0/locations/10)
# 1118|   		_exit(1);
# 1119|   	}
# 1120|-> 	es = util_n_fips_hook();
# 1121|   	if (es != NULL) {
# 1122|   		cm_log(1, "Error putting NSS into FIPS mode: %s\n", es);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def439]
certmonger-0.79.21/src/dogtag.c:1122:17: warning[-Wanalyzer-malloc-leak]: leak of ‘aoptions’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1108:17: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1116:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1120:14: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1121:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1122:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1122:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1122:17: danger: ‘aoptions’ leaks here; was allocated at [(8)](sarif:/runs/0/results/114/codeFlows/0/threadFlows/0/locations/7)
# 1120|   	es = util_n_fips_hook();
# 1121|   	if (es != NULL) {
# 1122|-> 		cm_log(1, "Error putting NSS into FIPS mode: %s\n", es);
# 1123|   		_exit(1);
# 1124|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def440]
certmonger-0.79.21/src/dogtag.c:1122:17: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1034:29: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1108:17: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1116:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1120:14: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1121:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1122:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1122:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1122:17: danger: ‘p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/113/codeFlows/0/threadFlows/0/locations/10)
# 1120|   	es = util_n_fips_hook();
# 1121|   	if (es != NULL) {
# 1122|-> 		cm_log(1, "Error putting NSS into FIPS mode: %s\n", es);
# 1123|   		_exit(1);
# 1124|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def441]
certmonger-0.79.21/src/dogtag.c:1170:16: warning[-Wanalyzer-malloc-leak]: leak of ‘aoptions’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1108:17: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1116:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1120:14: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1121:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1126:15: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1170:16: throw: if ‘talloc_strdup’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1170:16: danger: ‘aoptions’ leaks here; was allocated at [(8)](sarif:/runs/0/results/116/codeFlows/0/threadFlows/0/locations/7)
# 1168|   		missing_args = TRUE;
# 1169|   	}
# 1170|-> 	host = talloc_strdup(ctx, tmphostname);
# 1171|   #endif
# 1172|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def442]
certmonger-0.79.21/src/dogtag.c:1170:16: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1034:29: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1108:17: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1116:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1120:14: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1121:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1126:15: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1170:16: throw: if ‘talloc_strdup’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1170:16: danger: ‘p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/115/codeFlows/0/threadFlows/0/locations/10)
# 1168|   		missing_args = TRUE;
# 1169|   	}
# 1170|-> 	host = talloc_strdup(ctx, tmphostname);
# 1171|   #endif
# 1172|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def443]
certmonger-0.79.21/src/dogtag.c:1176:36: warning[-Wanalyzer-malloc-leak]: leak of ‘aoptions’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1108:17: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1116:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1120:14: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1121:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1126:15: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1173:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1174:28: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1175:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1176:36: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1176:36: throw: if ‘cm_prefs_dogtag_profile’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1176:36: danger: ‘aoptions’ leaks here; was allocated at [(8)](sarif:/runs/0/results/118/codeFlows/0/threadFlows/0/locations/7)
# 1174|   		template = getenv(CM_SUBMIT_PROFILE_ENV);
# 1175|   		if (template == NULL) {
# 1176|-> 			template = cm_prefs_dogtag_profile();
# 1177|   			if (template == NULL) {
# 1178|   				/* Maybe we should ask the server for which

Error: GCC_ANALYZER_WARNING (CWE-401): [#def444]
certmonger-0.79.21/src/dogtag.c:1176:36: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1034:29: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1108:17: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1116:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1120:14: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1121:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1126:15: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1173:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1174:28: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1175:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1176:36: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1176:36: throw: if ‘cm_prefs_dogtag_profile’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1176:36: danger: ‘p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/117/codeFlows/0/threadFlows/0/locations/10)
# 1174|   		template = getenv(CM_SUBMIT_PROFILE_ENV);
# 1175|   		if (template == NULL) {
# 1176|-> 			template = cm_prefs_dogtag_profile();
# 1177|   			if (template == NULL) {
# 1178|   				/* Maybe we should ask the server for which

Error: GCC_ANALYZER_WARNING (CWE-401): [#def445]
certmonger-0.79.21/src/dogtag.c:1188:29: warning[-Wanalyzer-malloc-leak]: leak of ‘aoptions’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1108:17: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1116:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1120:14: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1121:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1126:15: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1185:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1186:23: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1187:20: branch_true: following ‘true’ branch (when ‘tmp’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1188:29: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1188:29: throw: if ‘cm_prefs_dogtag_renew’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1188:29: danger: ‘aoptions’ leaks here; was allocated at [(8)](sarif:/runs/0/results/120/codeFlows/0/threadFlows/0/locations/7)
# 1186|   		tmp = getenv(CM_SUBMIT_CERTIFICATE_ENV);
# 1187|   		if (tmp != NULL) {
# 1188|-> 			if (cm_prefs_dogtag_renew()) {
# 1189|   				serial = serial_hex_from_cert(tmp);
# 1190|   				if (serial != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def446]
certmonger-0.79.21/src/dogtag.c:1188:29: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1034:29: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1108:17: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1116:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1120:14: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1121:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1126:15: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1185:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1186:23: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1187:20: branch_true: following ‘true’ branch (when ‘tmp’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1188:29: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1188:29: throw: if ‘cm_prefs_dogtag_renew’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1188:29: danger: ‘p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/119/codeFlows/0/threadFlows/0/locations/10)
# 1186|   		tmp = getenv(CM_SUBMIT_CERTIFICATE_ENV);
# 1187|   		if (tmp != NULL) {
# 1188|-> 			if (cm_prefs_dogtag_renew()) {
# 1189|   				serial = serial_hex_from_cert(tmp);
# 1190|   				if (serial != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def447]
certmonger-0.79.21/src/dogtag.c:1201:26: warning[-Wanalyzer-malloc-leak]: leak of ‘aoptions’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1106:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1116:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1120:14: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1121:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1126:15: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1196:12: branch_true: following ‘true’ branch (when ‘force_new == 0’)...
certmonger-0.79.21/src/dogtag.c:1196:24: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1200:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1201:26: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1201:26: throw: if ‘cm_prefs_dogtag_ca_info’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1201:26: danger: ‘aoptions’ leaks here; was allocated at [(8)](sarif:/runs/0/results/122/codeFlows/0/threadFlows/0/locations/7)
# 1199|   	}
# 1200|   	if (cainfo == NULL) {
# 1201|-> 		cainfo = cm_prefs_dogtag_ca_info();
# 1202|   	}
# 1203|   	if (capath == NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def448]
certmonger-0.79.21/src/dogtag.c:1201:26: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1034:29: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1106:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1116:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1120:14: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1121:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1126:15: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1196:12: branch_true: following ‘true’ branch (when ‘force_new == 0’)...
certmonger-0.79.21/src/dogtag.c:1196:24: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1200:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1201:26: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1201:26: throw: if ‘cm_prefs_dogtag_ca_info’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1201:26: danger: ‘p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/121/codeFlows/0/threadFlows/0/locations/10)
# 1199|   	}
# 1200|   	if (cainfo == NULL) {
# 1201|-> 		cainfo = cm_prefs_dogtag_ca_info();
# 1202|   	}
# 1203|   	if (capath == NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def449]
certmonger-0.79.21/src/dogtag.c:1204:26: warning[-Wanalyzer-malloc-leak]: leak of ‘aoptions’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1106:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1116:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1120:14: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1121:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1126:15: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1196:12: branch_true: following ‘true’ branch (when ‘force_new == 0’)...
certmonger-0.79.21/src/dogtag.c:1196:24: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1203:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1204:26: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1204:26: throw: if ‘cm_prefs_dogtag_ca_path’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1204:26: danger: ‘aoptions’ leaks here; was allocated at [(8)](sarif:/runs/0/results/124/codeFlows/0/threadFlows/0/locations/7)
# 1202|   	}
# 1203|   	if (capath == NULL) {
# 1204|-> 		capath = cm_prefs_dogtag_ca_path();
# 1205|   	}
# 1206|   	if (ssldir == NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def450]
certmonger-0.79.21/src/dogtag.c:1204:26: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1034:29: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1106:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1116:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1120:14: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1121:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1126:15: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1196:12: branch_true: following ‘true’ branch (when ‘force_new == 0’)...
certmonger-0.79.21/src/dogtag.c:1196:24: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1203:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1204:26: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1204:26: throw: if ‘cm_prefs_dogtag_ca_path’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1204:26: danger: ‘p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/123/codeFlows/0/threadFlows/0/locations/10)
# 1202|   	}
# 1203|   	if (capath == NULL) {
# 1204|-> 		capath = cm_prefs_dogtag_ca_path();
# 1205|   	}
# 1206|   	if (ssldir == NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def451]
certmonger-0.79.21/src/dogtag.c:1207:26: warning[-Wanalyzer-malloc-leak]: leak of ‘aoptions’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1106:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1116:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1120:14: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1121:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1126:15: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1196:12: branch_true: following ‘true’ branch (when ‘force_new == 0’)...
certmonger-0.79.21/src/dogtag.c:1196:24: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1206:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1207:26: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1207:26: throw: if ‘cm_prefs_dogtag_ssldir’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1207:26: danger: ‘aoptions’ leaks here; was allocated at [(8)](sarif:/runs/0/results/126/codeFlows/0/threadFlows/0/locations/7)
# 1205|   	}
# 1206|   	if (ssldir == NULL) {
# 1207|-> 		ssldir = cm_prefs_dogtag_ssldir();
# 1208|   	}
# 1209|   	if (sslcert == NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def452]
certmonger-0.79.21/src/dogtag.c:1207:26: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1034:29: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1106:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1116:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1120:14: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1121:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1126:15: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1196:12: branch_true: following ‘true’ branch (when ‘force_new == 0’)...
certmonger-0.79.21/src/dogtag.c:1196:24: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1206:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1207:26: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1207:26: throw: if ‘cm_prefs_dogtag_ssldir’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1207:26: danger: ‘p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/125/codeFlows/0/threadFlows/0/locations/10)
# 1205|   	}
# 1206|   	if (ssldir == NULL) {
# 1207|-> 		ssldir = cm_prefs_dogtag_ssldir();
# 1208|   	}
# 1209|   	if (sslcert == NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def453]
certmonger-0.79.21/src/dogtag.c:1210:27: warning[-Wanalyzer-malloc-leak]: leak of ‘aoptions’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1106:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1116:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1120:14: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1121:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1126:15: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1196:12: branch_true: following ‘true’ branch (when ‘force_new == 0’)...
certmonger-0.79.21/src/dogtag.c:1196:24: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1209:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1210:27: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1210:27: throw: if ‘cm_prefs_dogtag_sslcert’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1210:27: danger: ‘aoptions’ leaks here; was allocated at [(8)](sarif:/runs/0/results/128/codeFlows/0/threadFlows/0/locations/7)
# 1208|   	}
# 1209|   	if (sslcert == NULL) {
# 1210|-> 		sslcert = cm_prefs_dogtag_sslcert();
# 1211|   	}
# 1212|   	if (sslkey == NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def454]
certmonger-0.79.21/src/dogtag.c:1210:27: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1034:29: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1106:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1116:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1120:14: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1121:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1126:15: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1196:12: branch_true: following ‘true’ branch (when ‘force_new == 0’)...
certmonger-0.79.21/src/dogtag.c:1196:24: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1209:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1210:27: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1210:27: throw: if ‘cm_prefs_dogtag_sslcert’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1210:27: danger: ‘p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/127/codeFlows/0/threadFlows/0/locations/10)
# 1208|   	}
# 1209|   	if (sslcert == NULL) {
# 1210|-> 		sslcert = cm_prefs_dogtag_sslcert();
# 1211|   	}
# 1212|   	if (sslkey == NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def455]
certmonger-0.79.21/src/dogtag.c:1213:26: warning[-Wanalyzer-malloc-leak]: leak of ‘aoptions’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1106:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1116:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1120:14: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1121:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1126:15: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1196:12: branch_true: following ‘true’ branch (when ‘force_new == 0’)...
certmonger-0.79.21/src/dogtag.c:1196:24: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1212:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1213:26: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1213:26: throw: if ‘cm_prefs_dogtag_sslkey’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1213:26: danger: ‘aoptions’ leaks here; was allocated at [(8)](sarif:/runs/0/results/130/codeFlows/0/threadFlows/0/locations/7)
# 1211|   	}
# 1212|   	if (sslkey == NULL) {
# 1213|-> 		sslkey = cm_prefs_dogtag_sslkey();
# 1214|   	}
# 1215|   	if ((sslpinfile == NULL) && (sslpin == NULL)) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def456]
certmonger-0.79.21/src/dogtag.c:1213:26: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1034:29: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1106:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1116:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1120:14: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1121:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1126:15: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1196:12: branch_true: following ‘true’ branch (when ‘force_new == 0’)...
certmonger-0.79.21/src/dogtag.c:1196:24: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1212:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1213:26: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1213:26: throw: if ‘cm_prefs_dogtag_sslkey’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1213:26: danger: ‘p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/129/codeFlows/0/threadFlows/0/locations/10)
# 1211|   	}
# 1212|   	if (sslkey == NULL) {
# 1213|-> 		sslkey = cm_prefs_dogtag_sslkey();
# 1214|   	}
# 1215|   	if ((sslpinfile == NULL) && (sslpin == NULL)) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def457]
certmonger-0.79.21/src/dogtag.c:1216:30: warning[-Wanalyzer-malloc-leak]: leak of ‘aoptions’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1108:17: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1116:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1120:14: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1121:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1126:15: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1196:12: branch_true: following ‘true’ branch (when ‘force_new == 0’)...
certmonger-0.79.21/src/dogtag.c:1196:24: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1215:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1216:30: throw: if ‘cm_prefs_dogtag_sslpinfile’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1216:30: danger: ‘aoptions’ leaks here; was allocated at [(8)](sarif:/runs/0/results/132/codeFlows/0/threadFlows/0/locations/7)
# 1214|   	}
# 1215|   	if ((sslpinfile == NULL) && (sslpin == NULL)) {
# 1216|-> 		sslpinfile = cm_prefs_dogtag_sslpinfile();
# 1217|   	}
# 1218|   #ifdef DOGTAG_IPA_RENEW_AGENT

Error: GCC_ANALYZER_WARNING (CWE-401): [#def458]
certmonger-0.79.21/src/dogtag.c:1216:30: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/dogtag.c:1009:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1012:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1014:17: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1020:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1027:25: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1029:28: branch_false: following ‘false’ branch (when ‘aoptions’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1034:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1034:29: acquire_memory: allocated here
certmonger-0.79.21/src/dogtag.c:1035:28: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/dogtag.c:1041:29: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1013:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1097:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1104:9: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1105:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1108:17: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1116:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1120:14: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1121:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/dogtag.c:1126:15: branch_false: ...to here
certmonger-0.79.21/src/dogtag.c:1196:12: branch_true: following ‘true’ branch (when ‘force_new == 0’)...
certmonger-0.79.21/src/dogtag.c:1196:24: branch_true: ...to here
certmonger-0.79.21/src/dogtag.c:1215:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/dogtag.c:1216:30: throw: if ‘cm_prefs_dogtag_sslpinfile’ throws an exception...
certmonger-0.79.21/src/dogtag.c:1216:30: danger: ‘p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/131/codeFlows/0/threadFlows/0/locations/10)
# 1214|   	}
# 1215|   	if ((sslpinfile == NULL) && (sslpin == NULL)) {
# 1216|-> 		sslpinfile = cm_prefs_dogtag_sslpinfile();
# 1217|   	}
# 1218|   #ifdef DOGTAG_IPA_RENEW_AGENT

Error: GCC_ANALYZER_WARNING (CWE-401): [#def459]
certmonger-0.79.21/src/env-session.c:111:49: warning[-Wanalyzer-malloc-leak]: leak of ‘tmp’
certmonger-0.79.21/src/env-session.c:102:23: acquire_memory: allocated here
certmonger-0.79.21/src/env-session.c:103:20: branch_true: following ‘true’ branch (when ‘tmp’ is non-NULL)...
certmonger-0.79.21/src/env-session.c:104:35: branch_true: ...to here
certmonger-0.79.21/src/env-session.c:105:43: branch_true: following ‘true’ branch (when ‘p > q’)...
certmonger-0.79.21/src/env-session.c:106:37: branch_true: ...to here
certmonger-0.79.21/src/env-session.c:106:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/env-session.c:107:41: branch_true: ...to here
certmonger-0.79.21/src/env-session.c:109:44: branch_true: following ‘true’ branch (when ‘i != 0’)...
certmonger-0.79.21/src/env-session.c:110:46: branch_true: ...to here
certmonger-0.79.21/src/env-session.c:109:45: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/env-session.c:111:49: branch_true: ...to here
certmonger-0.79.21/src/env-session.c:111:49: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/env-session.c:111:49: danger: ‘tmp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  109|   					if ((i != 0) &&
#  110|   					    (errno != EEXIST)) {
#  111|-> 						cm_log(0, "Error ensuring "
#  112|   						       "that directory '%s' "
#  113|   						       "exists: %s.\n", tmp,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def460]
certmonger-0.79.21/src/env-session.c:123:33: warning[-Wanalyzer-malloc-leak]: leak of ‘tmp’
certmonger-0.79.21/src/env-session.c:102:23: acquire_memory: allocated here
certmonger-0.79.21/src/env-session.c:103:20: branch_true: following ‘true’ branch (when ‘tmp’ is non-NULL)...
certmonger-0.79.21/src/env-session.c:104:35: branch_true: ...to here
certmonger-0.79.21/src/env-session.c:121:28: branch_true: following ‘true’ branch (when ‘i != 0’)...
certmonger-0.79.21/src/env-session.c:122:30: branch_true: ...to here
certmonger-0.79.21/src/env-session.c:121:29: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/env-session.c:123:33: branch_true: ...to here
certmonger-0.79.21/src/env-session.c:123:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/env-session.c:123:33: danger: ‘tmp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  121|   			if ((i != 0) &&
#  122|   			    (errno != EEXIST)) {
#  123|-> 				cm_log(0, "Error ensuring "
#  124|   				       "that directory '%s' "
#  125|   				       "exists: %s.\n", tmp,

Error: COMPILER_WARNING (CWE-563): [#def461]
certmonger-0.79.21/src/getcert.c: scope_hint: In function ‘prep_bus’
certmonger-0.79.21/src/getcert.c:286:48: warning[-Wunused-parameter]: unused parameter ‘mode’
#  286 | prep_bus(enum cm_tdbus_type which, const char *mode,
#      |                                    ~~~~~~~~~~~~^~~~
#  284|   /* Connect to the bus, or not. */
#  285|   static void
#  286|-> prep_bus(enum cm_tdbus_type which, const char *mode,
#  287|   	 int verbose, int argc, const char **argv)
#  288|   {

Error: CPPCHECK_WARNING (CWE-562): [#def462]
certmonger-0.79.21/src/getcert.c:5645: error[autoVariables]: Address of local auto-variable assigned to a function parameter.
# 5643|   			if (strcmp(verbs[i].verb, globals.verb) == 0) {
# 5644|   				argv1 = argv[1];
# 5645|-> 				argv[1] = poptname;
# 5646|   				ret = (*verbs[i].fn)(poptname, argc - 1,
# 5647|   						     argv + 1);

Error: COMPILER_WARNING (CWE-563): [#def463]
certmonger-0.79.21/src/hook.c: scope_hint: In function ‘cm_hook_main’
certmonger-0.79.21/src/hook.c:62:42: warning[-Wunused-parameter]: unused parameter ‘ca’
#   62 | cm_hook_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#      |                      ~~~~~~~~~~~~~~~~~~~~^~
#   60|   /* Fire off a single subprocess. */
#   61|   static int
#   62|-> cm_hook_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#   63|   	     void *userdata)
#   64|   {

Error: COMPILER_WARNING (CWE-563): [#def464]
certmonger-0.79.21/src/hook.c:62:69: warning[-Wunused-parameter]: unused parameter ‘entry’
#   62 | cm_hook_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#      |                                              ~~~~~~~~~~~~~~~~~~~~~~~^~~~~
#   60|   /* Fire off a single subprocess. */
#   61|   static int
#   62|-> cm_hook_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#   63|   	     void *userdata)
#   64|   {

Error: COMPILER_WARNING (CWE-563): [#def465]
certmonger-0.79.21/src/ipa.c: scope_hint: In function ‘submit_or_poll_uri’
certmonger-0.79.21/src/ipa.c:369:32: warning[-Wunused-parameter]: unused parameter ‘uid’
#  369 |                    const char *uid, const char *pwd, const char *csr,
#      |                    ~~~~~~~~~~~~^~~
#  367|   static int
#  368|   submit_or_poll_uri(const char *uri, const char *cainfo, const char *capath,
#  369|-> 		   const char *uid, const char *pwd, const char *csr,
#  370|   		   const char *reqprinc, const char *profile,
#  371|   		   const char *issuer, int verbose)

Error: COMPILER_WARNING (CWE-563): [#def466]
certmonger-0.79.21/src/ipa.c:369:49: warning[-Wunused-parameter]: unused parameter ‘pwd’
#  369 |                    const char *uid, const char *pwd, const char *csr,
#      |                                     ~~~~~~~~~~~~^~~
#  367|   static int
#  368|   submit_or_poll_uri(const char *uri, const char *cainfo, const char *capath,
#  369|-> 		   const char *uid, const char *pwd, const char *csr,
#  370|   		   const char *reqprinc, const char *profile,
#  371|   		   const char *issuer, int verbose)

Error: COMPILER_WARNING (CWE-563): [#def467]
certmonger-0.79.21/src/ipa.c: scope_hint: In function ‘fetch_roots’
certmonger-0.79.21/src/ipa.c:610:43: warning[-Wunused-parameter]: unused parameter ‘uid’
#  610 |             const char *host, const char *uid, const char *pwd,
#      |                               ~~~~~~~~~~~~^~~
#  608|   static int
#  609|   fetch_roots(const char *server, int ldap_uri_cmd, const char *ldap_uri,
#  610|-> 	    const char *host, const char *uid, const char *pwd,
#  611|   	    const char *domain, char *basedn)
#  612|   {

Error: COMPILER_WARNING (CWE-563): [#def468]
certmonger-0.79.21/src/ipa.c:610:60: warning[-Wunused-parameter]: unused parameter ‘pwd’
#  610 |             const char *host, const char *uid, const char *pwd,
#      |                                                ~~~~~~~~~~~~^~~
#  608|   static int
#  609|   fetch_roots(const char *server, int ldap_uri_cmd, const char *ldap_uri,
#  610|-> 	    const char *host, const char *uid, const char *pwd,
#  611|   	    const char *domain, char *basedn)
#  612|   {

Error: CPPCHECK_WARNING (CWE-457): [#def469]
certmonger-0.79.21/src/ipa.c:874: warning[uninitvar]: Uninitialized variable: ipaconfig
#  872|   		}
#  873|   	}
#  874|-> 	free(ipaconfig);
#  875|   	csr = NULL;
#  876|   	memset(uri, '\0', sizeof(uri));

Error: GCC_ANALYZER_WARNING (CWE-415): [#def470]
certmonger-0.79.21/src/ipa.c:1011:25: warning[-Wanalyzer-double-free]: double-‘free’ of ‘csr’
certmonger-0.79.21/src/ipa.c:704:40: release_memory: first ‘free’ here
certmonger-0.79.21/src/ipa.c:705:15: release_memory: first ‘free’ here
certmonger-0.79.21/src/ipa.c:705:28: release_memory: first ‘free’ here
certmonger-0.79.21/src/ipa.c:705:41: release_memory: first ‘free’ here
certmonger-0.79.21/src/ipa.c:710:30: release_memory: first ‘free’ here
certmonger-0.79.21/src/ipa.c:710:46: release_memory: first ‘free’ here
certmonger-0.79.21/src/ipa.c:710:63: release_memory: first ‘free’ here
certmonger-0.79.21/src/ipa.c:743:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/ipa.c:747:13: branch_false: ...to here
certmonger-0.79.21/src/ipa.c:747:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/ipa.c:752:14: branch_false: ...to here
certmonger-0.79.21/src/ipa.c:762:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/ipa.c:765:9: branch_false: ...to here
certmonger-0.79.21/src/ipa.c:809:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/ipa.c:813:9: branch_false: ...to here
certmonger-0.79.21/src/ipa.c:814:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/ipa.c:817:17: branch_false: ...to here
certmonger-0.79.21/src/ipa.c:831:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/ipa.c:874:9: branch_false: ...to here
certmonger-0.79.21/src/ipa.c:879:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/ipa.c:880:14: branch_false: ...to here
certmonger-0.79.21/src/ipa.c:879:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/ipa.c:979:13: branch_false: ...to here
certmonger-0.79.21/src/ipa.c:1008:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/ipa.c:1009:25: branch_true: ...to here
certmonger-0.79.21/src/ipa.c:1011:25: danger: second ‘free’ here; first ‘free’ was at [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6)
# 1009|   			fprintf(stderr,
# 1010|   				"Both -u and -W/-w options should be specified.\n");
# 1011|-> 			free(csr);
# 1012|   			free(profile);
# 1013|   			free(issuer);

Error: COMPILER_WARNING (CWE-758): [#def471]
certmonger-0.79.21/src/iterate.c: scope_hint: In function ‘cm_waitfor_readable_fd’
certmonger-0.79.21/src/iterate.c:294:9: warning[-Wrestrict]: passing argument 2 to ‘restrict’-qualified parameter aliases with argument 4
#  294 |         if (select(fd + 1, fdset, NULL, fdset, (delay >= 0) ? &tv : NULL) < 0) {
#      |         ^~
#  292|   		FD_SET(fd, fdset);
#  293|   	}
#  294|-> 	if (select(fd + 1, fdset, NULL, fdset, (delay >= 0) ? &tv : NULL) < 0) {
#  295|   		if (delay < 0) {
#  296|   			/* No defined delay, but an error. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def472]
certmonger-0.79.21/src/keygen-n.c:89:13: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:116:1: enter_function: entry to ‘cm_keygen_n_main’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:395:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:414:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:611:12: branch_false: following ‘false’ branch (when ‘nickname’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:615:20: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:616:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:619:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:623:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:624:30: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:623:29: branch_true: following ‘true’ branch (when the strings are equal)...
certmonger-0.79.21/src/keygen-n.c:626:33: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:628:44: call_function: calling ‘make_nickname’ from ‘cm_keygen_n_main’
#   87|   	size_t l;
#   88|   
#   89|-> 	if (PK11_GenerateRandom(suffix, sizeof(suffix)) != SECSuccess) {
#   90|   		/* Try again sometime later. */
#   91|   		cm_log(1, "Error generating suffix: %s.\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def473]
certmonger-0.79.21/src/keygen-n.c:91:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:116:1: enter_function: entry to ‘cm_keygen_n_main’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:395:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:414:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:611:12: branch_false: following ‘false’ branch (when ‘nickname’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:615:20: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:616:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:619:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:623:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:624:30: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:623:29: branch_true: following ‘true’ branch (when the strings are equal)...
certmonger-0.79.21/src/keygen-n.c:626:33: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:628:44: call_function: calling ‘make_nickname’ from ‘cm_keygen_n_main’
#   89|   	if (PK11_GenerateRandom(suffix, sizeof(suffix)) != SECSuccess) {
#   90|   		/* Try again sometime later. */
#   91|-> 		cm_log(1, "Error generating suffix: %s.\n",
#   92|   		       PR_ErrorToName(PORT_GetError()));
#   93|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def474]
certmonger-0.79.21/src/keygen-n.c:92:39: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:116:1: enter_function: entry to ‘cm_keygen_n_main’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:395:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:414:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:611:12: branch_false: following ‘false’ branch (when ‘nickname’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:615:20: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:616:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:619:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:623:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:624:30: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:623:29: branch_true: following ‘true’ branch (when the strings are equal)...
certmonger-0.79.21/src/keygen-n.c:626:33: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:628:44: call_function: calling ‘make_nickname’ from ‘cm_keygen_n_main’
#   90|   		/* Try again sometime later. */
#   91|   		cm_log(1, "Error generating suffix: %s.\n",
#   92|-> 		       PR_ErrorToName(PORT_GetError()));
#   93|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#   94|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def475]
certmonger-0.79.21/src/keygen-n.c:95:19: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:116:1: enter_function: entry to ‘cm_keygen_n_main’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:395:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:414:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:611:12: branch_false: following ‘false’ branch (when ‘nickname’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:615:20: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:616:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:619:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:623:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:624:30: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:623:29: branch_true: following ‘true’ branch (when the strings are equal)...
certmonger-0.79.21/src/keygen-n.c:626:33: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:628:44: call_function: calling ‘make_nickname’ from ‘cm_keygen_n_main’
#   93|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#   94|   	}
#   95|-> 	*marker = cm_store_base64_from_bin(NULL, suffix, sizeof(suffix));
#   96|   	if (*marker == NULL) {
#   97|   		/* Try again sometime later. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def476]
certmonger-0.79.21/src/keygen-n.c:98:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:116:1: enter_function: entry to ‘cm_keygen_n_main’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:395:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:414:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:611:12: branch_false: following ‘false’ branch (when ‘nickname’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:615:20: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:616:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:619:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:623:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:624:30: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:623:29: branch_true: following ‘true’ branch (when the strings are equal)...
certmonger-0.79.21/src/keygen-n.c:626:33: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:628:44: call_function: calling ‘make_nickname’ from ‘cm_keygen_n_main’
#   96|   	if (*marker == NULL) {
#   97|   		/* Try again sometime later. */
#   98|-> 		cm_log(1, "Error generating suffix.\n");
#   99|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  100|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def477]
certmonger-0.79.21/src/keygen-n.c:111:15: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:116:1: enter_function: entry to ‘cm_keygen_n_main’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:395:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:414:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:611:12: branch_false: following ‘false’ branch (when ‘nickname’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:615:20: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:616:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:619:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:623:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:624:30: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:623:29: branch_true: following ‘true’ branch (when the strings are equal)...
certmonger-0.79.21/src/keygen-n.c:626:33: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:628:44: call_function: calling ‘make_nickname’ from ‘cm_keygen_n_main’
#  109|   		}
#  110|   	}
#  111|-> 	ret = util_build_next_nickname(prefix, *marker);
#  112|   	return ret;
#  113|   }

Error: COMPILER_WARNING (CWE-563): [#def478]
certmonger-0.79.21/src/keygen-n.c:116:46: warning[-Wunused-parameter]: unused parameter ‘ca’
#  116 | cm_keygen_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#      |                          ~~~~~~~~~~~~~~~~~~~~^~
#  114|   
#  115|   static int
#  116|-> cm_keygen_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#  117|   		 void *userdata)
#  118|   {

Error: COMPILER_WARNING (CWE-563): [#def479]
certmonger-0.79.21/src/keygen-n.c:155:13: warning[-Wunused-variable]: unused variable ‘retry’
#  155 |         int retry, generated_size;
#      |             ^~~~~
#  153|   	struct cm_keygen_n_settings *settings;
#  154|   	struct cm_pin_cb_data cb_data;
#  155|-> 	int retry, generated_size;
#  156|   
#  157|   	status = fdopen(fd, "w");

Error: COMPILER_WARNING (CWE-563): [#def480]
certmonger-0.79.21/src/keygen-n.c: scope_hint: In function ‘cm_keygen_n_main’
certmonger-0.79.21/src/keygen-n.c:155:20: warning[-Wunused-variable]: unused variable ‘generated_size’
#  155 |         int retry, generated_size;
#      |                    ^~~~~~~~~~~~~~
#  153|   	struct cm_keygen_n_settings *settings;
#  154|   	struct cm_pin_cb_data cb_data;
#  155|-> 	int retry, generated_size;
#  156|   
#  157|   	status = fdopen(fd, "w");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def481]
certmonger-0.79.21/src/keygen-n.c:165:15: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:165:15: throw: if ‘NSS_InitContext’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:165:15: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/0)
#  163|   	readwrite = settings->readwrite;
#  164|   	errno = 0;
#  165|-> 	ctx = NSS_InitContext(entry->cm_key_storage_location,
#  166|   			      NULL, NULL, NULL, NULL,
#  167|   			      (readwrite ? 0 : NSS_INIT_READONLY) |

Error: GCC_ANALYZER_WARNING (CWE-401): [#def482]
certmonger-0.79.21/src/keygen-n.c:170:14: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:170:14: throw: if ‘PORT_GetError’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:170:14: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/0)
#  168|   			      NSS_INIT_NOROOTINIT |
#  169|   			      NSS_INIT_NOMODDB);
#  170|-> 	ec = PORT_GetError();
#  171|   	if (ctx == NULL) {
#  172|   		if ((ec == SEC_ERROR_READ_ONLY) && readwrite) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def483]
certmonger-0.79.21/src/keygen-n.c:186:39: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:172:21: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:172:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:175:26: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:175:25: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:176:33: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:186:39: throw: if ‘NSS_InitContext’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:186:39: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/0)
#  184|   				 * succeed in read-only mode, which we'll
#  185|   				 * interpret as lack of write permissions. */
#  186|-> 				ctx = NSS_InitContext(entry->cm_key_storage_location,
#  187|   						      NULL, NULL, NULL, NULL,
#  188|   						      NSS_INIT_READONLY |

Error: GCC_ANALYZER_WARNING (CWE-401): [#def484]
certmonger-0.79.21/src/keygen-n.c:192:49: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:172:21: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:172:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:175:26: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:175:25: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:176:33: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:191:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:192:49: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:192:49: throw: if ‘NSS_ShutdownContext’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:192:49: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/0)
#  190|   						      NSS_INIT_NOMODDB);
#  191|   				if (ctx != NULL) {
#  192|-> 					error = NSS_ShutdownContext(ctx);
#  193|   					if (error != SECSuccess) {
#  194|   						cm_log(1, "Error shutting down "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def485]
certmonger-0.79.21/src/keygen-n.c:194:49: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:172:21: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:172:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:175:26: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:175:25: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:176:33: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:191:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:192:49: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:193:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:194:49: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:194:49: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:194:49: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/0)
#  192|   					error = NSS_ShutdownContext(ctx);
#  193|   					if (error != SECSuccess) {
#  194|-> 						cm_log(1, "Error shutting down "
#  195|   						       "NSS.\n");
#  196|   					}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def486]
certmonger-0.79.21/src/keygen-n.c:204:30: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:172:21: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:204:30: throw: if ‘PR_ErrorToName’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:204:30: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/0)
#  202|   		}
#  203|   		if (ec != 0) {
#  204|-> 			es = PR_ErrorToName(ec);
#  205|   		} else {
#  206|   			es = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def487]
certmonger-0.79.21/src/keygen-n.c:212:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:172:21: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:208:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:209:25: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:212:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:212:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/0)
#  210|   				"'%s': %s.\n",
#  211|   				entry->cm_key_storage_location, es);
#  212|-> 			cm_log(1, "Error initializing database '%s': %s.\n",
#  213|   			       entry->cm_key_storage_location, es);
#  214|   		} else {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def488]
certmonger-0.79.21/src/keygen-n.c:217:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:172:21: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:208:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:215:25: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:217:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:217:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/0)
#  215|   			fprintf(status, "Error initializing database '%s'.\n",
#  216|   				entry->cm_key_storage_location);
#  217|-> 			cm_log(1, "Error initializing database '%s'.\n",
#  218|   			       entry->cm_key_storage_location);
#  219|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def489]
certmonger-0.79.21/src/keygen-n.c:229:13: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:13: throw: if ‘NSS_ShutdownContext’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:229:13: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/0)
#  227|   		}
#  228|   	}
#  229|-> 	if (NSS_ShutdownContext(ctx) != SECSuccess) {
#  230|   		cm_log(0, "Error shutting down NSS.\n");
#  231|   		_exit(1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def490]
certmonger-0.79.21/src/keygen-n.c:230:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:230:17: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:230:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:230:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/0)
#  228|   	}
#  229|   	if (NSS_ShutdownContext(ctx) != SECSuccess) {
#  230|-> 		cm_log(0, "Error shutting down NSS.\n");
#  231|   		_exit(1);
#  232|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def491]
certmonger-0.79.21/src/keygen-n.c:233:15: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:233:15: throw: if ‘NSS_InitContext’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:233:15: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/0)
#  231|   		_exit(1);
#  232|   	}
#  233|-> 	ctx = NSS_InitContext(entry->cm_key_storage_location,
#  234|   			      NULL, NULL, NULL, NULL,
#  235|   			      (readwrite ? 0 : NSS_INIT_READONLY) |

Error: GCC_ANALYZER_WARNING (CWE-401): [#def492]
certmonger-0.79.21/src/keygen-n.c:238:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:238:17: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:238:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:238:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/0)
#  236|   			      NSS_INIT_NOROOTINIT);
#  237|   	if (ctx == NULL) {
#  238|-> 		cm_log(0, "Unable to initialize NSS %s.\n", entry->cm_key_storage_location);
#  239|   		_exit(1);
#  240|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def493]
certmonger-0.79.21/src/keygen-n.c:241:18: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:241:18: throw: if ‘util_n_fips_hook’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:241:18: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/0)
#  239|   		_exit(1);
#  240|   	}
#  241|-> 	reason = util_n_fips_hook();
#  242|   	if (reason != NULL) {
#  243|   		cm_log(1, "Error putting NSS into FIPS mode: %s\n", reason);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def494]
certmonger-0.79.21/src/keygen-n.c:243:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:243:17: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:243:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:243:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/0)
#  241|   	reason = util_n_fips_hook();
#  242|   	if (reason != NULL) {
#  243|-> 		cm_log(1, "Error putting NSS into FIPS mode: %s\n", reason);
#  244|   		_exit(CM_SUB_STATUS_ERROR_INITIALIZING);
#  245|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def495]
certmonger-0.79.21/src/keygen-n.c:276:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:276:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:276:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/0)
#  274|   	default:
#  275|   		fprintf(status, "Unknown or unsupported key type.\n");
#  276|-> 		cm_log(1, "Unknown or unsupported key type.\n");
#  277|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  278|   		break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def496]
certmonger-0.79.21/src/keygen-n.c:281:20: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:281:20: throw: if ‘PK11_GetAllTokens’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:281:20: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/0)
#  279|   	}
#  280|   	/* Find the tokens that we might use for key generation. */
#  281|-> 	slotlist = PK11_GetAllTokens(mech, PR_TRUE, PR_FALSE, NULL);
#  282|   	if (slotlist == NULL) {
#  283|   		fprintf(status, "Error locating token for key generation.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def497]
certmonger-0.79.21/src/keygen-n.c:284:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:283:17: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:284:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:284:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/0)
#  282|   	if (slotlist == NULL) {
#  283|   		fprintf(status, "Error locating token for key generation.\n");
#  284|-> 		cm_log(1, "Error locating token for key generation.\n");
#  285|   		_exit(CM_SUB_STATUS_ERROR_NO_TOKEN);
#  286|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def498]
certmonger-0.79.21/src/keygen-n.c:288:40: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:287:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:288:40: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:288:40: throw: if ‘util_internal_token_name’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:288:40: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/0)
#  286|   	}
#  287|   	if (entry->cm_cert_token == NULL) {
#  288|-> 		entry->cm_cert_token = util_internal_token_name(entry);
#  289|   	}
#  290|   	/* Walk the list looking for the requested slot, or the first one if

Error: GCC_ANALYZER_WARNING (CWE-401): [#def499]
certmonger-0.79.21/src/keygen-n.c:296:21: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:296:21: throw: if ‘PK11_IsInternal’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:296:21: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/0)
#  294|   	     ((sle != NULL) && (sle->slot != NULL));
#  295|   	     sle = sle->next) {
#  296|-> 		if (PK11_IsInternal(sle->slot) &&
#  297|   		    !PK11_IsInternalKeySlot(sle->slot)) {
#  298|   			cm_log(3, "Skipping NSS internal slot (%s).\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def500]
certmonger-0.79.21/src/keygen-n.c:297:22: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:296:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:297:22: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:297:22: throw: if ‘PK11_IsInternalKeySlot’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:297:22: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/0)
#  295|   	     sle = sle->next) {
#  296|   		if (PK11_IsInternal(sle->slot) &&
#  297|-> 		    !PK11_IsInternalKeySlot(sle->slot)) {
#  298|   			cm_log(3, "Skipping NSS internal slot (%s).\n",
#  299|   			       PK11_GetTokenName(sle->slot));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def501]
certmonger-0.79.21/src/keygen-n.c:298:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:296:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:297:22: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:296:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:298:25: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:298:25: throw: if ‘PK11_GetTokenName’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:298:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/27/codeFlows/0/threadFlows/0/locations/0)
#  296|   		if (PK11_IsInternal(sle->slot) &&
#  297|   		    !PK11_IsInternalKeySlot(sle->slot)) {
#  298|-> 			cm_log(3, "Skipping NSS internal slot (%s).\n",
#  299|   			       PK11_GetTokenName(sle->slot));
#  300|   			goto next_slot;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def502]
certmonger-0.79.21/src/keygen-n.c:302:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:302:25: throw: if ‘PK11_GetTokenName’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:302:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/29/codeFlows/0/threadFlows/0/locations/0)
#  300|   			goto next_slot;
#  301|   		}
#  302|-> 		token = PK11_GetTokenName(sle->slot);
#  303|   		if (token != NULL) {
#  304|   			cm_log(3, "Found token '%s'.\n", token);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def503]
certmonger-0.79.21/src/keygen-n.c:304:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:304:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:304:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/0)
#  302|   		token = PK11_GetTokenName(sle->slot);
#  303|   		if (token != NULL) {
#  304|-> 			cm_log(3, "Found token '%s'.\n", token);
#  305|   		} else {
#  306|   			cm_log(3, "Found unnamed token.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def504]
certmonger-0.79.21/src/keygen-n.c:306:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:306:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:306:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/31/codeFlows/0/threadFlows/0/locations/0)
#  304|   			cm_log(3, "Found token '%s'.\n", token);
#  305|   		} else {
#  306|-> 			cm_log(3, "Found unnamed token.\n");
#  307|   		}
#  308|   		if ((entry->cm_key_token == NULL) ||

Error: GCC_ANALYZER_WARNING (CWE-401): [#def505]
certmonger-0.79.21/src/keygen-n.c:322:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:320:12: branch_true: following ‘true’ branch (when ‘slot’ is NULL)...
certmonger-0.79.21/src/keygen-n.c:321:17: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:322:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:322:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/32/codeFlows/0/threadFlows/0/locations/0)
#  320|   	if (slot == NULL) {
#  321|   		fprintf(status, "Error locating token for key generation.\n");
#  322|-> 		cm_log(1, "Error locating token for key generation.\n");
#  323|   		_exit(CM_SUB_STATUS_ERROR_NO_TOKEN);
#  324|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def506]
certmonger-0.79.21/src/keygen-n.c:333:21: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:332:12: branch_true: following ‘true’ branch (when ‘readwrite != 0’)...
certmonger-0.79.21/src/keygen-n.c:333:21: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:333:21: throw: if ‘PK11_NeedUserInit’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:333:21: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/33/codeFlows/0/threadFlows/0/locations/0)
#  331|   	 * set one, do it now. */
#  332|   	if (readwrite) {
#  333|-> 		if (PK11_NeedUserInit(slot)) {
#  334|   			if (cm_pin_read_for_key(entry, &pin) != 0) {
#  335|   				cm_log(1, "Error reading PIN to assign "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def507]
certmonger-0.79.21/src/keygen-n.c:334:29: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:332:12: branch_true: following ‘true’ branch (when ‘readwrite != 0’)...
certmonger-0.79.21/src/keygen-n.c:333:21: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:333:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:334:29: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:334:29: throw: if ‘cm_pin_read_for_key’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:334:29: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/34/codeFlows/0/threadFlows/0/locations/0)
#  332|   	if (readwrite) {
#  333|   		if (PK11_NeedUserInit(slot)) {
#  334|-> 			if (cm_pin_read_for_key(entry, &pin) != 0) {
#  335|   				cm_log(1, "Error reading PIN to assign "
#  336|   				       "to storage slot, skipping.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def508]
certmonger-0.79.21/src/keygen-n.c:335:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:332:12: branch_true: following ‘true’ branch (when ‘readwrite != 0’)...
certmonger-0.79.21/src/keygen-n.c:333:21: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:333:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:334:29: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:334:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:335:33: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:335:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:335:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/35/codeFlows/0/threadFlows/0/locations/0)
#  333|   		if (PK11_NeedUserInit(slot)) {
#  334|   			if (cm_pin_read_for_key(entry, &pin) != 0) {
#  335|-> 				cm_log(1, "Error reading PIN to assign "
#  336|   				       "to storage slot, skipping.\n");
#  337|   				PK11_FreeSlotList(slotlist);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def509]
certmonger-0.79.21/src/keygen-n.c:337:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:332:12: branch_true: following ‘true’ branch (when ‘readwrite != 0’)...
certmonger-0.79.21/src/keygen-n.c:333:21: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:333:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:334:29: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:334:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:335:33: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:337:33: throw: if ‘PK11_FreeSlotList’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:337:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/36/codeFlows/0/threadFlows/0/locations/0)
#  335|   				cm_log(1, "Error reading PIN to assign "
#  336|   				       "to storage slot, skipping.\n");
#  337|-> 				PK11_FreeSlotList(slotlist);
#  338|   				error = NSS_ShutdownContext(ctx);
#  339|   				if (error != SECSuccess) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def510]
certmonger-0.79.21/src/keygen-n.c:338:41: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:332:12: branch_true: following ‘true’ branch (when ‘readwrite != 0’)...
certmonger-0.79.21/src/keygen-n.c:333:21: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:333:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:334:29: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:334:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:335:33: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:338:41: throw: if ‘NSS_ShutdownContext’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:338:41: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/37/codeFlows/0/threadFlows/0/locations/0)
#  336|   				       "to storage slot, skipping.\n");
#  337|   				PK11_FreeSlotList(slotlist);
#  338|-> 				error = NSS_ShutdownContext(ctx);
#  339|   				if (error != SECSuccess) {
#  340|   					cm_log(1, "Error shutting down NSS.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def511]
certmonger-0.79.21/src/keygen-n.c:340:41: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:332:12: branch_true: following ‘true’ branch (when ‘readwrite != 0’)...
certmonger-0.79.21/src/keygen-n.c:333:21: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:333:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:334:29: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:334:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:335:33: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:339:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:340:41: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:340:41: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:340:41: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/38/codeFlows/0/threadFlows/0/locations/0)
#  338|   				error = NSS_ShutdownContext(ctx);
#  339|   				if (error != SECSuccess) {
#  340|-> 					cm_log(1, "Error shutting down NSS.\n");
#  341|   				}
#  342|   				_exit(CM_SUB_STATUS_ERROR_AUTH);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def512]
certmonger-0.79.21/src/keygen-n.c:344:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:332:12: branch_true: following ‘true’ branch (when ‘readwrite != 0’)...
certmonger-0.79.21/src/keygen-n.c:333:21: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:333:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:334:29: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:334:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:344:54: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:344:25: throw: if ‘PK11_InitPin’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:344:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/39/codeFlows/0/threadFlows/0/locations/0)
#  342|   				_exit(CM_SUB_STATUS_ERROR_AUTH);
#  343|   			}
#  344|-> 			PK11_InitPin(slot, NULL, pin ? pin : "");
#  345|   			ec = PORT_GetError();
#  346|   			if (ec != 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def513]
certmonger-0.79.21/src/keygen-n.c:345:30: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:332:12: branch_true: following ‘true’ branch (when ‘readwrite != 0’)...
certmonger-0.79.21/src/keygen-n.c:333:21: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:333:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:334:29: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:334:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:344:54: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:345:30: throw: if ‘PORT_GetError’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:345:30: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/40/codeFlows/0/threadFlows/0/locations/0)
#  343|   			}
#  344|   			PK11_InitPin(slot, NULL, pin ? pin : "");
#  345|-> 			ec = PORT_GetError();
#  346|   			if (ec != 0) {
#  347|   				es = PR_ErrorToName(ec);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def514]
certmonger-0.79.21/src/keygen-n.c:347:38: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:332:12: branch_true: following ‘true’ branch (when ‘readwrite != 0’)...
certmonger-0.79.21/src/keygen-n.c:333:21: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:333:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:334:29: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:334:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:344:54: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:346:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:347:38: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:347:38: throw: if ‘PR_ErrorToName’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:347:38: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/41/codeFlows/0/threadFlows/0/locations/0)
#  345|   			ec = PORT_GetError();
#  346|   			if (ec != 0) {
#  347|-> 				es = PR_ErrorToName(ec);
#  348|   			} else {
#  349|   				es = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def515]
certmonger-0.79.21/src/keygen-n.c:351:29: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:332:12: branch_true: following ‘true’ branch (when ‘readwrite != 0’)...
certmonger-0.79.21/src/keygen-n.c:333:21: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:333:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:334:29: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:334:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:344:54: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:346:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:351:29: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:351:29: throw: if ‘PK11_NeedUserInit’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:351:29: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/42/codeFlows/0/threadFlows/0/locations/0)
#  349|   				es = NULL;
#  350|   			}
#  351|-> 			if (PK11_NeedUserInit(slot)) {
#  352|   				if (es != NULL) {
#  353|   					cm_log(1, "Key generation slot still "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def516]
certmonger-0.79.21/src/keygen-n.c:353:41: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:332:12: branch_true: following ‘true’ branch (when ‘readwrite != 0’)...
certmonger-0.79.21/src/keygen-n.c:333:21: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:333:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:334:29: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:334:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:344:54: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:346:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:347:38: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:351:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:352:36: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:352:36: branch_true: following ‘true’ branch (when ‘es’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:353:41: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:353:41: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:353:41: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/43/codeFlows/0/threadFlows/0/locations/0)
#  351|   			if (PK11_NeedUserInit(slot)) {
#  352|   				if (es != NULL) {
#  353|-> 					cm_log(1, "Key generation slot still "
#  354|   					       "needs user PIN to be set: "
#  355|   					       "%s.\n", es);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def517]
certmonger-0.79.21/src/keygen-n.c:357:41: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:332:12: branch_true: following ‘true’ branch (when ‘readwrite != 0’)...
certmonger-0.79.21/src/keygen-n.c:333:21: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:333:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:334:29: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:334:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:344:54: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:351:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:352:36: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:352:36: branch_false: following ‘false’ branch (when ‘es’ is NULL)...
certmonger-0.79.21/src/keygen-n.c:357:41: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:357:41: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:357:41: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/44/codeFlows/0/threadFlows/0/locations/0)
#  355|   					       "%s.\n", es);
#  356|   				} else {
#  357|-> 					cm_log(1, "Key generation slot still "
#  358|   					       "needs user PIN to be set.\n");
#  359|   				}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def518]
certmonger-0.79.21/src/keygen-n.c:360:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:332:12: branch_true: following ‘true’ branch (when ‘readwrite != 0’)...
certmonger-0.79.21/src/keygen-n.c:333:21: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:333:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:334:29: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:334:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:344:54: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:351:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:352:36: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:352:36: branch_false: following ‘false’ branch (when ‘es’ is NULL)...
certmonger-0.79.21/src/keygen-n.c:357:41: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:360:33: throw: if ‘PK11_FreeSlotList’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:360:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/45/codeFlows/0/threadFlows/0/locations/0)
#  358|   					       "needs user PIN to be set.\n");
#  359|   				}
#  360|-> 				PK11_FreeSlotList(slotlist);
#  361|   				error = NSS_ShutdownContext(ctx);
#  362|   				if (error != SECSuccess) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def519]
certmonger-0.79.21/src/keygen-n.c:361:41: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:332:12: branch_true: following ‘true’ branch (when ‘readwrite != 0’)...
certmonger-0.79.21/src/keygen-n.c:333:21: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:333:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:334:29: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:334:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:344:54: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:351:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:352:36: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:352:36: branch_false: following ‘false’ branch (when ‘es’ is NULL)...
certmonger-0.79.21/src/keygen-n.c:357:41: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:361:41: throw: if ‘NSS_ShutdownContext’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:361:41: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/46/codeFlows/0/threadFlows/0/locations/0)
#  359|   				}
#  360|   				PK11_FreeSlotList(slotlist);
#  361|-> 				error = NSS_ShutdownContext(ctx);
#  362|   				if (error != SECSuccess) {
#  363|   					cm_log(1, "Error shutting down NSS.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def520]
certmonger-0.79.21/src/keygen-n.c:363:41: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:332:12: branch_true: following ‘true’ branch (when ‘readwrite != 0’)...
certmonger-0.79.21/src/keygen-n.c:333:21: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:333:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:334:29: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:334:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:344:54: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:351:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:352:36: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:352:36: branch_false: following ‘false’ branch (when ‘es’ is NULL)...
certmonger-0.79.21/src/keygen-n.c:357:41: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:362:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:363:41: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:363:41: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:363:41: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/47/codeFlows/0/threadFlows/0/locations/0)
#  361|   				error = NSS_ShutdownContext(ctx);
#  362|   				if (error != SECSuccess) {
#  363|-> 					cm_log(1, "Error shutting down NSS.\n");
#  364|   				}
#  365|   				switch (ec) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def521]
certmonger-0.79.21/src/keygen-n.c:382:13: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:13: throw: if ‘cm_pin_read_for_key’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:382:13: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/48/codeFlows/0/threadFlows/0/locations/0)
#  380|   	}
#  381|   	/* Now log in, if we have to. */
#  382|-> 	if (cm_pin_read_for_key(entry, &pin) != 0) {
#  383|   		cm_log(1, "Error reading PIN for key store, "
#  384|   		       "failing to generate CSR.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def522]
certmonger-0.79.21/src/keygen-n.c:383:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:383:17: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:383:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:383:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/49/codeFlows/0/threadFlows/0/locations/0)
#  381|   	/* Now log in, if we have to. */
#  382|   	if (cm_pin_read_for_key(entry, &pin) != 0) {
#  383|-> 		cm_log(1, "Error reading PIN for key store, "
#  384|   		       "failing to generate CSR.\n");
#  385|   		PK11_FreeSlotList(slotlist);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def523]
certmonger-0.79.21/src/keygen-n.c:385:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:383:17: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:385:17: throw: if ‘PK11_FreeSlotList’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:385:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/50/codeFlows/0/threadFlows/0/locations/0)
#  383|   		cm_log(1, "Error reading PIN for key store, "
#  384|   		       "failing to generate CSR.\n");
#  385|-> 		PK11_FreeSlotList(slotlist);
#  386|   		error = NSS_ShutdownContext(ctx);
#  387|   		if (error != SECSuccess) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def524]
certmonger-0.79.21/src/keygen-n.c:386:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:383:17: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:386:25: throw: if ‘NSS_ShutdownContext’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:386:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/51/codeFlows/0/threadFlows/0/locations/0)
#  384|   		       "failing to generate CSR.\n");
#  385|   		PK11_FreeSlotList(slotlist);
#  386|-> 		error = NSS_ShutdownContext(ctx);
#  387|   		if (error != SECSuccess) {
#  388|   			cm_log(1, "Error shutting down NSS.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def525]
certmonger-0.79.21/src/keygen-n.c:388:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:383:17: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:387:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:388:25: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:388:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:388:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/52/codeFlows/0/threadFlows/0/locations/0)
#  386|   		error = NSS_ShutdownContext(ctx);
#  387|   		if (error != SECSuccess) {
#  388|-> 			cm_log(1, "Error shutting down NSS.\n");
#  389|   		}
#  390|   		_exit(CM_SUB_STATUS_ERROR_AUTH);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def526]
certmonger-0.79.21/src/keygen-n.c:392:9: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:392:9: throw: if ‘PK11_SetPasswordFunc’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:392:9: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/53/codeFlows/0/threadFlows/0/locations/0)
#  390|   		_exit(CM_SUB_STATUS_ERROR_AUTH);
#  391|   	}
#  392|-> 	PK11_SetPasswordFunc(&cm_pin_read_for_key_nss_cb);
#  393|   	error = PK11_Authenticate(slot, PR_TRUE, &cb_data);
#  394|   	ec = PORT_GetError();

Error: GCC_ANALYZER_WARNING (CWE-401): [#def527]
certmonger-0.79.21/src/keygen-n.c:393:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:393:17: throw: if ‘PK11_Authenticate’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:393:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/54/codeFlows/0/threadFlows/0/locations/0)
#  391|   	}
#  392|   	PK11_SetPasswordFunc(&cm_pin_read_for_key_nss_cb);
#  393|-> 	error = PK11_Authenticate(slot, PR_TRUE, &cb_data);
#  394|   	ec = PORT_GetError();
#  395|   	if (error != SECSuccess) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def528]
certmonger-0.79.21/src/keygen-n.c:394:14: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:394:14: throw: if ‘PORT_GetError’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:394:14: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/55/codeFlows/0/threadFlows/0/locations/0)
#  392|   	PK11_SetPasswordFunc(&cm_pin_read_for_key_nss_cb);
#  393|   	error = PK11_Authenticate(slot, PR_TRUE, &cb_data);
#  394|-> 	ec = PORT_GetError();
#  395|   	if (error != SECSuccess) {
#  396|   		if (ec != 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def529]
certmonger-0.79.21/src/keygen-n.c:397:30: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:395:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:396:20: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:396:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:397:30: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:397:30: throw: if ‘PR_ErrorToName’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:397:30: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/56/codeFlows/0/threadFlows/0/locations/0)
#  395|   	if (error != SECSuccess) {
#  396|   		if (ec != 0) {
#  397|-> 			es = PR_ErrorToName(ec);
#  398|   		} else {
#  399|   			es = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def530]
certmonger-0.79.21/src/keygen-n.c:402:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:395:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:396:20: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:396:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:397:30: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:401:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:402:25: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:402:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:402:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/57/codeFlows/0/threadFlows/0/locations/0)
#  400|   		}
#  401|   		if (es != NULL) {
#  402|-> 			cm_log(1, "Error authenticating to key store: %s.\n",
#  403|   			       es);
#  404|   		} else {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def531]
certmonger-0.79.21/src/keygen-n.c:405:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:395:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:396:20: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:405:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:405:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/58/codeFlows/0/threadFlows/0/locations/0)
#  403|   			       es);
#  404|   		} else {
#  405|-> 			cm_log(1, "Error authenticating to key store.\n");
#  406|   		}
#  407|   		PK11_FreeSlotList(slotlist);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def532]
certmonger-0.79.21/src/keygen-n.c:407:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:395:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:396:20: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:407:17: throw: if ‘PK11_FreeSlotList’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:407:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/59/codeFlows/0/threadFlows/0/locations/0)
#  405|   			cm_log(1, "Error authenticating to key store.\n");
#  406|   		}
#  407|-> 		PK11_FreeSlotList(slotlist);
#  408|   		error = NSS_ShutdownContext(ctx);
#  409|   		if (error != SECSuccess) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def533]
certmonger-0.79.21/src/keygen-n.c:408:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:395:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:396:20: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:408:25: throw: if ‘NSS_ShutdownContext’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:408:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/60/codeFlows/0/threadFlows/0/locations/0)
#  406|   		}
#  407|   		PK11_FreeSlotList(slotlist);
#  408|-> 		error = NSS_ShutdownContext(ctx);
#  409|   		if (error != SECSuccess) {
#  410|   			cm_log(1, "Error shutting down NSS.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def534]
certmonger-0.79.21/src/keygen-n.c:410:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:395:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:396:20: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:409:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:410:25: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:410:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:410:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/61/codeFlows/0/threadFlows/0/locations/0)
#  408|   		error = NSS_ShutdownContext(ctx);
#  409|   		if (error != SECSuccess) {
#  410|-> 			cm_log(1, "Error shutting down NSS.\n");
#  411|   		}
#  412|   		_exit(CM_SUB_STATUS_ERROR_AUTH);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def535]
certmonger-0.79.21/src/keygen-n.c:417:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:395:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:414:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:414:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:415:13: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:414:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:416:14: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:414:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:417:17: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:417:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:417:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/62/codeFlows/0/threadFlows/0/locations/0)
#  415|   	    (strlen(pin) > 0) &&
#  416|   	    (cb_data.n_attempts == 0)) {
#  417|-> 		cm_log(1, "PIN was not needed to auth to key "
#  418|   		       "store token %s, though one was provided. "
#  419|   		       "Treating this as an error.\n", token);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def536]
certmonger-0.79.21/src/keygen-n.c:420:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:395:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:414:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:414:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:415:13: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:414:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:416:14: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:414:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:417:17: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:420:17: throw: if ‘PK11_FreeSlotList’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:420:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/63/codeFlows/0/threadFlows/0/locations/0)
#  418|   		       "store token %s, though one was provided. "
#  419|   		       "Treating this as an error.\n", token);
#  420|-> 		PK11_FreeSlotList(slotlist);
#  421|   		error = NSS_ShutdownContext(ctx);
#  422|   		if (error != SECSuccess) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def537]
certmonger-0.79.21/src/keygen-n.c:421:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:395:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:414:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:414:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:415:13: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:414:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:416:14: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:414:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:417:17: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:421:25: throw: if ‘NSS_ShutdownContext’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:421:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/64/codeFlows/0/threadFlows/0/locations/0)
#  419|   		       "Treating this as an error.\n", token);
#  420|   		PK11_FreeSlotList(slotlist);
#  421|-> 		error = NSS_ShutdownContext(ctx);
#  422|   		if (error != SECSuccess) {
#  423|   			cm_log(1, "Error shutting down NSS.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def538]
certmonger-0.79.21/src/keygen-n.c:423:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:395:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:414:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:414:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:415:13: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:414:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:416:14: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:414:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:417:17: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:422:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:423:25: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:423:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:423:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/65/codeFlows/0/threadFlows/0/locations/0)
#  421|   		error = NSS_ShutdownContext(ctx);
#  422|   		if (error != SECSuccess) {
#  423|-> 			cm_log(1, "Error shutting down NSS.\n");
#  424|   		}
#  425|   		_exit(CM_SUB_STATUS_ERROR_AUTH);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def539]
certmonger-0.79.21/src/keygen-n.c:573:9: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:395:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:414:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:573:9: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:573:9: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/66/codeFlows/0/threadFlows/0/locations/0)
#  571|   	}
#  572|   	/* Generate the key pair. */
#  573|-> 	cm_log(1, "Generating key pair.\n");
#  574|   	pubkey = NULL;
#  575|   	privkey = PK11_GenerateKeyPair(slot, mech, params, &pubkey,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def540]
certmonger-0.79.21/src/keygen-n.c:575:19: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:395:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:414:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:575:19: throw: if ‘PK11_GenerateKeyPair’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:575:19: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/67/codeFlows/0/threadFlows/0/locations/0)
#  573|   	cm_log(1, "Generating key pair.\n");
#  574|   	pubkey = NULL;
#  575|-> 	privkey = PK11_GenerateKeyPair(slot, mech, params, &pubkey,
#  576|   				       PR_TRUE, PR_TRUE, NULL);
#  577|   	/* Retry with the optimum key size. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def541]
certmonger-0.79.21/src/keygen-n.c:579:31: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:395:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:414:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:578:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:579:31: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:579:31: throw: if ‘PK11_GetBestKeyLength’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:579:31: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/68/codeFlows/0/threadFlows/0/locations/0)
#  577|   	/* Retry with the optimum key size. */
#  578|   	if (privkey == NULL) {
#  579|-> 		cm_key_size = PK11_GetBestKeyLength(slot, pmech);
#  580|   		if (cm_key_size != cm_requested_key_size) {
#  581|   			cm_log(1,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def542]
certmonger-0.79.21/src/keygen-n.c:581:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:395:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:414:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:578:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:579:31: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:580:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:581:25: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:581:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:581:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/69/codeFlows/0/threadFlows/0/locations/0)
#  579|   		cm_key_size = PK11_GetBestKeyLength(slot, pmech);
#  580|   		if (cm_key_size != cm_requested_key_size) {
#  581|-> 			cm_log(1,
#  582|   			       "Overriding requested key size of %d with %d.\n",
#  583|   			       cm_requested_key_size, cm_key_size);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def543]
certmonger-0.79.21/src/keygen-n.c:586:22: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:395:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:414:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:578:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:579:31: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:586:22: throw: if ‘PORT_GetError’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:586:22: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/70/codeFlows/0/threadFlows/0/locations/0)
#  584|   			goto retry_gen;
#  585|   		}
#  586|-> 		ec = PORT_GetError();
#  587|   		if (ec != 0) {
#  588|   			es = PR_ErrorToName(ec);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def544]
certmonger-0.79.21/src/keygen-n.c:588:30: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:395:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:414:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:578:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:579:31: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:587:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:588:30: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:588:30: throw: if ‘PR_ErrorToName’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:588:30: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/71/codeFlows/0/threadFlows/0/locations/0)
#  586|   		ec = PORT_GetError();
#  587|   		if (ec != 0) {
#  588|-> 			es = PR_ErrorToName(ec);
#  589|   		} else {
#  590|   			es = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def545]
certmonger-0.79.21/src/keygen-n.c:593:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:395:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:414:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:578:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:579:31: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:587:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:588:30: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:592:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:593:25: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:593:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:593:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/72/codeFlows/0/threadFlows/0/locations/0)
#  591|   		}
#  592|   		if (es != NULL) {
#  593|-> 			cm_log(1, "Error generating key pair: %s.\n", es);
#  594|   		} else {
#  595|   			cm_log(1, "Error generating key pair.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def546]
certmonger-0.79.21/src/keygen-n.c:595:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:395:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:414:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:578:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:579:31: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:595:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:595:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/73/codeFlows/0/threadFlows/0/locations/0)
#  593|   			cm_log(1, "Error generating key pair: %s.\n", es);
#  594|   		} else {
#  595|-> 			cm_log(1, "Error generating key pair.\n");
#  596|   		}
#  597|   		switch (ec) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def547]
certmonger-0.79.21/src/keygen-n.c:606:9: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:395:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:414:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:606:9: throw: if ‘SECKEY_PublicKeyStrengthInBits’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:606:9: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/74/codeFlows/0/threadFlows/0/locations/0)
#  604|   		}
#  605|   	}
#  606|-> 	cm_log(1, "Ended up with %d bit public key.\n",
#  607|   	       SECKEY_PublicKeyStrengthInBits(pubkey));
#  608|   	/* Check for keys with the desired name, selecting a new name if

Error: GCC_ANALYZER_WARNING (CWE-401): [#def548]
certmonger-0.79.21/src/keygen-n.c:612:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:395:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:414:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:611:12: branch_true: following ‘true’ branch (when ‘nickname’ is NULL)...
certmonger-0.79.21/src/keygen-n.c:612:17: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:612:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:612:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/76/codeFlows/0/threadFlows/0/locations/0)
#  610|   	nickname = strdup(entry->cm_key_nickname);
#  611|   	if (nickname == NULL) {
#  612|-> 		cm_log(1, "Out of memory.\n");
#  613|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  614|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def549]
certmonger-0.79.21/src/keygen-n.c:615:20: warning[-Wanalyzer-malloc-leak]: leak of ‘nickname’
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:395:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:414:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:610:20: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:611:12: branch_false: following ‘false’ branch (when ‘nickname’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:615:20: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:615:20: throw: if ‘PK11_ListPrivKeysInSlot’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:615:20: danger: ‘nickname’ leaks here; was allocated at [(21)](sarif:/runs/0/results/78/codeFlows/0/threadFlows/0/locations/20)
#  613|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  614|   	}
#  615|-> 	privkeys = PK11_ListPrivKeysInSlot(slot, nickname, NULL);
#  616|   	while ((privkeys != NULL) && !PRIVKEY_LIST_EMPTY(privkeys)) {
#  617|   		markertmp = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def550]
certmonger-0.79.21/src/keygen-n.c:615:20: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:395:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:414:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:611:12: branch_false: following ‘false’ branch (when ‘nickname’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:615:20: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:615:20: throw: if ‘PK11_ListPrivKeysInSlot’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:615:20: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/77/codeFlows/0/threadFlows/0/locations/0)
#  613|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  614|   	}
#  615|-> 	privkeys = PK11_ListPrivKeysInSlot(slot, nickname, NULL);
#  616|   	while ((privkeys != NULL) && !PRIVKEY_LIST_EMPTY(privkeys)) {
#  617|   		markertmp = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def551]
certmonger-0.79.21/src/keygen-n.c:622:35: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:395:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:414:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:611:12: branch_false: following ‘false’ branch (when ‘nickname’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:615:20: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:616:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:619:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:622:35: throw: if ‘PK11_GetPrivateKeyNickname’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:622:35: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/79/codeFlows/0/threadFlows/0/locations/0)
#  620|   		     !PRIVKEY_LIST_END(node, privkeys);
#  621|   		     node = PRIVKEY_LIST_NEXT(node)) {
#  622|-> 			keyname = PK11_GetPrivateKeyNickname(node->key);
#  623|   			if ((keyname != NULL) &&
#  624|   			    (strcmp(keyname, nickname) == 0)) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def552]
certmonger-0.79.21/src/keygen-n.c:626:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-n.c:157:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-n.c:158:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:163:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:171:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:229:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:233:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:241:18: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:242:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:247:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:282:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:287:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:294:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:320:12: branch_false: following ‘false’ branch (when ‘slot’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:326:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:382:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:392:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:395:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-n.c:414:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:611:12: branch_false: following ‘false’ branch (when ‘nickname’ is non-NULL)...
certmonger-0.79.21/src/keygen-n.c:615:20: branch_false: ...to here
certmonger-0.79.21/src/keygen-n.c:616:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:619:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:623:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-n.c:624:30: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:623:29: branch_true: following ‘true’ branch (when the strings are equal)...
certmonger-0.79.21/src/keygen-n.c:626:33: branch_true: ...to here
certmonger-0.79.21/src/keygen-n.c:626:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-n.c:626:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/80/codeFlows/0/threadFlows/0/locations/0)
#  624|   			    (strcmp(keyname, nickname) == 0)) {
#  625|   				/* We're going to need to use a different nickname. */
#  626|-> 				cm_log(1, "Key already exists with nickname \"%s\".\n", nickname);
#  627|   				free(nickname);
#  628|   				nickname = make_nickname(entry->cm_key_nickname, &markertmp);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def553]
certmonger-0.79.21/src/keygen-o.c:70:14: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:96:1: enter_function: entry to ‘cm_keygen_o_main’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:249:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:249:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:252:24: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:256:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:257:41: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:275:36: call_function: calling ‘make_filename’ from ‘cm_keygen_o_main’
#   68|   	size_t l;
#   69|   
#   70|-> 	if (!RAND_bytes(suffix, sizeof(suffix))) {
#   71|   		/* Try again sometime later. */
#   72|   		cm_log(1, "Error generating suffix.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def554]
certmonger-0.79.21/src/keygen-o.c:72:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:96:1: enter_function: entry to ‘cm_keygen_o_main’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:249:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:249:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:252:24: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:256:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:257:41: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:275:36: call_function: calling ‘make_filename’ from ‘cm_keygen_o_main’
#   70|   	if (!RAND_bytes(suffix, sizeof(suffix))) {
#   71|   		/* Try again sometime later. */
#   72|-> 		cm_log(1, "Error generating suffix.\n");
#   73|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#   74|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def555]
certmonger-0.79.21/src/keygen-o.c:75:19: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:96:1: enter_function: entry to ‘cm_keygen_o_main’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:249:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:249:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:252:24: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:256:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:257:41: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:275:36: call_function: calling ‘make_filename’ from ‘cm_keygen_o_main’
#   73|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#   74|   	}
#   75|-> 	*marker = cm_store_base64_from_bin(NULL, suffix, sizeof(suffix));
#   76|   	if (*marker == NULL) {
#   77|   		/* Try again sometime later. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def556]
certmonger-0.79.21/src/keygen-o.c:78:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:96:1: enter_function: entry to ‘cm_keygen_o_main’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:249:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:249:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:252:24: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:256:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:257:41: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:275:36: call_function: calling ‘make_filename’ from ‘cm_keygen_o_main’
#   76|   	if (*marker == NULL) {
#   77|   		/* Try again sometime later. */
#   78|-> 		cm_log(1, "Error generating suffix.\n");
#   79|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#   80|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def557]
certmonger-0.79.21/src/keygen-o.c:91:15: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:96:1: enter_function: entry to ‘cm_keygen_o_main’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:249:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:249:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:252:24: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:256:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:257:41: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:275:36: call_function: calling ‘make_filename’ from ‘cm_keygen_o_main’
#   89|   		}
#   90|   	}
#   91|-> 	ret = util_build_next_filename(prefix, *marker);
#   92|   	return ret;
#   93|   }

Error: COMPILER_WARNING (CWE-563): [#def558]
certmonger-0.79.21/src/keygen-o.c:96:46: warning[-Wunused-parameter]: unused parameter ‘ca’
#   96 | cm_keygen_o_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#      |                          ~~~~~~~~~~~~~~~~~~~~^~
#   94|   
#   95|   static int
#   96|-> cm_keygen_o_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#   97|   		 void *userdata)
#   98|   {

Error: COMPILER_WARNING (CWE-563): [#def559]
certmonger-0.79.21/src/keygen-o.c:97:24: warning[-Wunused-parameter]: unused parameter ‘userdata’
#   97 |                  void *userdata)
#      |                  ~~~~~~^~~~~~~~
#   95|   static int
#   96|   cm_keygen_o_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#   97|-> 		 void *userdata)
#   98|   {
#   99|   	struct cm_pin_cb_data cb_data;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def560]
certmonger-0.79.21/src/keygen-o.c:134:9: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:134:9: throw: if ‘util_o_init’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:134:9: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/0)
#  132|   	}
#  133|   
#  134|-> 	util_o_init();
#  135|   	ERR_load_crypto_strings();
#  136|   	if (RAND_status() != 1) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def561]
certmonger-0.79.21/src/keygen-o.c:136:13: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:13: throw: if ‘RAND_status’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:136:13: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/0)
#  134|   	util_o_init();
#  135|   	ERR_load_crypto_strings();
#  136|-> 	if (RAND_status() != 1) {
#  137|   		cm_log(1, "PRNG not seeded for generating key.\n");
#  138|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def562]
certmonger-0.79.21/src/keygen-o.c:137:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:137:17: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:137:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:137:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/0)
#  135|   	ERR_load_crypto_strings();
#  136|   	if (RAND_status() != 1) {
#  137|-> 		cm_log(1, "PRNG not seeded for generating key.\n");
#  138|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  139|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def563]
certmonger-0.79.21/src/keygen-o.c:142:16: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:142:16: throw: if ‘EVP_PKEY_new’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:142:16: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/0)
#  140|   
#  141|   retry_gen:
#  142|-> 	pkey = EVP_PKEY_new();
#  143|   	if (pkey == NULL) {
#  144|   		cm_log(1, "Error allocating new key.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def564]
certmonger-0.79.21/src/keygen-o.c:144:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:144:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:144:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/0)
#  142|   	pkey = EVP_PKEY_new();
#  143|   	if (pkey == NULL) {
#  144|-> 		cm_log(1, "Error allocating new key.\n");
#  145|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  146|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def565]
certmonger-0.79.21/src/keygen-o.c:149:28: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:149:28: throw: if ‘BN_new’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:149:28: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/0)
#  147|   	switch (cm_key_algorithm) {
#  148|   	case cm_key_rsa:
#  149|-> 		exponent = BN_new();
#  150|   		if (exponent == NULL) {
#  151|   			cm_log(1, "Error setting up exponent.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def566]
certmonger-0.79.21/src/keygen-o.c:151:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:151:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:151:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/0)
#  149|   		exponent = BN_new();
#  150|   		if (exponent == NULL) {
#  151|-> 			cm_log(1, "Error setting up exponent.\n");
#  152|   			_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  153|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def567]
certmonger-0.79.21/src/keygen-o.c:154:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:154:17: throw: if ‘BN_set_word’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:154:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/0)
#  152|   			_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  153|   		}
#  154|-> 		BN_set_word(exponent, CM_DEFAULT_RSA_EXPONENT);
#  155|   		rsa = RSA_new();
#  156|   		if (rsa == NULL) {

Error: COMPILER_WARNING (CWE-477): [#def568]
certmonger-0.79.21/src/keygen-o.c: scope_hint: In function ‘cm_keygen_o_main’
certmonger-0.79.21/src/keygen-o.c:155:17: warning[-Wdeprecated-declarations]: ‘RSA_new’ is deprecated: Since OpenSSL 3.0
#  155 |                 rsa = RSA_new();
#      |                 ^~~
/usr/include/openssl/x509.h:36: included_from: Included from here.
/usr/include/openssl/pem.h:23: included_from: Included from here.
certmonger-0.79.21/src/keygen-o.c:40: included_from: Included from here.
/usr/include/openssl/rsa.h:212:28: note: declared here
#  212 | OSSL_DEPRECATEDIN_3_0 RSA *RSA_new(void);
#      |                            ^~~~~~~
#  153|   		}
#  154|   		BN_set_word(exponent, CM_DEFAULT_RSA_EXPONENT);
#  155|-> 		rsa = RSA_new();
#  156|   		if (rsa == NULL) {
#  157|   			cm_log(1, "Error allocating new RSA key.\n");

Error: COMPILER_WARNING (CWE-477): [#def569]
certmonger-0.79.21/src/keygen-o.c:155:17: warning[-Wdeprecated-declarations]: ‘RSA_new’ is deprecated: Since OpenSSL 3.0
#  153|   		}
#  154|   		BN_set_word(exponent, CM_DEFAULT_RSA_EXPONENT);
#  155|-> 		rsa = RSA_new();
#  156|   		if (rsa == NULL) {
#  157|   			cm_log(1, "Error allocating new RSA key.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def570]
certmonger-0.79.21/src/keygen-o.c:155:23: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:155:23: throw: if ‘RSA_new’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:155:23: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/0)
#  153|   		}
#  154|   		BN_set_word(exponent, CM_DEFAULT_RSA_EXPONENT);
#  155|-> 		rsa = RSA_new();
#  156|   		if (rsa == NULL) {
#  157|   			cm_log(1, "Error allocating new RSA key.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def571]
certmonger-0.79.21/src/keygen-o.c:157:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:157:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:157:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/0)
#  155|   		rsa = RSA_new();
#  156|   		if (rsa == NULL) {
#  157|-> 			cm_log(1, "Error allocating new RSA key.\n");
#  158|   			_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  159|   		}

Error: COMPILER_WARNING (CWE-477): [#def572]
certmonger-0.79.21/src/keygen-o.c:160:17: warning[-Wdeprecated-declarations]: ‘RSA_generate_key_ex’ is deprecated: Since OpenSSL 3.0
#  160 |                 if (RSA_generate_key_ex(rsa, cm_key_size, exponent, NULL) != 1) {
#      |                 ^~
/usr/include/openssl/rsa.h:271:27: note: declared here
#  271 | OSSL_DEPRECATEDIN_3_0 int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e,
#      |                           ^~~~~~~~~~~~~~~~~~~
#  158|   			_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  159|   		}
#  160|-> 		if (RSA_generate_key_ex(rsa, cm_key_size, exponent, NULL) != 1) {
#  161|   			if (cm_key_size != CM_DEFAULT_PUBKEY_SIZE) {
#  162|   				cm_log(1, "Error generating %d-bit key, "

Error: COMPILER_WARNING (CWE-477): [#def573]
certmonger-0.79.21/src/keygen-o.c:160:17: warning[-Wdeprecated-declarations]: ‘RSA_generate_key_ex’ is deprecated: Since OpenSSL 3.0
#  158|   			_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  159|   		}
#  160|-> 		if (RSA_generate_key_ex(rsa, cm_key_size, exponent, NULL) != 1) {
#  161|   			if (cm_key_size != CM_DEFAULT_PUBKEY_SIZE) {
#  162|   				cm_log(1, "Error generating %d-bit key, "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def574]
certmonger-0.79.21/src/keygen-o.c:160:21: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:160:21: throw: if ‘RSA_generate_key_ex’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:160:21: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/0)
#  158|   			_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  159|   		}
#  160|-> 		if (RSA_generate_key_ex(rsa, cm_key_size, exponent, NULL) != 1) {
#  161|   			if (cm_key_size != CM_DEFAULT_PUBKEY_SIZE) {
#  162|   				cm_log(1, "Error generating %d-bit key, "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def575]
certmonger-0.79.21/src/keygen-o.c:162:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:161:28: branch_true: following ‘true’ branch (when ‘cm_key_size != 2048’)...
certmonger-0.79.21/src/keygen-o.c:162:33: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:162:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:162:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/0)
#  160|   		if (RSA_generate_key_ex(rsa, cm_key_size, exponent, NULL) != 1) {
#  161|   			if (cm_key_size != CM_DEFAULT_PUBKEY_SIZE) {
#  162|-> 				cm_log(1, "Error generating %d-bit key, "
#  163|   				       "attempting %d bits.\n",
#  164|   				       cm_key_size, CM_DEFAULT_PUBKEY_SIZE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def576]
certmonger-0.79.21/src/keygen-o.c:168:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:168:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:168:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/27/codeFlows/0/threadFlows/0/locations/0)
#  166|   				goto retry_gen;
#  167|   			}
#  168|-> 			cm_log(1, "Error generating key.\n");
#  169|   			_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  170|   		}

Error: COMPILER_WARNING (CWE-477): [#def577]
certmonger-0.79.21/src/keygen-o.c:171:17: warning[-Wdeprecated-declarations]: ‘RSA_check_key’ is deprecated: Since OpenSSL 3.0
#  171 |                 if (RSA_check_key(rsa) != 1) { /* should be unnecessary */
#      |                 ^~
/usr/include/openssl/rsa.h:289:27: note: declared here
#  289 | OSSL_DEPRECATEDIN_3_0 int RSA_check_key(const RSA *);
#      |                           ^~~~~~~~~~~~~
#  169|   			_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  170|   		}
#  171|-> 		if (RSA_check_key(rsa) != 1) { /* should be unnecessary */
#  172|   			cm_log(1, "Key fails checks.  Retrying.\n");
#  173|   			goto retry_gen;

Error: COMPILER_WARNING (CWE-477): [#def578]
certmonger-0.79.21/src/keygen-o.c:171:17: warning[-Wdeprecated-declarations]: ‘RSA_check_key’ is deprecated: Since OpenSSL 3.0
#  169|   			_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  170|   		}
#  171|-> 		if (RSA_check_key(rsa) != 1) { /* should be unnecessary */
#  172|   			cm_log(1, "Key fails checks.  Retrying.\n");
#  173|   			goto retry_gen;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def579]
certmonger-0.79.21/src/keygen-o.c:171:21: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:171:21: throw: if ‘RSA_check_key’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:171:21: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/28/codeFlows/0/threadFlows/0/locations/0)
#  169|   			_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  170|   		}
#  171|-> 		if (RSA_check_key(rsa) != 1) { /* should be unnecessary */
#  172|   			cm_log(1, "Key fails checks.  Retrying.\n");
#  173|   			goto retry_gen;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def580]
certmonger-0.79.21/src/keygen-o.c:172:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:171:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:172:25: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:172:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:172:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/29/codeFlows/0/threadFlows/0/locations/0)
#  170|   		}
#  171|   		if (RSA_check_key(rsa) != 1) { /* should be unnecessary */
#  172|-> 			cm_log(1, "Key fails checks.  Retrying.\n");
#  173|   			goto retry_gen;
#  174|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def581]
certmonger-0.79.21/src/keygen-o.c:175:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:175:17: throw: if ‘EVP_PKEY_set1_RSA’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:175:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/0)
#  173|   			goto retry_gen;
#  174|   		}
#  175|-> 		EVP_PKEY_set1_RSA(pkey, rsa);
#  176|   		break;
#  177|   #ifdef CM_ENABLE_DSA

Error: COMPILER_WARNING (CWE-477): [#def582]
certmonger-0.79.21/src/keygen-o.c:175:17: warning[-Wdeprecated-declarations]: ‘EVP_PKEY_set1_RSA’ is deprecated: Since OpenSSL 3.0
#  175 |                 EVP_PKEY_set1_RSA(pkey, rsa);
#      |                 ^~~~~~~~~~~~~~~~~
/usr/include/openssl/pem.h:22: included_from: Included from here.
/usr/include/openssl/evp.h:1414:5: note: declared here
# 1414 | int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, struct rsa_st *key);
#      |     ^~~~~~~~~~~~~~~~~
#  173|   			goto retry_gen;
#  174|   		}
#  175|-> 		EVP_PKEY_set1_RSA(pkey, rsa);
#  176|   		break;
#  177|   #ifdef CM_ENABLE_DSA

Error: COMPILER_WARNING (CWE-477): [#def583]
certmonger-0.79.21/src/keygen-o.c:175:17: warning[-Wdeprecated-declarations]: ‘EVP_PKEY_set1_RSA’ is deprecated: Since OpenSSL 3.0
#  173|   			goto retry_gen;
#  174|   		}
#  175|-> 		EVP_PKEY_set1_RSA(pkey, rsa);
#  176|   		break;
#  177|   #ifdef CM_ENABLE_DSA

Error: COMPILER_WARNING (CWE-477): [#def584]
certmonger-0.79.21/src/keygen-o.c:212:17: warning[-Wdeprecated-declarations]: ‘EC_KEY_new_by_curve_name’ is deprecated: Since OpenSSL 3.0
#  212 |                 ec = EC_KEY_new_by_curve_name(ecurve);
#      |                 ^~
certmonger-0.79.21/src/keygen-o.c:37: included_from: Included from here.
/usr/include/openssl/ec.h:1017:31: note: declared here
# 1017 | OSSL_DEPRECATEDIN_3_0 EC_KEY *EC_KEY_new_by_curve_name(int nid);
#      |                               ^~~~~~~~~~~~~~~~~~~~~~~~
#  210|   		else
#  211|   			ecurve = NID_secp521r1;
#  212|-> 		ec = EC_KEY_new_by_curve_name(ecurve);
#  213|   		while ((ec == NULL) && (ecurve != NID_X9_62_prime256v1)) {
#  214|   			cm_log(1, "Error allocating new EC key.\n");

Error: COMPILER_WARNING (CWE-477): [#def585]
certmonger-0.79.21/src/keygen-o.c:212:17: warning[-Wdeprecated-declarations]: ‘EC_KEY_new_by_curve_name’ is deprecated: Since OpenSSL 3.0
#  210|   		else
#  211|   			ecurve = NID_secp521r1;
#  212|-> 		ec = EC_KEY_new_by_curve_name(ecurve);
#  213|   		while ((ec == NULL) && (ecurve != NID_X9_62_prime256v1)) {
#  214|   			cm_log(1, "Error allocating new EC key.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def586]
certmonger-0.79.21/src/keygen-o.c:212:22: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:212:22: throw: if ‘EC_KEY_new_by_curve_name’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:212:22: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/31/codeFlows/0/threadFlows/0/locations/0)
#  210|   		else
#  211|   			ecurve = NID_secp521r1;
#  212|-> 		ec = EC_KEY_new_by_curve_name(ecurve);
#  213|   		while ((ec == NULL) && (ecurve != NID_X9_62_prime256v1)) {
#  214|   			cm_log(1, "Error allocating new EC key.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def587]
certmonger-0.79.21/src/keygen-o.c:214:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:213:24: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:214:25: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:214:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:214:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/32/codeFlows/0/threadFlows/0/locations/0)
#  212|   		ec = EC_KEY_new_by_curve_name(ecurve);
#  213|   		while ((ec == NULL) && (ecurve != NID_X9_62_prime256v1)) {
#  214|-> 			cm_log(1, "Error allocating new EC key.\n");
#  215|   			switch (ecurve) {
#  216|   			case NID_secp521r1:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def588]
certmonger-0.79.21/src/keygen-o.c:217:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:213:24: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:214:25: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:217:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:217:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/33/codeFlows/0/threadFlows/0/locations/0)
#  215|   			switch (ecurve) {
#  216|   			case NID_secp521r1:
#  217|-> 				cm_log(1, "Trying with a smaller key.\n");
#  218|   				ecurve = NID_secp384r1;
#  219|   				ec = EC_KEY_new_by_curve_name(ecurve);

Error: COMPILER_WARNING (CWE-477): [#def589]
certmonger-0.79.21/src/keygen-o.c:219:33: warning[-Wdeprecated-declarations]: ‘EC_KEY_new_by_curve_name’ is deprecated: Since OpenSSL 3.0
#  219 |                                 ec = EC_KEY_new_by_curve_name(ecurve);
#      |                                 ^~
/usr/include/openssl/ec.h:1017:31: note: declared here
# 1017 | OSSL_DEPRECATEDIN_3_0 EC_KEY *EC_KEY_new_by_curve_name(int nid);
#      |                               ^~~~~~~~~~~~~~~~~~~~~~~~
#  217|   				cm_log(1, "Trying with a smaller key.\n");
#  218|   				ecurve = NID_secp384r1;
#  219|-> 				ec = EC_KEY_new_by_curve_name(ecurve);
#  220|   				break;
#  221|   			case NID_secp384r1:

Error: COMPILER_WARNING (CWE-477): [#def590]
certmonger-0.79.21/src/keygen-o.c:219:33: warning[-Wdeprecated-declarations]: ‘EC_KEY_new_by_curve_name’ is deprecated: Since OpenSSL 3.0
#  217|   				cm_log(1, "Trying with a smaller key.\n");
#  218|   				ecurve = NID_secp384r1;
#  219|-> 				ec = EC_KEY_new_by_curve_name(ecurve);
#  220|   				break;
#  221|   			case NID_secp384r1:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def591]
certmonger-0.79.21/src/keygen-o.c:219:38: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:213:24: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:214:25: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:219:38: throw: if ‘EC_KEY_new_by_curve_name’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:219:38: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/34/codeFlows/0/threadFlows/0/locations/0)
#  217|   				cm_log(1, "Trying with a smaller key.\n");
#  218|   				ecurve = NID_secp384r1;
#  219|-> 				ec = EC_KEY_new_by_curve_name(ecurve);
#  220|   				break;
#  221|   			case NID_secp384r1:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def592]
certmonger-0.79.21/src/keygen-o.c:222:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:213:24: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:214:25: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:222:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:222:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/35/codeFlows/0/threadFlows/0/locations/0)
#  220|   				break;
#  221|   			case NID_secp384r1:
#  222|-> 				cm_log(1, "Trying with a smaller key.\n");
#  223|   				ecurve = NID_X9_62_prime256v1;
#  224|   				ec = EC_KEY_new_by_curve_name(ecurve);

Error: COMPILER_WARNING (CWE-477): [#def593]
certmonger-0.79.21/src/keygen-o.c:224:33: warning[-Wdeprecated-declarations]: ‘EC_KEY_new_by_curve_name’ is deprecated: Since OpenSSL 3.0
#  224 |                                 ec = EC_KEY_new_by_curve_name(ecurve);
#      |                                 ^~
/usr/include/openssl/ec.h:1017:31: note: declared here
# 1017 | OSSL_DEPRECATEDIN_3_0 EC_KEY *EC_KEY_new_by_curve_name(int nid);
#      |                               ^~~~~~~~~~~~~~~~~~~~~~~~
#  222|   				cm_log(1, "Trying with a smaller key.\n");
#  223|   				ecurve = NID_X9_62_prime256v1;
#  224|-> 				ec = EC_KEY_new_by_curve_name(ecurve);
#  225|   				break;
#  226|   			}

Error: COMPILER_WARNING (CWE-477): [#def594]
certmonger-0.79.21/src/keygen-o.c:224:33: warning[-Wdeprecated-declarations]: ‘EC_KEY_new_by_curve_name’ is deprecated: Since OpenSSL 3.0
#  222|   				cm_log(1, "Trying with a smaller key.\n");
#  223|   				ecurve = NID_X9_62_prime256v1;
#  224|-> 				ec = EC_KEY_new_by_curve_name(ecurve);
#  225|   				break;
#  226|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def595]
certmonger-0.79.21/src/keygen-o.c:224:38: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:213:24: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:214:25: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:224:38: throw: if ‘EC_KEY_new_by_curve_name’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:224:38: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/36/codeFlows/0/threadFlows/0/locations/0)
#  222|   				cm_log(1, "Trying with a smaller key.\n");
#  223|   				ecurve = NID_X9_62_prime256v1;
#  224|-> 				ec = EC_KEY_new_by_curve_name(ecurve);
#  225|   				break;
#  226|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def596]
certmonger-0.79.21/src/keygen-o.c:229:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:228:20: branch_true: following ‘true’ branch (when ‘ec’ is NULL)...
certmonger-0.79.21/src/keygen-o.c:229:25: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:229:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:229:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/37/codeFlows/0/threadFlows/0/locations/0)
#  227|   		}
#  228|   		if (ec == NULL) {
#  229|-> 			cm_log(1, "Error allocating new EC key.\n");
#  230|   			_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  231|   		}

Error: COMPILER_WARNING (CWE-477): [#def597]
certmonger-0.79.21/src/keygen-o.c:232:17: warning[-Wdeprecated-declarations]: ‘EC_KEY_generate_key’ is deprecated: Since OpenSSL 3.0
#  232 |                 if (EC_KEY_generate_key(ec) != 1) {
#      |                 ^~
/usr/include/openssl/ec.h:1120:27: note: declared here
# 1120 | OSSL_DEPRECATEDIN_3_0 int EC_KEY_generate_key(EC_KEY *key);
#      |                           ^~~~~~~~~~~~~~~~~~~
#  230|   			_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  231|   		}
#  232|-> 		if (EC_KEY_generate_key(ec) != 1) {
#  233|   			cm_log(1, "Error generating key.\n");
#  234|   			_exit(CM_SUB_STATUS_INTERNAL_ERROR);

Error: COMPILER_WARNING (CWE-477): [#def598]
certmonger-0.79.21/src/keygen-o.c:232:17: warning[-Wdeprecated-declarations]: ‘EC_KEY_generate_key’ is deprecated: Since OpenSSL 3.0
#  230|   			_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  231|   		}
#  232|-> 		if (EC_KEY_generate_key(ec) != 1) {
#  233|   			cm_log(1, "Error generating key.\n");
#  234|   			_exit(CM_SUB_STATUS_INTERNAL_ERROR);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def599]
certmonger-0.79.21/src/keygen-o.c:232:21: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:228:20: branch_false: following ‘false’ branch (when ‘ec’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:232:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:232:21: throw: if ‘EC_KEY_generate_key’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:232:21: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/38/codeFlows/0/threadFlows/0/locations/0)
#  230|   			_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  231|   		}
#  232|-> 		if (EC_KEY_generate_key(ec) != 1) {
#  233|   			cm_log(1, "Error generating key.\n");
#  234|   			_exit(CM_SUB_STATUS_INTERNAL_ERROR);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def600]
certmonger-0.79.21/src/keygen-o.c:233:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:228:20: branch_false: following ‘false’ branch (when ‘ec’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:232:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:232:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:233:25: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:233:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:233:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/39/codeFlows/0/threadFlows/0/locations/0)
#  231|   		}
#  232|   		if (EC_KEY_generate_key(ec) != 1) {
#  233|-> 			cm_log(1, "Error generating key.\n");
#  234|   			_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  235|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def601]
certmonger-0.79.21/src/keygen-o.c:236:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:228:20: branch_false: following ‘false’ branch (when ‘ec’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:232:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:232:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:236:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:236:17: throw: if ‘EC_KEY_set_asn1_flag’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:236:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/40/codeFlows/0/threadFlows/0/locations/0)
#  234|   			_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  235|   		}
#  236|-> 		EC_KEY_set_asn1_flag(ec, OPENSSL_EC_NAMED_CURVE);
#  237|   		EVP_PKEY_set1_EC_KEY(pkey, ec);
#  238|   		break;

Error: COMPILER_WARNING (CWE-477): [#def602]
certmonger-0.79.21/src/keygen-o.c:236:17: warning[-Wdeprecated-declarations]: ‘EC_KEY_set_asn1_flag’ is deprecated: Since OpenSSL 3.0
#  236 |                 EC_KEY_set_asn1_flag(ec, OPENSSL_EC_NAMED_CURVE);
#      |                 ^~~~~~~~~~~~~~~~~~~~
/usr/include/openssl/ec.h:1106:28: note: declared here
# 1106 | OSSL_DEPRECATEDIN_3_0 void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
#      |                            ^~~~~~~~~~~~~~~~~~~~
#  234|   			_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  235|   		}
#  236|-> 		EC_KEY_set_asn1_flag(ec, OPENSSL_EC_NAMED_CURVE);
#  237|   		EVP_PKEY_set1_EC_KEY(pkey, ec);
#  238|   		break;

Error: COMPILER_WARNING (CWE-477): [#def603]
certmonger-0.79.21/src/keygen-o.c:236:17: warning[-Wdeprecated-declarations]: ‘EC_KEY_set_asn1_flag’ is deprecated: Since OpenSSL 3.0
#  234|   			_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  235|   		}
#  236|-> 		EC_KEY_set_asn1_flag(ec, OPENSSL_EC_NAMED_CURVE);
#  237|   		EVP_PKEY_set1_EC_KEY(pkey, ec);
#  238|   		break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def604]
certmonger-0.79.21/src/keygen-o.c:237:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:228:20: branch_false: following ‘false’ branch (when ‘ec’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:232:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:232:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:236:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:237:17: throw: if ‘EVP_PKEY_set1_EC_KEY’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:237:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/41/codeFlows/0/threadFlows/0/locations/0)
#  235|   		}
#  236|   		EC_KEY_set_asn1_flag(ec, OPENSSL_EC_NAMED_CURVE);
#  237|-> 		EVP_PKEY_set1_EC_KEY(pkey, ec);
#  238|   		break;
#  239|   #endif

Error: COMPILER_WARNING (CWE-477): [#def605]
certmonger-0.79.21/src/keygen-o.c:237:17: warning[-Wdeprecated-declarations]: ‘EVP_PKEY_set1_EC_KEY’ is deprecated: Since OpenSSL 3.0
#  237 |                 EVP_PKEY_set1_EC_KEY(pkey, ec);
#      |                 ^~~~~~~~~~~~~~~~~~~~
/usr/include/openssl/evp.h:1440:5: note: declared here
# 1440 | int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, struct ec_key_st *key);
#      |     ^~~~~~~~~~~~~~~~~~~~
#  235|   		}
#  236|   		EC_KEY_set_asn1_flag(ec, OPENSSL_EC_NAMED_CURVE);
#  237|-> 		EVP_PKEY_set1_EC_KEY(pkey, ec);
#  238|   		break;
#  239|   #endif

Error: COMPILER_WARNING (CWE-477): [#def606]
certmonger-0.79.21/src/keygen-o.c:237:17: warning[-Wdeprecated-declarations]: ‘EVP_PKEY_set1_EC_KEY’ is deprecated: Since OpenSSL 3.0
#  235|   		}
#  236|   		EC_KEY_set_asn1_flag(ec, OPENSSL_EC_NAMED_CURVE);
#  237|-> 		EVP_PKEY_set1_EC_KEY(pkey, ec);
#  238|   		break;
#  239|   #endif

Error: GCC_ANALYZER_WARNING (CWE-401): [#def607]
certmonger-0.79.21/src/keygen-o.c:241:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:241:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:241:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/42/codeFlows/0/threadFlows/0/locations/0)
#  239|   #endif
#  240|   	default:
#  241|-> 		cm_log(1, "Unknown or unsupported key type.\n");
#  242|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  243|   		break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def608]
certmonger-0.79.21/src/keygen-o.c:248:17: warning[-Wanalyzer-malloc-leak]: leak of ‘filename’
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:246:20: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:248:17: throw: if ‘open’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:248:17: danger: ‘filename’ leaks here; was allocated at [(13)](sarif:/runs/0/results/44/codeFlows/0/threadFlows/0/locations/12)
#  246|   	filename = strdup(entry->cm_key_storage_location);
#  247|   	marker = "";
#  248|-> 	keyfd = open(filename, O_RDWR | O_CREAT | O_EXCL, S_IRUSR | S_IWUSR);
#  249|   	if (keyfd != -1) {
#  250|   		fp = fdopen(keyfd, "w");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def609]
certmonger-0.79.21/src/keygen-o.c:248:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:248:17: throw: if ‘open’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:248:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/45/codeFlows/0/threadFlows/0/locations/0)
#  246|   	filename = strdup(entry->cm_key_storage_location);
#  247|   	marker = "";
#  248|-> 	keyfd = open(filename, O_RDWR | O_CREAT | O_EXCL, S_IRUSR | S_IWUSR);
#  249|   	if (keyfd != -1) {
#  250|   		fp = fdopen(keyfd, "w");

Error: GCC_ANALYZER_WARNING (CWE-688): [#def610]
certmonger-0.79.21/src/keygen-o.c:248:17: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘filename’ where non-null expected
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:246:20: acquire_memory: this call could return NULL
certmonger-0.79.21/src/keygen-o.c:248:17: danger: argument 1 (‘filename’) from [(13)](sarif:/runs/0/results/43/codeFlows/0/threadFlows/0/locations/12) could be NULL where non-null expected
#  246|   	filename = strdup(entry->cm_key_storage_location);
#  247|   	marker = "";
#  248|-> 	keyfd = open(filename, O_RDWR | O_CREAT | O_EXCL, S_IRUSR | S_IWUSR);
#  249|   	if (keyfd != -1) {
#  250|   		fp = fdopen(keyfd, "w");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def611]
certmonger-0.79.21/src/keygen-o.c:255:33: warning[-Wanalyzer-malloc-leak]: leak of ‘filename’
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:246:20: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:249:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:249:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:252:24: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:255:33: throw: if ‘open’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:255:33: danger: ‘filename’ leaks here; was allocated at [(13)](sarif:/runs/0/results/47/codeFlows/0/threadFlows/0/locations/12)
#  253|   			/* Check if there's also a permissions problem, which
#  254|   			 * we care about more than getting the naming right. */
#  255|-> 			keyfd = open(filename, O_RDWR, S_IRUSR | S_IWUSR);
#  256|   			if (keyfd == -1) {
#  257|   				switch (errno) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def612]
certmonger-0.79.21/src/keygen-o.c:255:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:249:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:249:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:252:24: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:255:33: throw: if ‘open’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:255:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/46/codeFlows/0/threadFlows/0/locations/0)
#  253|   			/* Check if there's also a permissions problem, which
#  254|   			 * we care about more than getting the naming right. */
#  255|-> 			keyfd = open(filename, O_RDWR, S_IRUSR | S_IWUSR);
#  256|   			if (keyfd == -1) {
#  257|   				switch (errno) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def613]
certmonger-0.79.21/src/keygen-o.c:267:33: warning[-Wanalyzer-malloc-leak]: leak of ‘filename’
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:246:20: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:249:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:249:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:252:24: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:256:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:266:46: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:267:33: throw: if ‘close’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:267:33: danger: ‘filename’ leaks here; was allocated at [(13)](sarif:/runs/0/results/49/codeFlows/0/threadFlows/0/locations/12)
#  265|   			} else {
#  266|   				errno_save = errno;
#  267|-> 				close(keyfd);
#  268|   				errno = errno_save;
#  269|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def614]
certmonger-0.79.21/src/keygen-o.c:267:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:249:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:249:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:252:24: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:256:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:266:46: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:267:33: throw: if ‘close’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:267:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/48/codeFlows/0/threadFlows/0/locations/0)
#  265|   			} else {
#  266|   				errno_save = errno;
#  267|-> 				close(keyfd);
#  268|   				errno = errno_save;
#  269|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def615]
certmonger-0.79.21/src/keygen-o.c:270:25: warning[-Wanalyzer-malloc-leak]: leak of ‘filename’
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:246:20: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:249:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:249:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:252:24: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:256:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:257:41: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:270:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:270:25: danger: ‘filename’ leaks here; was allocated at [(13)](sarif:/runs/0/results/50/codeFlows/0/threadFlows/0/locations/12)
#  268|   				errno = errno_save;
#  269|   			}
#  270|-> 			cm_log(1,
#  271|   			       "Error opening key file \"%s\" "
#  272|   			       "for writing: %s.\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def616]
certmonger-0.79.21/src/keygen-o.c:270:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:249:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:249:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:252:24: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:256:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:257:41: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:270:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:270:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/51/codeFlows/0/threadFlows/0/locations/0)
#  268|   				errno = errno_save;
#  269|   			}
#  270|-> 			cm_log(1,
#  271|   			       "Error opening key file \"%s\" "
#  272|   			       "for writing: %s.\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def617]
certmonger-0.79.21/src/keygen-o.c:276:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:96:1: enter_function: entry to ‘cm_keygen_o_main’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:249:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:249:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:252:24: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:256:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:257:41: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:275:36: call_function: calling ‘make_filename’ from ‘cm_keygen_o_main’
certmonger-0.79.21/src/keygen-o.c:275:36: return_function: returning to ‘cm_keygen_o_main’ from ‘make_filename’
certmonger-0.79.21/src/keygen-o.c:276:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:276:25: danger: ‘status’ leaks here; was allocated at [(2)](sarif:/runs/0/results/52/codeFlows/0/threadFlows/0/locations/1)
#  274|   			free(filename);
#  275|   			filename = make_filename(entry->cm_key_storage_location, &marker);
#  276|-> 			cm_log(1,
#  277|   			       "Attempting to open key file \"%s\" "
#  278|   			       "for writing.\n", filename);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def618]
certmonger-0.79.21/src/keygen-o.c:279:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:96:1: enter_function: entry to ‘cm_keygen_o_main’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:249:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:249:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:252:24: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:256:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:257:41: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:275:36: call_function: calling ‘make_filename’ from ‘cm_keygen_o_main’
certmonger-0.79.21/src/keygen-o.c:275:36: return_function: returning to ‘cm_keygen_o_main’ from ‘make_filename’
certmonger-0.79.21/src/keygen-o.c:279:33: throw: if ‘open’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:279:33: danger: ‘status’ leaks here; was allocated at [(2)](sarif:/runs/0/results/53/codeFlows/0/threadFlows/0/locations/1)
#  277|   			       "Attempting to open key file \"%s\" "
#  278|   			       "for writing.\n", filename);
#  279|-> 			keyfd = open(filename, O_RDWR | O_CREAT | O_EXCL, S_IRUSR | S_IWUSR);
#  280|   		}
#  281|   		if (keyfd == -1) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def619]
certmonger-0.79.21/src/keygen-o.c:288:33: warning[-Wanalyzer-malloc-leak]: leak of ‘filename’
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:246:20: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:249:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:249:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:252:24: branch_true: following ‘true’ branch (when ‘keyfd == -1’)...
certmonger-0.79.21/src/keygen-o.c:252:42: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:252:24: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:281:20: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:281:20: branch_true: following ‘true’ branch (when ‘keyfd == -1’)...
certmonger-0.79.21/src/keygen-o.c:282:33: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:288:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:288:33: danger: ‘filename’ leaks here; was allocated at [(13)](sarif:/runs/0/results/54/codeFlows/0/threadFlows/0/locations/12)
#  286|   				break;
#  287|   			default:
#  288|-> 				cm_log(1,
#  289|   				       "Error opening key file \"%s\" "
#  290|   				       "for writing: %s.\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def620]
certmonger-0.79.21/src/keygen-o.c:288:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:249:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:249:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:252:24: branch_true: following ‘true’ branch (when ‘keyfd == -1’)...
certmonger-0.79.21/src/keygen-o.c:252:42: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:252:24: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:281:20: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:281:20: branch_true: following ‘true’ branch (when ‘keyfd == -1’)...
certmonger-0.79.21/src/keygen-o.c:282:33: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:288:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:288:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/55/codeFlows/0/threadFlows/0/locations/0)
#  286|   				break;
#  287|   			default:
#  288|-> 				cm_log(1,
#  289|   				       "Error opening key file \"%s\" "
#  290|   				       "for writing: %s.\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def621]
certmonger-0.79.21/src/keygen-o.c:301:25: warning[-Wanalyzer-malloc-leak]: leak of ‘filename’
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:246:20: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:249:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:250:22: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:298:12: branch_true: following ‘true’ branch (when ‘fp’ is NULL)...
certmonger-0.79.21/src/keygen-o.c:299:21: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:299:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:301:25: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:301:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:301:25: danger: ‘filename’ leaks here; was allocated at [(13)](sarif:/runs/0/results/56/codeFlows/0/threadFlows/0/locations/12)
#  299|   		if (errno != ENOENT) {
#  300|   			error = errno;
#  301|-> 			cm_log(1,
#  302|   			       "Error opening key file \"%s\" "
#  303|   			       "for writing: %s.\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def622]
certmonger-0.79.21/src/keygen-o.c:301:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:249:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:250:22: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:298:12: branch_true: following ‘true’ branch (when ‘fp’ is NULL)...
certmonger-0.79.21/src/keygen-o.c:299:21: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:299:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:301:25: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:301:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:301:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/57/codeFlows/0/threadFlows/0/locations/0)
#  299|   		if (errno != ENOENT) {
#  300|   			error = errno;
#  301|-> 			cm_log(1,
#  302|   			       "Error opening key file \"%s\" "
#  303|   			       "for writing: %s.\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def623]
certmonger-0.79.21/src/keygen-o.c:316:9: warning[-Wanalyzer-malloc-leak]: leak of ‘filename’
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:246:20: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:249:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:250:22: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:298:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:316:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:316:9: throw: if ‘util_set_fd_entry_key_owner’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:316:9: danger: ‘filename’ leaks here; was allocated at [(13)](sarif:/runs/0/results/58/codeFlows/0/threadFlows/0/locations/12)
#  314|   		_exit(CM_SUB_STATUS_ERROR_INITIALIZING);
#  315|   	}
#  316|-> 	util_set_fd_entry_key_owner(keyfd, filename, entry);
#  317|   	free(filename);
#  318|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def624]
certmonger-0.79.21/src/keygen-o.c:316:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:249:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:250:22: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:250:22: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:298:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:316:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:316:9: throw: if ‘util_set_fd_entry_key_owner’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:316:9: danger: ‘fp’ leaks here; was allocated at [(15)](sarif:/runs/0/results/60/codeFlows/0/threadFlows/0/locations/14)
#  314|   		_exit(CM_SUB_STATUS_ERROR_INITIALIZING);
#  315|   	}
#  316|-> 	util_set_fd_entry_key_owner(keyfd, filename, entry);
#  317|   	free(filename);
#  318|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def625]
certmonger-0.79.21/src/keygen-o.c:316:9: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:249:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:250:22: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:298:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:316:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:316:9: throw: if ‘util_set_fd_entry_key_owner’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:316:9: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/59/codeFlows/0/threadFlows/0/locations/0)
#  314|   		_exit(CM_SUB_STATUS_ERROR_INITIALIZING);
#  315|   	}
#  316|-> 	util_set_fd_entry_key_owner(keyfd, filename, entry);
#  317|   	free(filename);
#  318|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def626]
certmonger-0.79.21/src/keygen-o.c:319:13: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:249:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:250:22: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:250:22: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:298:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:316:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:319:13: throw: if ‘cm_pin_read_for_key’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:319:13: danger: ‘fp’ leaks here; was allocated at [(13)](sarif:/runs/0/results/62/codeFlows/0/threadFlows/0/locations/12)
#  317|   	free(filename);
#  318|   
#  319|-> 	if (cm_pin_read_for_key(entry, &pin) != 0) {
#  320|   		cm_log(1, "Error reading key encryption PIN.\n");
#  321|   		_exit(CM_SUB_STATUS_ERROR_AUTH);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def627]
certmonger-0.79.21/src/keygen-o.c:319:13: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:249:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:250:22: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:298:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:316:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:319:13: throw: if ‘cm_pin_read_for_key’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:319:13: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/61/codeFlows/0/threadFlows/0/locations/0)
#  317|   	free(filename);
#  318|   
#  319|-> 	if (cm_pin_read_for_key(entry, &pin) != 0) {
#  320|   		cm_log(1, "Error reading key encryption PIN.\n");
#  321|   		_exit(CM_SUB_STATUS_ERROR_AUTH);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def628]
certmonger-0.79.21/src/keygen-o.c:320:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:249:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:250:22: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:250:22: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:298:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:316:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:319:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:320:17: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:320:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:320:17: danger: ‘fp’ leaks here; was allocated at [(13)](sarif:/runs/0/results/64/codeFlows/0/threadFlows/0/locations/12)
#  318|   
#  319|   	if (cm_pin_read_for_key(entry, &pin) != 0) {
#  320|-> 		cm_log(1, "Error reading key encryption PIN.\n");
#  321|   		_exit(CM_SUB_STATUS_ERROR_AUTH);
#  322|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def629]
certmonger-0.79.21/src/keygen-o.c:320:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:249:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:250:22: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:298:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:316:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:319:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:320:17: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:320:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:320:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/63/codeFlows/0/threadFlows/0/locations/0)
#  318|   
#  319|   	if (cm_pin_read_for_key(entry, &pin) != 0) {
#  320|-> 		cm_log(1, "Error reading key encryption PIN.\n");
#  321|   		_exit(CM_SUB_STATUS_ERROR_AUTH);
#  322|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def630]
certmonger-0.79.21/src/keygen-o.c:327:13: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:249:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:250:22: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:250:22: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:298:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:316:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:319:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:324:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:327:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:327:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:327:13: throw: if ‘PEM_write_PKCS8PrivateKey’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:327:13: danger: ‘fp’ leaks here; was allocated at [(13)](sarif:/runs/0/results/66/codeFlows/0/threadFlows/0/locations/12)
#  325|   	cb_data.entry = entry;
#  326|   	cb_data.n_attempts = 0;
#  327|-> 	if (PEM_write_PKCS8PrivateKey(fp, pkey,
#  328|   				      pin ? cm_prefs_ossl_cipher() : NULL,
#  329|   				      NULL, 0,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def631]
certmonger-0.79.21/src/keygen-o.c:327:13: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:249:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:250:22: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:298:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:316:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:319:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:324:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:327:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:327:13: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:327:13: throw: if ‘PEM_write_PKCS8PrivateKey’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:327:13: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/65/codeFlows/0/threadFlows/0/locations/0)
#  325|   	cb_data.entry = entry;
#  326|   	cb_data.n_attempts = 0;
#  327|-> 	if (PEM_write_PKCS8PrivateKey(fp, pkey,
#  328|   				      pin ? cm_prefs_ossl_cipher() : NULL,
#  329|   				      NULL, 0,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def632]
certmonger-0.79.21/src/keygen-o.c:328:45: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:249:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:250:22: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:250:22: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:298:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:316:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:319:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:324:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:327:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:328:45: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:328:45: throw: if ‘cm_prefs_ossl_cipher’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:328:45: danger: ‘fp’ leaks here; was allocated at [(13)](sarif:/runs/0/results/68/codeFlows/0/threadFlows/0/locations/12)
#  326|   	cb_data.n_attempts = 0;
#  327|   	if (PEM_write_PKCS8PrivateKey(fp, pkey,
#  328|-> 				      pin ? cm_prefs_ossl_cipher() : NULL,
#  329|   				      NULL, 0,
#  330|   				      cm_pin_read_for_key_ossl_cb,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def633]
certmonger-0.79.21/src/keygen-o.c:328:45: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:249:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:250:22: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:298:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:316:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:319:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:324:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:327:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:328:45: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:328:45: throw: if ‘cm_prefs_ossl_cipher’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:328:45: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/67/codeFlows/0/threadFlows/0/locations/0)
#  326|   	cb_data.n_attempts = 0;
#  327|   	if (PEM_write_PKCS8PrivateKey(fp, pkey,
#  328|-> 				      pin ? cm_prefs_ossl_cipher() : NULL,
#  329|   				      NULL, 0,
#  330|   				      cm_pin_read_for_key_ossl_cb,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def634]
certmonger-0.79.21/src/keygen-o.c:333:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:298:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:316:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:319:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:324:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:327:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:332:30: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:333:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:333:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/69/codeFlows/0/threadFlows/0/locations/0)
#  331|   				      &cb_data) == 0) {
#  332|   		errno_save = errno;
#  333|-> 		cm_log(1, "Error storing key.\n");
#  334|   		while ((error = ERR_get_error()) != 0) {
#  335|   			ERR_error_string_n(error, buf, sizeof(buf));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def635]
certmonger-0.79.21/src/keygen-o.c:334:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:298:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:316:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:319:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:324:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:327:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:332:30: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:334:33: throw: if ‘ERR_get_error’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:334:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/70/codeFlows/0/threadFlows/0/locations/0)
#  332|   		errno_save = errno;
#  333|   		cm_log(1, "Error storing key.\n");
#  334|-> 		while ((error = ERR_get_error()) != 0) {
#  335|   			ERR_error_string_n(error, buf, sizeof(buf));
#  336|   			cm_log(1, "%s\n", buf);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def636]
certmonger-0.79.21/src/keygen-o.c:335:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:298:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:316:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:319:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:324:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:327:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:332:30: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:334:24: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:335:25: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:335:25: throw: if ‘ERR_error_string_n’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:335:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/71/codeFlows/0/threadFlows/0/locations/0)
#  333|   		cm_log(1, "Error storing key.\n");
#  334|   		while ((error = ERR_get_error()) != 0) {
#  335|-> 			ERR_error_string_n(error, buf, sizeof(buf));
#  336|   			cm_log(1, "%s\n", buf);
#  337|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def637]
certmonger-0.79.21/src/keygen-o.c:336:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:298:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:316:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:319:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:324:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:327:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:332:30: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:334:24: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:335:25: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:336:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:336:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/72/codeFlows/0/threadFlows/0/locations/0)
#  334|   		while ((error = ERR_get_error()) != 0) {
#  335|   			ERR_error_string_n(error, buf, sizeof(buf));
#  336|-> 			cm_log(1, "%s\n", buf);
#  337|   		}
#  338|   		switch (errno_save) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def638]
certmonger-0.79.21/src/keygen-o.c:349:15: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:298:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:316:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:319:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:324:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:327:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:349:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:349:15: throw: if ‘i2d_PUBKEY’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:349:15: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/73/codeFlows/0/threadFlows/0/locations/0)
#  347|   	}
#  348|   	pubihex = "";
#  349|-> 	len = i2d_PUBKEY(pkey, NULL);
#  350|   	if (len > 0) {
#  351|   		p = malloc(len);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def639]
certmonger-0.79.21/src/keygen-o.c:354:29: warning[-Wanalyzer-malloc-leak]: leak of ‘q’
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:298:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:316:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:319:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:324:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:327:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:349:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:350:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:351:21: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:351:21: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:352:20: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:353:25: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:354:29: throw: if ‘i2d_PUBKEY’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:354:29: danger: ‘q’ leaks here; was allocated at [(19)](sarif:/runs/0/results/74/codeFlows/0/threadFlows/0/locations/18)
#  352|   		if (p != NULL) {
#  353|   			q = p;
#  354|-> 			if (i2d_PUBKEY(pkey, &q) == len) {
#  355|   				pubihex = cm_store_hex_from_bin(NULL, p, q - p);
#  356|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def640]
certmonger-0.79.21/src/keygen-o.c:354:29: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:298:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:316:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:319:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:324:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:327:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:349:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:350:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:351:21: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:352:20: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:353:25: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:354:29: throw: if ‘i2d_PUBKEY’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:354:29: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/75/codeFlows/0/threadFlows/0/locations/0)
#  352|   		if (p != NULL) {
#  353|   			q = p;
#  354|-> 			if (i2d_PUBKEY(pkey, &q) == len) {
#  355|   				pubihex = cm_store_hex_from_bin(NULL, p, q - p);
#  356|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def641]
certmonger-0.79.21/src/keygen-o.c:355:43: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:298:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:316:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:319:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:324:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:327:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:349:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:350:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:351:21: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:352:20: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:353:25: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:354:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:355:74: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:355:43: throw: if ‘cm_store_hex_from_bin’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:355:43: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/76/codeFlows/0/threadFlows/0/locations/0)
#  353|   			q = p;
#  354|   			if (i2d_PUBKEY(pkey, &q) == len) {
#  355|-> 				pubihex = cm_store_hex_from_bin(NULL, p, q - p);
#  356|   			}
#  357|   			free(p);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def642]
certmonger-0.79.21/src/keygen-o.c:361:15: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:298:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:316:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:319:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:324:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:327:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:349:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:361:15: throw: if ‘i2d_PublicKey’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:361:15: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/77/codeFlows/0/threadFlows/0/locations/0)
#  359|   	}
#  360|   	pubhex = "";
#  361|-> 	len = i2d_PublicKey(pkey, NULL);
#  362|   	if (len > 0) {
#  363|   		p = malloc(len);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def643]
certmonger-0.79.21/src/keygen-o.c:366:29: warning[-Wanalyzer-malloc-leak]: leak of ‘q’
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:298:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:316:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:319:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:324:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:327:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:349:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:362:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:363:21: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:363:21: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:364:20: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:365:25: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:366:29: throw: if ‘i2d_PublicKey’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:366:29: danger: ‘q’ leaks here; was allocated at [(19)](sarif:/runs/0/results/78/codeFlows/0/threadFlows/0/locations/18)
#  364|   		if (p != NULL) {
#  365|   			q = p;
#  366|-> 			if (i2d_PublicKey(pkey, &q) == len) {
#  367|   				pubhex = cm_store_hex_from_bin(NULL, p, q - p);
#  368|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def644]
certmonger-0.79.21/src/keygen-o.c:366:29: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:298:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:316:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:319:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:324:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:327:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:349:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:362:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:363:21: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:364:20: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:365:25: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:366:29: throw: if ‘i2d_PublicKey’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:366:29: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/79/codeFlows/0/threadFlows/0/locations/0)
#  364|   		if (p != NULL) {
#  365|   			q = p;
#  366|-> 			if (i2d_PublicKey(pkey, &q) == len) {
#  367|   				pubhex = cm_store_hex_from_bin(NULL, p, q - p);
#  368|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def645]
certmonger-0.79.21/src/keygen-o.c:367:42: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/keygen-o.c:121:18: acquire_memory: allocated here
certmonger-0.79.21/src/keygen-o.c:122:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:125:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:136:12: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:147:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:150:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:154:17: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:156:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:160:21: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:298:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:316:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:319:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:324:9: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:327:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keygen-o.c:349:15: branch_false: ...to here
certmonger-0.79.21/src/keygen-o.c:362:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:363:21: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:364:20: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/keygen-o.c:365:25: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:366:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keygen-o.c:367:73: branch_true: ...to here
certmonger-0.79.21/src/keygen-o.c:367:42: throw: if ‘cm_store_hex_from_bin’ throws an exception...
certmonger-0.79.21/src/keygen-o.c:367:42: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/80/codeFlows/0/threadFlows/0/locations/0)
#  365|   			q = p;
#  366|   			if (i2d_PublicKey(pkey, &q) == len) {
#  367|-> 				pubhex = cm_store_hex_from_bin(NULL, p, q - p);
#  368|   			}
#  369|   			free(p);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def646]
certmonger-0.79.21/src/keyiread-n.c:90:15: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-n.c:486:1: enter_function: entry to ‘cm_keyiread_n_main’
certmonger-0.79.21/src/keyiread-n.c:500:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-n.c:501:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-n.c:508:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-n.c:509:16: call_function: calling ‘cm_keyiread_n_get_keys’ from ‘cm_keyiread_n_main’
#   88|   
#   89|   	/* Open the database. */
#   90|-> 	ctx = NSS_InitContext(entry->cm_key_storage_location,
#   91|   			      NULL, NULL, NULL, NULL,
#   92|   			      (readwrite ? 0 : NSS_INIT_READONLY) |

Error: GCC_ANALYZER_WARNING (CWE-401): [#def647]
certmonger-0.79.21/src/keyiread-n.c:96:22: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-n.c:486:1: enter_function: entry to ‘cm_keyiread_n_main’
certmonger-0.79.21/src/keyiread-n.c:500:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-n.c:501:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-n.c:508:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-n.c:509:16: call_function: calling ‘cm_keyiread_n_get_keys’ from ‘cm_keyiread_n_main’
#   94|   			      NSS_INIT_NOMODDB);
#   95|   	if (ctx == NULL) {
#   96|-> 		ec = PORT_GetError();
#   97|   		if (ec != 0) {
#   98|   			es = PR_ErrorToName(ec);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def648]
certmonger-0.79.21/src/keyiread-n.c:98:30: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-n.c:486:1: enter_function: entry to ‘cm_keyiread_n_main’
certmonger-0.79.21/src/keyiread-n.c:500:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-n.c:501:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-n.c:508:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-n.c:509:16: call_function: calling ‘cm_keyiread_n_get_keys’ from ‘cm_keyiread_n_main’
#   96|   		ec = PORT_GetError();
#   97|   		if (ec != 0) {
#   98|-> 			es = PR_ErrorToName(ec);
#   99|   		} else {
#  100|   			es = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def649]
certmonger-0.79.21/src/keyiread-n.c:103:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-n.c:486:1: enter_function: entry to ‘cm_keyiread_n_main’
certmonger-0.79.21/src/keyiread-n.c:500:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-n.c:501:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-n.c:508:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-n.c:509:16: call_function: calling ‘cm_keyiread_n_get_keys’ from ‘cm_keyiread_n_main’
#  101|   		}
#  102|   		if (es != NULL) {
#  103|-> 			cm_log(1, "Unable to open NSS database '%s': %s.\n",
#  104|   			       entry->cm_key_storage_location, es);
#  105|   		} else {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def650]
certmonger-0.79.21/src/keyiread-n.c:106:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-n.c:486:1: enter_function: entry to ‘cm_keyiread_n_main’
certmonger-0.79.21/src/keyiread-n.c:500:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-n.c:501:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-n.c:508:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-n.c:509:16: call_function: calling ‘cm_keyiread_n_get_keys’ from ‘cm_keyiread_n_main’
#  104|   			       entry->cm_key_storage_location, es);
#  105|   		} else {
#  106|-> 			cm_log(1, "Unable to open NSS database '%s'.\n",
#  107|   			       entry->cm_key_storage_location);
#  108|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def651]
certmonger-0.79.21/src/keyiread-n.c:109:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-n.c:486:1: enter_function: entry to ‘cm_keyiread_n_main’
certmonger-0.79.21/src/keyiread-n.c:500:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-n.c:501:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-n.c:508:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-n.c:509:16: call_function: calling ‘cm_keyiread_n_get_keys’ from ‘cm_keyiread_n_main’
#  107|   			       entry->cm_key_storage_location);
#  108|   		}
#  109|-> 		switch (PORT_GetError()) {
#  110|   		case PR_NO_ACCESS_RIGHTS_ERROR:
#  111|   			_exit(CM_SUB_STATUS_ERROR_PERMS);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def652]
certmonger-0.79.21/src/keyiread-n.c:118:13: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-n.c:486:1: enter_function: entry to ‘cm_keyiread_n_main’
certmonger-0.79.21/src/keyiread-n.c:500:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-n.c:501:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-n.c:508:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-n.c:509:16: call_function: calling ‘cm_keyiread_n_get_keys’ from ‘cm_keyiread_n_main’
#  116|   		}
#  117|   	}
#  118|-> 	if (NSS_ShutdownContext(ctx) != SECSuccess) {
#  119|   		cm_log(0, "Error shutting down NSS.\n");
#  120|   		_exit(1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def653]
certmonger-0.79.21/src/keyiread-n.c:119:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-n.c:486:1: enter_function: entry to ‘cm_keyiread_n_main’
certmonger-0.79.21/src/keyiread-n.c:500:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-n.c:501:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-n.c:508:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-n.c:509:16: call_function: calling ‘cm_keyiread_n_get_keys’ from ‘cm_keyiread_n_main’
#  117|   	}
#  118|   	if (NSS_ShutdownContext(ctx) != SECSuccess) {
#  119|-> 		cm_log(0, "Error shutting down NSS.\n");
#  120|   		_exit(1);
#  121|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def654]
certmonger-0.79.21/src/keyiread-n.c:423:44: warning[-Wanalyzer-malloc-leak]: leak of ‘item.data’
certmonger-0.79.21/src/keyiread-n.c:95:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-n.c:118:13: branch_false: ...to here
certmonger-0.79.21/src/keyiread-n.c:118:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-n.c:122:15: branch_false: ...to here
certmonger-0.79.21/src/keyiread-n.c:126:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-n.c:130:18: branch_false: ...to here
certmonger-0.79.21/src/keyiread-n.c:131:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-n.c:137:17: branch_false: ...to here
certmonger-0.79.21/src/keyiread-n.c:138:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-n.c:149:20: branch_false: ...to here
certmonger-0.79.21/src/keyiread-n.c:150:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-n.c:161:9: branch_false: ...to here
certmonger-0.79.21/src/keyiread-n.c:162:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-n.c:166:9: branch_false: ...to here
certmonger-0.79.21/src/keyiread-n.c:176:14: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-n.c:242:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-n.c:252:25: branch_false: ...to here
certmonger-0.79.21/src/keyiread-n.c:253:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-n.c:263:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-n.c:333:26: branch_false: following ‘false’ branch (when ‘key’ is NULL)...
certmonger-0.79.21/src/keyiread-n.c:342:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-n.c:342:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-n.c:343:33: branch_true: ...to here
certmonger-0.79.21/src/keyiread-n.c:347:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-n.c:417:20: branch_false: ...to here
certmonger-0.79.21/src/keyiread-n.c:417:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-n.c:421:37: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-n.c:422:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-n.c:423:44: branch_true: ...to here
certmonger-0.79.21/src/keyiread-n.c:423:44: throw: if ‘cm_store_hex_to_bin’ throws an exception...
certmonger-0.79.21/src/keyiread-n.c:423:44: danger: ‘item.data’ leaks here; was allocated at [(29)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/28)
#  421|   			item.data = malloc(item.len);
#  422|   			if (item.data != NULL) {
#  423|-> 				item.len = cm_store_hex_to_bin(pubhex,
#  424|   							       item.data,
#  425|   							       item.len);

Error: COMPILER_WARNING (CWE-563): [#def655]
certmonger-0.79.21/src/keyiread-n.c: scope_hint: In function ‘cm_keyiread_n_main’
certmonger-0.79.21/src/keyiread-n.c:486:48: warning[-Wunused-parameter]: unused parameter ‘ca’
#  486 | cm_keyiread_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#      |                            ~~~~~~~~~~~~~~~~~~~~^~
#  484|   
#  485|   static int
#  486|-> cm_keyiread_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#  487|   		   void *userdata)
#  488|   {

Error: COMPILER_WARNING (CWE-563): [#def656]
certmonger-0.79.21/src/keyiread-o.c: scope_hint: In function ‘cm_keyiread_o_main’
certmonger-0.79.21/src/keyiread-o.c:55:48: warning[-Wunused-parameter]: unused parameter ‘ca’
#   55 | cm_keyiread_o_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#      |                            ~~~~~~~~~~~~~~~~~~~~^~
#   53|   
#   54|   static int
#   55|-> cm_keyiread_o_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#   56|   		   void *userdata)
#   57|   {

Error: COMPILER_WARNING (CWE-563): [#def657]
certmonger-0.79.21/src/keyiread-o.c:56:26: warning[-Wunused-parameter]: unused parameter ‘userdata’
#   56 |                    void *userdata)
#      |                    ~~~~~~^~~~~~~~
#   54|   static int
#   55|   cm_keyiread_o_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#   56|-> 		   void *userdata)
#   57|   {
#   58|   	struct cm_pin_cb_data cb_data;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def658]
certmonger-0.79.21/src/keyiread-o.c:79:20: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(*entry.cm_key_storage_location, "r")’
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:77:15: acquire_resource: opened here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:79:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:79:20: danger: ‘fopen(*entry.cm_key_storage_location, "r")’ leaks here; was opened at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   77|   	pem = fopen(entry->cm_key_storage_location, "r");
#   78|   	if (pem != NULL) {
#   79|-> 		if (cm_pin_read_for_key(entry, &pin) != 0) {
#   80|   			cm_log(1, "Error reading key encryption PIN.\n");
#   81|   			_exit(CM_SUB_STATUS_ERROR_AUTH);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def659]
certmonger-0.79.21/src/keyiread-o.c:79:20: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(*entry.cm_key_storage_location, "r")’
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:77:15: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:79:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:79:20: danger: ‘fopen(*entry.cm_key_storage_location, "r")’ leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#   77|   	pem = fopen(entry->cm_key_storage_location, "r");
#   78|   	if (pem != NULL) {
#   79|-> 		if (cm_pin_read_for_key(entry, &pin) != 0) {
#   80|   			cm_log(1, "Error reading key encryption PIN.\n");
#   81|   			_exit(CM_SUB_STATUS_ERROR_AUTH);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def660]
certmonger-0.79.21/src/keyiread-o.c:79:21: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(*entry.cm_key_storage_location, "r")’
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:77:15: acquire_resource: opened here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:79:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:79:21: throw: if ‘cm_pin_read_for_key’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:79:21: danger: ‘fopen(*entry.cm_key_storage_location, "r")’ leaks here; was opened at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#   77|   	pem = fopen(entry->cm_key_storage_location, "r");
#   78|   	if (pem != NULL) {
#   79|-> 		if (cm_pin_read_for_key(entry, &pin) != 0) {
#   80|   			cm_log(1, "Error reading key encryption PIN.\n");
#   81|   			_exit(CM_SUB_STATUS_ERROR_AUTH);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def661]
certmonger-0.79.21/src/keyiread-o.c:79:21: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(*entry.cm_key_storage_location, "r")’
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:77:15: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:79:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:79:21: throw: if ‘cm_pin_read_for_key’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:79:21: danger: ‘fopen(*entry.cm_key_storage_location, "r")’ leaks here; was allocated at [(3)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/2)
#   77|   	pem = fopen(entry->cm_key_storage_location, "r");
#   78|   	if (pem != NULL) {
#   79|-> 		if (cm_pin_read_for_key(entry, &pin) != 0) {
#   80|   			cm_log(1, "Error reading key encryption PIN.\n");
#   81|   			_exit(CM_SUB_STATUS_ERROR_AUTH);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def662]
certmonger-0.79.21/src/keyiread-o.c:79:21: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-o.c:72:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:79:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:79:21: throw: if ‘cm_pin_read_for_key’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:79:21: danger: ‘fp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
#   77|   	pem = fopen(entry->cm_key_storage_location, "r");
#   78|   	if (pem != NULL) {
#   79|-> 		if (cm_pin_read_for_key(entry, &pin) != 0) {
#   80|   			cm_log(1, "Error reading key encryption PIN.\n");
#   81|   			_exit(CM_SUB_STATUS_ERROR_AUTH);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def663]
certmonger-0.79.21/src/keyiread-o.c:80:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-o.c:72:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:79:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:79:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:80:25: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:80:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:80:25: danger: ‘fp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/0)
#   78|   	if (pem != NULL) {
#   79|   		if (cm_pin_read_for_key(entry, &pin) != 0) {
#   80|-> 			cm_log(1, "Error reading key encryption PIN.\n");
#   81|   			_exit(CM_SUB_STATUS_ERROR_AUTH);
#   82|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def664]
certmonger-0.79.21/src/keyiread-o.c:86:24: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(*entry.cm_key_storage_location, "r")’
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:77:15: acquire_resource: opened here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:79:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:79:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-o.c:83:17: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:86:24: throw: if ‘PEM_read_PrivateKey’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:86:24: danger: ‘fopen(*entry.cm_key_storage_location, "r")’ leaks here; was opened at [(3)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/2)
#   84|   		cb_data.entry = entry;
#   85|   		cb_data.n_attempts = 0;
#   86|-> 		pkey = PEM_read_PrivateKey(pem, NULL,
#   87|   					   cm_pin_read_for_key_ossl_cb,
#   88|   					   &cb_data);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def665]
certmonger-0.79.21/src/keyiread-o.c:86:24: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(*entry.cm_key_storage_location, "r")’
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:77:15: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:79:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:79:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-o.c:83:17: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:86:24: throw: if ‘PEM_read_PrivateKey’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:86:24: danger: ‘fopen(*entry.cm_key_storage_location, "r")’ leaks here; was allocated at [(3)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/2)
#   84|   		cb_data.entry = entry;
#   85|   		cb_data.n_attempts = 0;
#   86|-> 		pkey = PEM_read_PrivateKey(pem, NULL,
#   87|   					   cm_pin_read_for_key_ossl_cb,
#   88|   					   &cb_data);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def666]
certmonger-0.79.21/src/keyiread-o.c:86:24: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-o.c:72:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:79:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:79:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-o.c:83:17: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:86:24: throw: if ‘PEM_read_PrivateKey’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:86:24: danger: ‘fp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/0)
#   84|   		cb_data.entry = entry;
#   85|   		cb_data.n_attempts = 0;
#   86|-> 		pkey = PEM_read_PrivateKey(pem, NULL,
#   87|   					   cm_pin_read_for_key_ossl_cb,
#   88|   					   &cb_data);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def667]
certmonger-0.79.21/src/keyiread-o.c:90:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-o.c:72:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:79:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:79:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-o.c:83:17: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:89:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:90:25: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:90:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:90:25: danger: ‘fp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/0)
#   88|   					   &cb_data);
#   89|   		if (pkey == NULL) {
#   90|-> 			cm_log(1, "Internal error reading key from \"%s\".\n",
#   91|   			       entry->cm_key_storage_location);
#   92|   			status = CM_SUB_STATUS_ERROR_AUTH; /* XXX */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def668]
certmonger-0.79.21/src/keyiread-o.c:97:33: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-o.c:72:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:79:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:79:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-o.c:83:17: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:89:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-o.c:94:29: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:94:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:95:29: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:94:29: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:96:30: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:94:29: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:97:33: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:97:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:97:33: danger: ‘fp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/0)
#   95|   			    (strlen(pin) > 0) &&
#   96|   			    (cb_data.n_attempts == 0)) {
#   97|-> 				cm_log(1, "PIN was not needed to read private "
#   98|   				       "key '%s', though one was provided. "
#   99|   				       "Treating this as an error.\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def669]
certmonger-0.79.21/src/keyiread-o.c:110:36: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-o.c:72:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:79:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:79:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-o.c:83:17: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:107:20: branch_true: following ‘true’ branch (when ‘status == 0’)...
certmonger-0.79.21/src/keyiread-o.c:108:22: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:107:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:109:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:107:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:110:61: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:110:36: throw: if ‘util_build_next_filename’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:110:36: danger: ‘fp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/0)
#  108|   		    (entry->cm_key_next_marker != NULL) &&
#  109|   		    (strlen(entry->cm_key_next_marker) > 0)) {
#  110|-> 			nextfile = util_build_next_filename(entry->cm_key_storage_location, entry->cm_key_next_marker);
#  111|   			pem = fopen(nextfile, "r");
#  112|   			if (pem != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def670]
certmonger-0.79.21/src/keyiread-o.c:113:44: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(util_build_next_filename(*entry.cm_key_storage_location, *entry.cm_key_next_marker), "r")’
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:79:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:79:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-o.c:83:17: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:107:20: branch_true: following ‘true’ branch (when ‘status == 0’)...
certmonger-0.79.21/src/keyiread-o.c:108:22: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:107:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:109:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:107:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:110:61: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:111:31: acquire_resource: opened here
certmonger-0.79.21/src/keyiread-o.c:112:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:113:44: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:113:44: throw: if ‘PEM_read_PrivateKey’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:113:44: danger: ‘fopen(util_build_next_filename(*entry.cm_key_storage_location, *entry.cm_key_next_marker), "r")’ leaks here; was opened at [(13)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/12)
#  111|   			pem = fopen(nextfile, "r");
#  112|   			if (pem != NULL) {
#  113|-> 				nextpkey = PEM_read_PrivateKey(pem, NULL,
#  114|   							       cm_pin_read_for_key_ossl_cb,
#  115|   							       &cb_data);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def671]
certmonger-0.79.21/src/keyiread-o.c:113:44: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(util_build_next_filename(*entry.cm_key_storage_location, *entry.cm_key_next_marker), "r")’
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:79:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:79:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-o.c:83:17: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:107:20: branch_true: following ‘true’ branch (when ‘status == 0’)...
certmonger-0.79.21/src/keyiread-o.c:108:22: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:107:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:109:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:107:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:110:61: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:111:31: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-o.c:112:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:113:44: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:113:44: throw: if ‘PEM_read_PrivateKey’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:113:44: danger: ‘fopen(util_build_next_filename(*entry.cm_key_storage_location, *entry.cm_key_next_marker), "r")’ leaks here; was allocated at [(13)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/12)
#  111|   			pem = fopen(nextfile, "r");
#  112|   			if (pem != NULL) {
#  113|-> 				nextpkey = PEM_read_PrivateKey(pem, NULL,
#  114|   							       cm_pin_read_for_key_ossl_cb,
#  115|   							       &cb_data);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def672]
certmonger-0.79.21/src/keyiread-o.c:113:44: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-o.c:72:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:79:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:79:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-o.c:83:17: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:107:20: branch_true: following ‘true’ branch (when ‘status == 0’)...
certmonger-0.79.21/src/keyiread-o.c:108:22: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:107:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:109:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:107:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:110:61: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:112:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:113:44: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:113:44: throw: if ‘PEM_read_PrivateKey’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:113:44: danger: ‘fp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/0)
#  111|   			pem = fopen(nextfile, "r");
#  112|   			if (pem != NULL) {
#  113|-> 				nextpkey = PEM_read_PrivateKey(pem, NULL,
#  114|   							       cm_pin_read_for_key_ossl_cb,
#  115|   							       &cb_data);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def673]
certmonger-0.79.21/src/keyiread-o.c:117:41: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-o.c:72:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:79:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:79:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-o.c:83:17: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:107:20: branch_true: following ‘true’ branch (when ‘status == 0’)...
certmonger-0.79.21/src/keyiread-o.c:108:22: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:107:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:109:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:107:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:110:61: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:112:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:113:44: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:116:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:117:41: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:117:41: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:117:41: danger: ‘fp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/0)
#  115|   							       &cb_data);
#  116|   				if (nextpkey == NULL) {
#  117|-> 					cm_log(1, "Internal error reading key from \"%s\".\n",
#  118|   					       nextfile);
#  119|   					status = CM_SUB_STATUS_ERROR_AUTH; /* XXX */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def674]
certmonger-0.79.21/src/keyiread-o.c:124:49: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-o.c:72:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:79:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:79:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-o.c:83:17: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:107:20: branch_true: following ‘true’ branch (when ‘status == 0’)...
certmonger-0.79.21/src/keyiread-o.c:108:22: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:107:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:109:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:107:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:110:61: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:112:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:113:44: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:116:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-o.c:121:45: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:121:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:122:45: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:121:45: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:123:46: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:121:45: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:124:49: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:124:49: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:124:49: danger: ‘fp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/0)
#  122|   					    (strlen(pin) > 0) &&
#  123|   					    (cb_data.n_attempts == 0)) {
#  124|-> 						cm_log(1, "PIN was not needed to read private "
#  125|   						       "key '%s', though one was provided. "
#  126|   						       "Treating this as an error.\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def675]
certmonger-0.79.21/src/keyiread-o.c:133:33: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-o.c:72:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:79:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:79:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-o.c:83:17: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:107:20: branch_true: following ‘true’ branch (when ‘status == 0’)...
certmonger-0.79.21/src/keyiread-o.c:108:22: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:107:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:109:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:107:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:110:61: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:112:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-o.c:135:59: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:133:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:133:33: danger: ‘fp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/0)
#  131|   				fclose(pem);
#  132|   			} else {
#  133|-> 				cm_log(1, "Error opening key file '%s' "
#  134|   				       "for reading: %s.\n",
#  135|   				       nextfile, strerror(errno));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def676]
certmonger-0.79.21/src/keyiread-o.c:142:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-o.c:72:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-o.c:141:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:141:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:142:25: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:142:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:142:25: danger: ‘fp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/0)
#  140|   	} else {
#  141|   		if (errno != ENOENT) {
#  142|-> 			cm_log(1, "Error opening key file '%s' "
#  143|   			       "for reading: %s.\n",
#  144|   			       entry->cm_key_storage_location,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def677]
certmonger-0.79.21/src/keyiread-o.c:155:33: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-o.c:72:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:79:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:79:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-o.c:83:17: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:149:12: branch_true: following ‘true’ branch (when ‘status == 0’)...
certmonger-0.79.21/src/keyiread-o.c:154:20: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:154:20: branch_true: following ‘true’ branch (when ‘pkey’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:155:33: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:155:33: throw: if ‘util_EVP_PKEY_base_id’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:155:33: danger: ‘fp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/0)
#  153|   		pubikey = "";
#  154|   		if (pkey != NULL) {
#  155|-> 			switch (util_EVP_PKEY_base_id(pkey)) {
#  156|   			case EVP_PKEY_RSA:
#  157|   				cm_log(3, "Key is an RSA key.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def678]
certmonger-0.79.21/src/keyiread-o.c:157:33: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-o.c:72:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:79:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:79:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-o.c:83:17: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:149:12: branch_true: following ‘true’ branch (when ‘status == 0’)...
certmonger-0.79.21/src/keyiread-o.c:154:20: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:154:20: branch_true: following ‘true’ branch (when ‘pkey’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:155:33: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:157:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:157:33: danger: ‘fp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/0)
#  155|   			switch (util_EVP_PKEY_base_id(pkey)) {
#  156|   			case EVP_PKEY_RSA:
#  157|-> 				cm_log(3, "Key is an RSA key.\n");
#  158|   				alg = "RSA";
#  159|   				break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def679]
certmonger-0.79.21/src/keyiread-o.c:168:33: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-o.c:72:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:79:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:79:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-o.c:83:17: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:149:12: branch_true: following ‘true’ branch (when ‘status == 0’)...
certmonger-0.79.21/src/keyiread-o.c:154:20: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:154:20: branch_true: following ‘true’ branch (when ‘pkey’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:155:33: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:168:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:168:33: danger: ‘fp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/0)
#  166|   #ifdef CM_ENABLE_EC
#  167|   			case EVP_PKEY_EC:
#  168|-> 				cm_log(3, "Key is an EC key.\n");
#  169|   				alg = "EC";
#  170|   				break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def680]
certmonger-0.79.21/src/keyiread-o.c:173:33: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-o.c:72:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:79:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:79:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-o.c:83:17: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:149:12: branch_true: following ‘true’ branch (when ‘status == 0’)...
certmonger-0.79.21/src/keyiread-o.c:154:20: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:154:20: branch_true: following ‘true’ branch (when ‘pkey’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:155:33: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:173:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:173:33: danger: ‘fp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/0)
#  171|   #endif
#  172|   			default:
#  173|-> 				cm_log(3, "Key is for an unknown algorithm.\n");
#  174|   				alg = "";
#  175|   				break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def681]
certmonger-0.79.21/src/keyiread-o.c:178:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-o.c:72:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:79:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:79:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-o.c:83:17: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:149:12: branch_true: following ‘true’ branch (when ‘status == 0’)...
certmonger-0.79.21/src/keyiread-o.c:154:20: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:154:20: branch_true: following ‘true’ branch (when ‘pkey’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:155:33: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:178:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:178:25: danger: ‘fp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/0)
#  176|   			}
#  177|   			bits = EVP_PKEY_bits(pkey);
#  178|-> 			cm_log(3, "Key size is %d.\n", bits);
#  179|   			tmp = NULL;
#  180|   			length = i2d_PUBKEY(pkey, (unsigned char **) &tmp);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def682]
certmonger-0.79.21/src/keyiread-o.c:180:34: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-o.c:72:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:79:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:79:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-o.c:83:17: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:149:12: branch_true: following ‘true’ branch (when ‘status == 0’)...
certmonger-0.79.21/src/keyiread-o.c:154:20: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:154:20: branch_true: following ‘true’ branch (when ‘pkey’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:155:33: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:180:34: throw: if ‘i2d_PUBKEY’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:180:34: danger: ‘fp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/0)
#  178|   			cm_log(3, "Key size is %d.\n", bits);
#  179|   			tmp = NULL;
#  180|-> 			length = i2d_PUBKEY(pkey, (unsigned char **) &tmp);
#  181|   			if (length > 0) {
#  182|   				pubikey = cm_store_hex_from_bin(NULL, tmp, length);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def683]
certmonger-0.79.21/src/keyiread-o.c:182:43: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-o.c:72:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:79:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:79:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-o.c:83:17: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:149:12: branch_true: following ‘true’ branch (when ‘status == 0’)...
certmonger-0.79.21/src/keyiread-o.c:154:20: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:154:20: branch_true: following ‘true’ branch (when ‘pkey’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:155:33: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:181:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:182:43: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:182:43: throw: if ‘cm_store_hex_from_bin’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:182:43: danger: ‘fp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/0)
#  180|   			length = i2d_PUBKEY(pkey, (unsigned char **) &tmp);
#  181|   			if (length > 0) {
#  182|-> 				pubikey = cm_store_hex_from_bin(NULL, tmp, length);
#  183|   			}
#  184|   			tmp = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def684]
certmonger-0.79.21/src/keyiread-o.c:185:34: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-o.c:72:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:79:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:79:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-o.c:83:17: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:149:12: branch_true: following ‘true’ branch (when ‘status == 0’)...
certmonger-0.79.21/src/keyiread-o.c:154:20: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:154:20: branch_true: following ‘true’ branch (when ‘pkey’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:155:33: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:185:34: throw: if ‘i2d_PublicKey’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:185:34: danger: ‘fp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/0)
#  183|   			}
#  184|   			tmp = NULL;
#  185|-> 			length = i2d_PublicKey(pkey, NULL);
#  186|   			if (length > 0) {
#  187|   				tmp = malloc(length);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def685]
certmonger-0.79.21/src/keyiread-o.c:189:50: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-o.c:72:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:79:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:79:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-o.c:83:17: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:149:12: branch_true: following ‘true’ branch (when ‘status == 0’)...
certmonger-0.79.21/src/keyiread-o.c:154:20: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:154:20: branch_true: following ‘true’ branch (when ‘pkey’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:155:33: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:186:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:187:39: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:188:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:189:50: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:189:50: throw: if ‘i2d_PublicKey’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:189:50: danger: ‘fp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/28/codeFlows/0/threadFlows/0/locations/0)
#  187|   				tmp = malloc(length);
#  188|   				if (tmp != NULL) {
#  189|-> 					length = i2d_PublicKey(pkey, (unsigned char **) &tmp);
#  190|   					pubkey = cm_store_hex_from_bin(NULL, tmp, length);
#  191|   				}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def686]
certmonger-0.79.21/src/keyiread-o.c:189:50: warning[-Wanalyzer-malloc-leak]: leak of ‘tmp’
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:79:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:79:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-o.c:83:17: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:149:12: branch_true: following ‘true’ branch (when ‘status == 0’)...
certmonger-0.79.21/src/keyiread-o.c:154:20: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:154:20: branch_true: following ‘true’ branch (when ‘pkey’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:155:33: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:186:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:187:39: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:187:39: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-o.c:188:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:189:50: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:189:50: throw: if ‘i2d_PublicKey’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:189:50: danger: ‘tmp’ leaks here; was allocated at [(13)](sarif:/runs/0/results/27/codeFlows/0/threadFlows/0/locations/12)
#  187|   				tmp = malloc(length);
#  188|   				if (tmp != NULL) {
#  189|-> 					length = i2d_PublicKey(pkey, (unsigned char **) &tmp);
#  190|   					pubkey = cm_store_hex_from_bin(NULL, tmp, length);
#  191|   				}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def687]
certmonger-0.79.21/src/keyiread-o.c:190:50: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-o.c:72:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:79:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:79:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-o.c:83:17: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:149:12: branch_true: following ‘true’ branch (when ‘status == 0’)...
certmonger-0.79.21/src/keyiread-o.c:154:20: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:154:20: branch_true: following ‘true’ branch (when ‘pkey’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:155:33: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:186:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:187:39: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:188:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:189:50: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:190:50: throw: if ‘cm_store_hex_from_bin’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:190:50: danger: ‘fp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/29/codeFlows/0/threadFlows/0/locations/0)
#  188|   				if (tmp != NULL) {
#  189|   					length = i2d_PublicKey(pkey, (unsigned char **) &tmp);
#  190|-> 					pubkey = cm_store_hex_from_bin(NULL, tmp, length);
#  191|   				}
#  192|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def688]
certmonger-0.79.21/src/keyiread-o.c:196:33: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-o.c:72:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:78:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:79:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:79:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-o.c:83:17: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:107:20: branch_true: following ‘true’ branch (when ‘status == 0’)...
certmonger-0.79.21/src/keyiread-o.c:108:22: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:107:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:109:21: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:107:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:110:61: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:112:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:113:44: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:149:12: branch_true: following ‘true’ branch (when ‘status == 0’)...
certmonger-0.79.21/src/keyiread-o.c:154:20: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:154:20: branch_true: following ‘true’ branch (when ‘pkey’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:155:33: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:186:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:187:39: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:188:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/keyiread-o.c:194:17: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:195:20: branch_true: following ‘true’ branch (when ‘nextpkey’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:196:33: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:196:33: throw: if ‘util_EVP_PKEY_base_id’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:196:33: danger: ‘fp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/0)
#  194|   		fprintf(fp, "%s/%d/%s/%s\n", alg, bits, pubikey, pubkey);
#  195|   		if (nextpkey != NULL) {
#  196|-> 			switch (util_EVP_PKEY_base_id(nextpkey)) {
#  197|   			case EVP_PKEY_RSA:
#  198|   				cm_log(3, "Next key is an RSA key.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def689]
certmonger-0.79.21/src/keyiread-o.c:240:33: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-o.c:72:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:149:12: branch_false: following ‘false’ branch (when ‘status != 0’)...
certmonger-0.79.21/src/keyiread-o.c:149:12: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:240:33: throw: if ‘ERR_get_error’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:240:33: danger: ‘fp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/31/codeFlows/0/threadFlows/0/locations/0)
#  238|   		status = 0;
#  239|   	} else {
#  240|-> 		while ((error = ERR_get_error()) != 0) {
#  241|   			ERR_error_string_n(error, buf, sizeof(buf));
#  242|   			cm_log(1, "%s\n", buf);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def690]
certmonger-0.79.21/src/keyiread-o.c:241:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-o.c:72:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:149:12: branch_false: following ‘false’ branch (when ‘status != 0’)...
certmonger-0.79.21/src/keyiread-o.c:149:12: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:240:24: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:241:25: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:241:25: throw: if ‘ERR_error_string_n’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:241:25: danger: ‘fp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/32/codeFlows/0/threadFlows/0/locations/0)
#  239|   	} else {
#  240|   		while ((error = ERR_get_error()) != 0) {
#  241|-> 			ERR_error_string_n(error, buf, sizeof(buf));
#  242|   			cm_log(1, "%s\n", buf);
#  243|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def691]
certmonger-0.79.21/src/keyiread-o.c:242:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/keyiread-o.c:72:14: acquire_memory: allocated here
certmonger-0.79.21/src/keyiread-o.c:73:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
certmonger-0.79.21/src/keyiread-o.c:77:21: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:149:12: branch_false: following ‘false’ branch (when ‘status != 0’)...
certmonger-0.79.21/src/keyiread-o.c:149:12: branch_false: ...to here
certmonger-0.79.21/src/keyiread-o.c:240:24: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/keyiread-o.c:241:25: branch_true: ...to here
certmonger-0.79.21/src/keyiread-o.c:242:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/keyiread-o.c:242:25: danger: ‘fp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/33/codeFlows/0/threadFlows/0/locations/0)
#  240|   		while ((error = ERR_get_error()) != 0) {
#  241|   			ERR_error_string_n(error, buf, sizeof(buf));
#  242|-> 			cm_log(1, "%s\n", buf);
#  243|   		}
#  244|   	}

Error: COMPILER_WARNING (CWE-563): [#def692]
certmonger-0.79.21/src/local.c: scope_hint: In function ‘set_ca_extensions’
certmonger-0.79.21/src/local.c:75:25: warning[-Wunused-parameter]: unused parameter ‘parent’
#   75 | set_ca_extensions(void *parent, X509_REQ *req, EVP_PKEY *key)
#      |                   ~~~~~~^~~~~~
#   73|   
#   74|   static void
#   75|-> set_ca_extensions(void *parent, X509_REQ *req, EVP_PKEY *key)
#   76|   {
#   77|   	STACK_OF(X509_EXTENSION) *exts;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def693]
certmonger-0.79.21/src/local.c:95:15: warning[-Wanalyzer-malloc-leak]: leak of ‘q’
certmonger-0.79.21/src/local.c:93:13: acquire_memory: allocated here
certmonger-0.79.21/src/local.c:95:15: throw: if ‘i2d_PUBKEY’ throws an exception...
certmonger-0.79.21/src/local.c:95:15: danger: ‘q’ leaks here; was allocated at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
#   93|   	p = malloc(len);
#   94|   	q = p;
#   95|-> 	len = i2d_PUBKEY(key, &q);
#   96|   	if (EVP_Digest(p, len, md, &mdlen, EVP_sha1(), NULL)) {
#   97|   		skid = util_ASN1_OCTET_STRING_new();

Error: GCC_ANALYZER_WARNING (CWE-775): [#def694]
certmonger-0.79.21/src/local.c:221:23: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(talloc_asprintf(parent, "%s/%s",  localdir, "creds"), "r")’
certmonger-0.79.21/src/local.c:214:14: acquire_resource: opened here
certmonger-0.79.21/src/local.c:215:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:221:23: branch_false: ...to here
certmonger-0.79.21/src/local.c:221:23: throw: if ‘d2i_PKCS12_fp’ throws an exception...
certmonger-0.79.21/src/local.c:221:23: danger: ‘fopen(talloc_asprintf(parent, "%s/%s",  localdir, "creds"), "r")’ leaks here; was opened at [(1)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/0)
#  219|   	}
#  220|   	if (fp != NULL) {
#  221|-> 		p12 = d2i_PKCS12_fp(fp, NULL);
#  222|   		if (p12 == NULL) {
#  223|   			cm_log(0, "Bad data in '%s'.\n", creds);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def695]
certmonger-0.79.21/src/local.c:221:23: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(talloc_asprintf(parent, "%s/%s",  localdir, "creds"), "r")’
certmonger-0.79.21/src/local.c:214:14: acquire_memory: allocated here
certmonger-0.79.21/src/local.c:215:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:221:23: branch_false: ...to here
certmonger-0.79.21/src/local.c:221:23: throw: if ‘d2i_PKCS12_fp’ throws an exception...
certmonger-0.79.21/src/local.c:221:23: danger: ‘fopen(talloc_asprintf(parent, "%s/%s",  localdir, "creds"), "r")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/0)
#  219|   	}
#  220|   	if (fp != NULL) {
#  221|-> 		p12 = d2i_PKCS12_fp(fp, NULL);
#  222|   		if (p12 == NULL) {
#  223|   			cm_log(0, "Bad data in '%s'.\n", creds);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def696]
certmonger-0.79.21/src/local.c:284:33: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(talloc_asprintf(parent, "%s/%s",  localdir, "/serial"), "r")’
certmonger-0.79.21/src/local.c:215:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:237:15: branch_false: ...to here
certmonger-0.79.21/src/local.c:252:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:268:17: branch_false: ...to here
certmonger-0.79.21/src/local.c:276:22: acquire_resource: opened here
certmonger-0.79.21/src/local.c:277:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:283:29: branch_false: ...to here
certmonger-0.79.21/src/local.c:283:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/local.c:284:33: branch_true: ...to here
certmonger-0.79.21/src/local.c:284:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/local.c:284:33: danger: ‘fopen(talloc_asprintf(parent, "%s/%s",  localdir, "/serial"), "r")’ leaks here; was opened at [(5)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/4)
#  282|   		if (fp != NULL) {
#  283|   			if (fgets(buf, sizeof(buf), fp) == NULL) {
#  284|-> 				cm_log(0, "Bad data in '%s'.\n", serial);
#  285|   			} else {
#  286|   				buf[strcspn(buf, "\r\n")] = '\0';

Error: GCC_ANALYZER_WARNING (CWE-401): [#def697]
certmonger-0.79.21/src/local.c:284:33: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(talloc_asprintf(parent, "%s/%s",  localdir, "/serial"), "r")’
certmonger-0.79.21/src/local.c:215:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:237:15: branch_false: ...to here
certmonger-0.79.21/src/local.c:252:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:268:17: branch_false: ...to here
certmonger-0.79.21/src/local.c:276:22: acquire_memory: allocated here
certmonger-0.79.21/src/local.c:277:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:283:29: branch_false: ...to here
certmonger-0.79.21/src/local.c:283:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/local.c:284:33: branch_true: ...to here
certmonger-0.79.21/src/local.c:284:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/local.c:284:33: danger: ‘fopen(talloc_asprintf(parent, "%s/%s",  localdir, "/serial"), "r")’ leaks here; was allocated at [(5)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/4)
#  282|   		if (fp != NULL) {
#  283|   			if (fgets(buf, sizeof(buf), fp) == NULL) {
#  284|-> 				cm_log(0, "Bad data in '%s'.\n", serial);
#  285|   			} else {
#  286|   				buf[strcspn(buf, "\r\n")] = '\0';

Error: GCC_ANALYZER_WARNING (CWE-775): [#def698]
certmonger-0.79.21/src/local.c:287:45: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(talloc_asprintf(parent, "%s/%s",  localdir, "/serial"), "r")’
certmonger-0.79.21/src/local.c:215:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:237:15: branch_false: ...to here
certmonger-0.79.21/src/local.c:252:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:268:17: branch_false: ...to here
certmonger-0.79.21/src/local.c:276:22: acquire_resource: opened here
certmonger-0.79.21/src/local.c:277:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:283:29: branch_false: ...to here
certmonger-0.79.21/src/local.c:283:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:286:37: branch_false: ...to here
certmonger-0.79.21/src/local.c:287:45: throw: if ‘talloc_strdup’ throws an exception...
certmonger-0.79.21/src/local.c:287:45: danger: ‘fopen(talloc_asprintf(parent, "%s/%s",  localdir, "/serial"), "r")’ leaks here; was opened at [(5)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/4)
#  285|   			} else {
#  286|   				buf[strcspn(buf, "\r\n")] = '\0';
#  287|-> 				hexserial = talloc_strdup(parent, buf);
#  288|   				cm_log(1, "Read serial number '%s'.\n",
#  289|   				       hexserial);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def699]
certmonger-0.79.21/src/local.c:287:45: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(talloc_asprintf(parent, "%s/%s",  localdir, "/serial"), "r")’
certmonger-0.79.21/src/local.c:215:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:237:15: branch_false: ...to here
certmonger-0.79.21/src/local.c:252:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:268:17: branch_false: ...to here
certmonger-0.79.21/src/local.c:276:22: acquire_memory: allocated here
certmonger-0.79.21/src/local.c:277:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:283:29: branch_false: ...to here
certmonger-0.79.21/src/local.c:283:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:286:37: branch_false: ...to here
certmonger-0.79.21/src/local.c:287:45: throw: if ‘talloc_strdup’ throws an exception...
certmonger-0.79.21/src/local.c:287:45: danger: ‘fopen(talloc_asprintf(parent, "%s/%s",  localdir, "/serial"), "r")’ leaks here; was allocated at [(5)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/4)
#  285|   			} else {
#  286|   				buf[strcspn(buf, "\r\n")] = '\0';
#  287|-> 				hexserial = talloc_strdup(parent, buf);
#  288|   				cm_log(1, "Read serial number '%s'.\n",
#  289|   				       hexserial);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def700]
certmonger-0.79.21/src/local.c:288:33: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(talloc_asprintf(parent, "%s/%s",  localdir, "/serial"), "r")’
certmonger-0.79.21/src/local.c:215:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:237:15: branch_false: ...to here
certmonger-0.79.21/src/local.c:252:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:268:17: branch_false: ...to here
certmonger-0.79.21/src/local.c:276:22: acquire_resource: opened here
certmonger-0.79.21/src/local.c:277:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:283:29: branch_false: ...to here
certmonger-0.79.21/src/local.c:283:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:286:37: branch_false: ...to here
certmonger-0.79.21/src/local.c:288:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/local.c:288:33: danger: ‘fopen(talloc_asprintf(parent, "%s/%s",  localdir, "/serial"), "r")’ leaks here; was opened at [(5)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/4)
#  286|   				buf[strcspn(buf, "\r\n")] = '\0';
#  287|   				hexserial = talloc_strdup(parent, buf);
#  288|-> 				cm_log(1, "Read serial number '%s'.\n",
#  289|   				       hexserial);
#  290|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def701]
certmonger-0.79.21/src/local.c:288:33: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(talloc_asprintf(parent, "%s/%s",  localdir, "/serial"), "r")’
certmonger-0.79.21/src/local.c:215:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:237:15: branch_false: ...to here
certmonger-0.79.21/src/local.c:252:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:268:17: branch_false: ...to here
certmonger-0.79.21/src/local.c:276:22: acquire_memory: allocated here
certmonger-0.79.21/src/local.c:277:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:283:29: branch_false: ...to here
certmonger-0.79.21/src/local.c:283:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:286:37: branch_false: ...to here
certmonger-0.79.21/src/local.c:288:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/local.c:288:33: danger: ‘fopen(talloc_asprintf(parent, "%s/%s",  localdir, "/serial"), "r")’ leaks here; was allocated at [(5)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/4)
#  286|   				buf[strcspn(buf, "\r\n")] = '\0';
#  287|   				hexserial = talloc_strdup(parent, buf);
#  288|-> 				cm_log(1, "Read serial number '%s'.\n",
#  289|   				       hexserial);
#  290|   			}

Error: COMPILER_WARNING (CWE-477): [#def702]
certmonger-0.79.21/src/local.c: scope_hint: In function ‘get_signer_info’
certmonger-0.79.21/src/local.c:310:17: warning[-Wdeprecated-declarations]: ‘RSA_new’ is deprecated: Since OpenSSL 3.0
#  310 |                 rsa = RSA_new();
#      |                 ^~~
/usr/include/openssl/x509.h:36: included_from: Included from here.
/usr/include/openssl/pem.h:23: included_from: Included from here.
certmonger-0.79.21/src/local.c:43: included_from: Included from here.
/usr/include/openssl/rsa.h:212:28: note: declared here
#  212 | OSSL_DEPRECATEDIN_3_0 RSA *RSA_new(void);
#      |                            ^~~~~~~
#  308|   		}
#  309|   		BN_set_word(exponent, CM_DEFAULT_RSA_EXPONENT);
#  310|-> 		rsa = RSA_new();
#  311|   		if (rsa == NULL) {
#  312|   			cm_log(1, "Error allocating new RSA key.\n");

Error: COMPILER_WARNING (CWE-477): [#def703]
certmonger-0.79.21/src/local.c:310:17: warning[-Wdeprecated-declarations]: ‘RSA_new’ is deprecated: Since OpenSSL 3.0
#  308|   		}
#  309|   		BN_set_word(exponent, CM_DEFAULT_RSA_EXPONENT);
#  310|-> 		rsa = RSA_new();
#  311|   		if (rsa == NULL) {
#  312|   			cm_log(1, "Error allocating new RSA key.\n");

Error: COMPILER_WARNING (CWE-477): [#def704]
certmonger-0.79.21/src/local.c:316:17: warning[-Wdeprecated-declarations]: ‘RSA_generate_key_ex’ is deprecated: Since OpenSSL 3.0
#  316 |                 if (RSA_generate_key_ex(rsa, CM_DEFAULT_PUBKEY_SIZE, exponent,
#      |                 ^~
/usr/include/openssl/rsa.h:271:27: note: declared here
#  271 | OSSL_DEPRECATEDIN_3_0 int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e,
#      |                           ^~~~~~~~~~~~~~~~~~~
#  314|   		}
#  315|   	retry_gen:
#  316|-> 		if (RSA_generate_key_ex(rsa, CM_DEFAULT_PUBKEY_SIZE, exponent,
#  317|   					NULL) != 1) {
#  318|   			cm_log(1, "Error generating key.\n");

Error: COMPILER_WARNING (CWE-477): [#def705]
certmonger-0.79.21/src/local.c:316:17: warning[-Wdeprecated-declarations]: ‘RSA_generate_key_ex’ is deprecated: Since OpenSSL 3.0
#  314|   		}
#  315|   	retry_gen:
#  316|-> 		if (RSA_generate_key_ex(rsa, CM_DEFAULT_PUBKEY_SIZE, exponent,
#  317|   					NULL) != 1) {
#  318|   			cm_log(1, "Error generating key.\n");

Error: COMPILER_WARNING (CWE-477): [#def706]
certmonger-0.79.21/src/local.c:321:17: warning[-Wdeprecated-declarations]: ‘RSA_check_key’ is deprecated: Since OpenSSL 3.0
#  321 |                 if (RSA_check_key(rsa) != 1) { /* should be unnecessary */
#      |                 ^~
/usr/include/openssl/rsa.h:289:27: note: declared here
#  289 | OSSL_DEPRECATEDIN_3_0 int RSA_check_key(const RSA *);
#      |                           ^~~~~~~~~~~~~
#  319|   			return CM_SUBMIT_STATUS_UNREACHABLE;
#  320|   		}
#  321|-> 		if (RSA_check_key(rsa) != 1) { /* should be unnecessary */
#  322|   			cm_log(1, "Key fails checks.  Retrying.\n");
#  323|   			goto retry_gen;

Error: COMPILER_WARNING (CWE-477): [#def707]
certmonger-0.79.21/src/local.c:321:17: warning[-Wdeprecated-declarations]: ‘RSA_check_key’ is deprecated: Since OpenSSL 3.0
#  319|   			return CM_SUBMIT_STATUS_UNREACHABLE;
#  320|   		}
#  321|-> 		if (RSA_check_key(rsa) != 1) { /* should be unnecessary */
#  322|   			cm_log(1, "Key fails checks.  Retrying.\n");
#  323|   			goto retry_gen;

Error: COMPILER_WARNING (CWE-477): [#def708]
certmonger-0.79.21/src/local.c:326:17: warning[-Wdeprecated-declarations]: ‘EVP_PKEY_set1_RSA’ is deprecated: Since OpenSSL 3.0
#  326 |                 EVP_PKEY_set1_RSA(*signer_key, rsa);
#      |                 ^~~~~~~~~~~~~~~~~
/usr/include/openssl/pem.h:22: included_from: Included from here.
/usr/include/openssl/evp.h:1414:5: note: declared here
# 1414 | int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, struct rsa_st *key);
#      |     ^~~~~~~~~~~~~~~~~
#  324|   		}
#  325|   		*signer_key = EVP_PKEY_new();
#  326|-> 		EVP_PKEY_set1_RSA(*signer_key, rsa);
#  327|   		/* Build a suitable CA signing request. */
#  328|   		csr = make_ca_csr(parent, *signer_key, *signer_cert);

Error: COMPILER_WARNING (CWE-477): [#def709]
certmonger-0.79.21/src/local.c:326:17: warning[-Wdeprecated-declarations]: ‘EVP_PKEY_set1_RSA’ is deprecated: Since OpenSSL 3.0
#  324|   		}
#  325|   		*signer_key = EVP_PKEY_new();
#  326|-> 		EVP_PKEY_set1_RSA(*signer_key, rsa);
#  327|   		/* Build a suitable CA signing request. */
#  328|   		csr = make_ca_csr(parent, *signer_key, *signer_cert);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def710]
certmonger-0.79.21/src/local.c:361:25: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(talloc_asprintf(parent, "%s/%s",  localdir, "/serial"), "w")’
certmonger-0.79.21/src/local.c:215:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:237:15: branch_false: ...to here
certmonger-0.79.21/src/local.c:252:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:268:17: branch_false: ...to here
certmonger-0.79.21/src/local.c:272:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:344:12: branch_true: following ‘true’ branch (when ‘save != 0’)...
certmonger-0.79.21/src/local.c:346:29: branch_true: ...to here
certmonger-0.79.21/src/local.c:347:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:352:26: branch_false: ...to here
certmonger-0.79.21/src/local.c:353:22: acquire_resource: opened here
certmonger-0.79.21/src/local.c:354:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:359:17: branch_false: ...to here
certmonger-0.79.21/src/local.c:360:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/local.c:362:41: branch_true: ...to here
certmonger-0.79.21/src/local.c:361:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/local.c:361:25: danger: ‘fopen(talloc_asprintf(parent, "%s/%s",  localdir, "/serial"), "w")’ leaks here; was opened at [(11)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/10)
#  359|   		fprintf(fp, "%s\n", hexserial);
#  360|   		if (ferror(fp)) {
#  361|-> 			cm_log(1, "Error writing '%s': %s.\n", serial,
#  362|   			       strerror(errno));
#  363|   			fclose(fp);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def711]
certmonger-0.79.21/src/local.c:361:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(talloc_asprintf(parent, "%s/%s",  localdir, "/serial"), "w")’
certmonger-0.79.21/src/local.c:215:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:237:15: branch_false: ...to here
certmonger-0.79.21/src/local.c:252:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:268:17: branch_false: ...to here
certmonger-0.79.21/src/local.c:272:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:344:12: branch_true: following ‘true’ branch (when ‘save != 0’)...
certmonger-0.79.21/src/local.c:346:29: branch_true: ...to here
certmonger-0.79.21/src/local.c:347:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:352:26: branch_false: ...to here
certmonger-0.79.21/src/local.c:353:22: acquire_memory: allocated here
certmonger-0.79.21/src/local.c:354:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:359:17: branch_false: ...to here
certmonger-0.79.21/src/local.c:360:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/local.c:362:41: branch_true: ...to here
certmonger-0.79.21/src/local.c:361:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/local.c:361:25: danger: ‘fopen(talloc_asprintf(parent, "%s/%s",  localdir, "/serial"), "w")’ leaks here; was allocated at [(11)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/10)
#  359|   		fprintf(fp, "%s\n", hexserial);
#  360|   		if (ferror(fp)) {
#  361|-> 			cm_log(1, "Error writing '%s': %s.\n", serial,
#  362|   			       strerror(errno));
#  363|   			fclose(fp);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def712]
certmonger-0.79.21/src/local.c:375:23: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(talloc_asprintf(parent, "%s/%s",  localdir, "creds"), "w")’
certmonger-0.79.21/src/local.c:215:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:237:15: branch_false: ...to here
certmonger-0.79.21/src/local.c:252:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:268:17: branch_false: ...to here
certmonger-0.79.21/src/local.c:272:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:344:12: branch_true: following ‘true’ branch (when ‘save != 0’)...
certmonger-0.79.21/src/local.c:346:29: branch_true: ...to here
certmonger-0.79.21/src/local.c:347:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:352:26: branch_false: ...to here
certmonger-0.79.21/src/local.c:354:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:359:17: branch_false: ...to here
certmonger-0.79.21/src/local.c:360:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:366:17: branch_false: ...to here
certmonger-0.79.21/src/local.c:369:22: acquire_resource: opened here
certmonger-0.79.21/src/local.c:370:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:375:23: branch_false: ...to here
certmonger-0.79.21/src/local.c:375:23: throw: if ‘PKCS12_create’ throws an exception...
certmonger-0.79.21/src/local.c:375:23: danger: ‘fopen(talloc_asprintf(parent, "%s/%s",  localdir, "creds"), "w")’ leaks here; was opened at [(15)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/14)
#  373|   			return CM_SUBMIT_STATUS_UNREACHABLE;
#  374|   		}
#  375|-> 		p12 = PKCS12_create(NULL, CONSTANTCN, *signer_key, *signer_cert,
#  376|   				    cas, NID_aes_128_cbc, NID_aes_128_cbc,
#  377|   				    0, 0, 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def713]
certmonger-0.79.21/src/local.c:375:23: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(talloc_asprintf(parent, "%s/%s",  localdir, "creds"), "w")’
certmonger-0.79.21/src/local.c:215:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:237:15: branch_false: ...to here
certmonger-0.79.21/src/local.c:252:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:268:17: branch_false: ...to here
certmonger-0.79.21/src/local.c:272:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:344:12: branch_true: following ‘true’ branch (when ‘save != 0’)...
certmonger-0.79.21/src/local.c:346:29: branch_true: ...to here
certmonger-0.79.21/src/local.c:347:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:352:26: branch_false: ...to here
certmonger-0.79.21/src/local.c:354:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:359:17: branch_false: ...to here
certmonger-0.79.21/src/local.c:360:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:366:17: branch_false: ...to here
certmonger-0.79.21/src/local.c:369:22: acquire_memory: allocated here
certmonger-0.79.21/src/local.c:370:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:375:23: branch_false: ...to here
certmonger-0.79.21/src/local.c:375:23: throw: if ‘PKCS12_create’ throws an exception...
certmonger-0.79.21/src/local.c:375:23: danger: ‘fopen(talloc_asprintf(parent, "%s/%s",  localdir, "creds"), "w")’ leaks here; was allocated at [(15)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/14)
#  373|   			return CM_SUBMIT_STATUS_UNREACHABLE;
#  374|   		}
#  375|-> 		p12 = PKCS12_create(NULL, CONSTANTCN, *signer_key, *signer_cert,
#  376|   				    cas, NID_aes_128_cbc, NID_aes_128_cbc,
#  377|   				    0, 0, 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def714]
certmonger-0.79.21/src/local.c:408:20: warning[-Wanalyzer-malloc-leak]: leak of ‘csr’
certmonger-0.79.21/src/local.c:427:1: enter_function: entry to ‘main’
certmonger-0.79.21/src/local.c:451:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:456:13: branch_false: ...to here
certmonger-0.79.21/src/local.c:456:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:459:13: branch_false: ...to here
certmonger-0.79.21/src/local.c:475:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:478:9: branch_false: ...to here
certmonger-0.79.21/src/local.c:486:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:491:9: branch_false: ...to here
certmonger-0.79.21/src/local.c:493:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:496:17: branch_false: ...to here
certmonger-0.79.21/src/local.c:499:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:505:18: branch_false: ...to here
certmonger-0.79.21/src/local.c:518:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:547:14: branch_false: ...to here
certmonger-0.79.21/src/local.c:552:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:555:31: branch_false: ...to here
certmonger-0.79.21/src/local.c:556:28: branch_true: following ‘true’ branch (when ‘csr’ is non-NULL)...
certmonger-0.79.21/src/local.c:557:39: branch_true: ...to here
certmonger-0.79.21/src/local.c:557:39: acquire_memory: allocated here
certmonger-0.79.21/src/local.c:560:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:568:23: call_function: calling ‘local_lock’ from ‘main’
#  406|   	int lfd;
#  407|   
#  408|-> 	lockfile = talloc_asprintf(parent, "%s/lock", localdir);
#  409|   	cm_log(2, "Obtaining data lock.\n");
#  410|   	lfd = open(lockfile, O_RDWR | O_CREAT,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def715]
certmonger-0.79.21/src/local.c:409:9: warning[-Wanalyzer-malloc-leak]: leak of ‘csr’
certmonger-0.79.21/src/local.c:427:1: enter_function: entry to ‘main’
certmonger-0.79.21/src/local.c:451:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:456:13: branch_false: ...to here
certmonger-0.79.21/src/local.c:456:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:459:13: branch_false: ...to here
certmonger-0.79.21/src/local.c:475:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:478:9: branch_false: ...to here
certmonger-0.79.21/src/local.c:486:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:491:9: branch_false: ...to here
certmonger-0.79.21/src/local.c:493:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:496:17: branch_false: ...to here
certmonger-0.79.21/src/local.c:499:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:505:18: branch_false: ...to here
certmonger-0.79.21/src/local.c:518:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:547:14: branch_false: ...to here
certmonger-0.79.21/src/local.c:552:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:555:31: branch_false: ...to here
certmonger-0.79.21/src/local.c:556:28: branch_true: following ‘true’ branch (when ‘csr’ is non-NULL)...
certmonger-0.79.21/src/local.c:557:39: branch_true: ...to here
certmonger-0.79.21/src/local.c:557:39: acquire_memory: allocated here
certmonger-0.79.21/src/local.c:560:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:568:23: call_function: calling ‘local_lock’ from ‘main’
#  407|   
#  408|   	lockfile = talloc_asprintf(parent, "%s/lock", localdir);
#  409|-> 	cm_log(2, "Obtaining data lock.\n");
#  410|   	lfd = open(lockfile, O_RDWR | O_CREAT,
#  411|   		   S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def716]
certmonger-0.79.21/src/local.c:562:25: warning[-Wanalyzer-malloc-leak]: leak of ‘csr’
certmonger-0.79.21/src/local.c:451:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:456:13: branch_false: ...to here
certmonger-0.79.21/src/local.c:456:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:459:13: branch_false: ...to here
certmonger-0.79.21/src/local.c:475:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:478:9: branch_false: ...to here
certmonger-0.79.21/src/local.c:486:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:491:9: branch_false: ...to here
certmonger-0.79.21/src/local.c:493:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:496:17: branch_false: ...to here
certmonger-0.79.21/src/local.c:499:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:505:18: branch_false: ...to here
certmonger-0.79.21/src/local.c:518:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:547:14: branch_false: ...to here
certmonger-0.79.21/src/local.c:552:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:555:31: branch_false: ...to here
certmonger-0.79.21/src/local.c:556:28: branch_true: following ‘true’ branch (when ‘csr’ is non-NULL)...
certmonger-0.79.21/src/local.c:557:39: branch_true: ...to here
certmonger-0.79.21/src/local.c:557:39: acquire_memory: allocated here
certmonger-0.79.21/src/local.c:560:20: branch_false: following ‘false’ branch (when ‘csr’ is non-NULL)...
certmonger-0.79.21/src/local.c:560:38: branch_false: ...to here
certmonger-0.79.21/src/local.c:560:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/local.c:561:32: branch_true: ...to here
certmonger-0.79.21/src/local.c:562:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/local.c:562:25: danger: ‘csr’ leaks here; was allocated at [(20)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/19)
#  560|   		if ((csr == NULL) || (strlen(csr) == 0)) {
#  561|   			printf(_("Unable to read signing request.\n"));
#  562|-> 			cm_log(1, "Unable to read signing request.\n");
#  563|   			poptPrintUsage(pctx, stdout, 0);
#  564|   			free(csr);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def717]
certmonger-0.79.21/src/local.c:563:25: warning[-Wanalyzer-malloc-leak]: leak of ‘csr’
certmonger-0.79.21/src/local.c:451:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:456:13: branch_false: ...to here
certmonger-0.79.21/src/local.c:456:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:459:13: branch_false: ...to here
certmonger-0.79.21/src/local.c:475:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:478:9: branch_false: ...to here
certmonger-0.79.21/src/local.c:486:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:491:9: branch_false: ...to here
certmonger-0.79.21/src/local.c:493:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:496:17: branch_false: ...to here
certmonger-0.79.21/src/local.c:499:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:505:18: branch_false: ...to here
certmonger-0.79.21/src/local.c:518:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:547:14: branch_false: ...to here
certmonger-0.79.21/src/local.c:552:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/local.c:555:31: branch_false: ...to here
certmonger-0.79.21/src/local.c:556:28: branch_true: following ‘true’ branch (when ‘csr’ is non-NULL)...
certmonger-0.79.21/src/local.c:557:39: branch_true: ...to here
certmonger-0.79.21/src/local.c:557:39: acquire_memory: allocated here
certmonger-0.79.21/src/local.c:560:20: branch_false: following ‘false’ branch (when ‘csr’ is non-NULL)...
certmonger-0.79.21/src/local.c:560:38: branch_false: ...to here
certmonger-0.79.21/src/local.c:560:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/local.c:561:32: branch_true: ...to here
certmonger-0.79.21/src/local.c:563:25: throw: if ‘poptPrintUsage’ throws an exception...
certmonger-0.79.21/src/local.c:563:25: danger: ‘csr’ leaks here; was allocated at [(20)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/19)
#  561|   			printf(_("Unable to read signing request.\n"));
#  562|   			cm_log(1, "Unable to read signing request.\n");
#  563|-> 			poptPrintUsage(pctx, stdout, 0);
#  564|   			free(csr);
#  565|   			return CM_SUBMIT_STATUS_UNCONFIGURED;

Error: GCC_ANALYZER_WARNING (CWE-404): [#def718]
certmonger-0.79.21/src/log.c:109:25: warning[-Wanalyzer-va-list-leak]: missing call to ‘va_end’
certmonger-0.79.21/src/log.c:66:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/log.c:67:17: branch_true: ...to here
certmonger-0.79.21/src/log.c:94:25: acquire_resource: ‘va_start’ called here
certmonger-0.79.21/src/log.c:109:25: throw: if ‘vsyslog’ throws an exception...
certmonger-0.79.21/src/log.c:109:25: danger: missing call to ‘va_end’ to match ‘va_start’ at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  107|   				break;
#  108|   			}
#  109|-> 			vsyslog(LOG_DAEMON | slevel, fmt, args);
#  110|   			va_end(args);
#  111|   			break;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def719]
certmonger-0.79.21/src/netlink.c:46:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’
certmonger-0.79.21/src/netlink.c:42:14: acquire_resource: datagram socket created here
certmonger-0.79.21/src/netlink.c:43:12: branch_false: following ‘false’ branch (when ‘fd != -1’)...
certmonger-0.79.21/src/netlink.c:46:13: branch_false: ...to here
certmonger-0.79.21/src/netlink.c:46:13: throw: if ‘fcntl’ throws an exception...
certmonger-0.79.21/src/netlink.c:46:13: danger: ‘fd’ leaks here
#   44|   		return -1;
#   45|   	}
#   46|-> 	if (fcntl(fd, F_SETFL, (long) O_NONBLOCK) == -1) {
#   47|   		close(fd);
#   48|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def720]
certmonger-0.79.21/src/netlink.c:60:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’
certmonger-0.79.21/src/netlink.c:42:14: acquire_resource: datagram socket created here
certmonger-0.79.21/src/netlink.c:43:12: branch_false: following ‘false’ branch (when ‘fd != -1’)...
certmonger-0.79.21/src/netlink.c:46:13: branch_false: ...to here
certmonger-0.79.21/src/netlink.c:46:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/netlink.c:50:13: branch_false: ...to here
certmonger-0.79.21/src/netlink.c:50:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/netlink.c:54:9: branch_false: ...to here
certmonger-0.79.21/src/netlink.c:59:13: acquire_resource: socket created here
certmonger-0.79.21/src/netlink.c:59:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/netlink.c:60:17: branch_true: ...to here
certmonger-0.79.21/src/netlink.c:60:17: throw: if ‘close’ throws an exception...
certmonger-0.79.21/src/netlink.c:60:17: danger: ‘fd’ leaks here
#   58|   	sn.nl_groups = RTMGRP_NOTIFY | RTMGRP_IPV4_ROUTE | RTMGRP_IPV6_ROUTE;
#   59|   	if (bind(fd, (struct sockaddr *) &sn, sizeof(sn)) == -1) {
#   60|-> 		close(fd);
#   61|   		return -1;
#   62|   	}

Error: COMPILER_WARNING (CWE-563): [#def721]
certmonger-0.79.21/src/nl-check.c: scope_hint: In function ‘main’
certmonger-0.79.21/src/nl-check.c:141:10: warning[-Wunused-parameter]: unused parameter ‘argc’
#  141 | main(int argc, char **argv)
#      |      ~~~~^~~~
#  139|   
#  140|   int
#  141|-> main(int argc, char **argv)
#  142|   {
#  143|   	fd_set fds;

Error: COMPILER_WARNING (CWE-563): [#def722]
certmonger-0.79.21/src/nl-check.c:141:23: warning[-Wunused-parameter]: unused parameter ‘argv’
#  141 | main(int argc, char **argv)
#      |                ~~~~~~~^~~~
#  139|   
#  140|   int
#  141|-> main(int argc, char **argv)
#  142|   {
#  143|   	fd_set fds;

Error: COMPILER_WARNING (CWE-563): [#def723]
certmonger-0.79.21/src/notify.c: scope_hint: In function ‘cm_notify_main’
certmonger-0.79.21/src/notify.c:51:20: warning[-Wunused-parameter]: unused parameter ‘fd’
#   51 | cm_notify_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#      |                ~~~~^~
#   49|   /* Fire off the proper notification. */
#   50|   static int
#   51|-> cm_notify_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#   52|   	       void *userdata)
#   53|   {

Error: COMPILER_WARNING (CWE-563): [#def724]
certmonger-0.79.21/src/notify.c:51:44: warning[-Wunused-parameter]: unused parameter ‘ca’
#   51 | cm_notify_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#      |                        ~~~~~~~~~~~~~~~~~~~~^~
#   49|   /* Fire off the proper notification. */
#   50|   static int
#   51|-> cm_notify_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#   52|   	       void *userdata)
#   53|   {

Error: COMPILER_WARNING (CWE-563): [#def725]
certmonger-0.79.21/src/iterate.c:41: included_from: Included from here.
certmonger-0.79.21/src/notify.h: scope_hint: At top level
certmonger-0.79.21/src/notify.h:34:20: warning[-Wunused-variable]: ‘cm_notify_event_names’ defined but not used
#   34 | static const char *cm_notify_event_names[] = {
#      |                    ^~~~~~~~~~~~~~~~~~~~~
#   32|   };
#   33|   
#   34|-> static const char *cm_notify_event_names[] = {
#   35|   	"unknown",
#   36|   	"validity_ending",

Error: COMPILER_WARNING (CWE-563): [#def726]
certmonger-0.79.21/src/pin.c: scope_hint: In function ‘cm_pin_read_for_key_ossl_cb’
certmonger-0.79.21/src/pin.c:118:54: warning[-Wunused-parameter]: unused parameter ‘rwflag’
#  118 | cm_pin_read_for_key_ossl_cb(char *buf, int size, int rwflag, void *u)
#      |                                                  ~~~~^~~~~~
#  116|   
#  117|   int
#  118|-> cm_pin_read_for_key_ossl_cb(char *buf, int size, int rwflag, void *u)
#  119|   {
#  120|   	struct cm_pin_cb_data *cb_data;

Error: COMPILER_WARNING (CWE-563): [#def727]
certmonger-0.79.21/src/pin.c: scope_hint: In function ‘cm_pin_nss_cb’
certmonger-0.79.21/src/pin.c:149:29: warning[-Wunused-parameter]: unused parameter ‘slot’
#  149 | cm_pin_nss_cb(PK11SlotInfo *slot, PRBool retry, void *arg,
#      |               ~~~~~~~~~~~~~~^~~~
#  147|   
#  148|   static char *
#  149|-> cm_pin_nss_cb(PK11SlotInfo *slot, PRBool retry, void *arg,
#  150|   	      enum cm_pin_type pin_type)
#  151|   {

Error: COMPILER_WARNING (CWE-563): [#def728]
certmonger-0.79.21/src/pkcs7.c: scope_hint: In function ‘bettertop’
certmonger-0.79.21/src/pkcs7.c:119:17: warning[-Wunused-parameter]: unused parameter ‘candidate’
#  119 | bettertop(X509 *candidate, X509 *current, unsigned int flags)
#      |           ~~~~~~^~~~~~~~~
#  117|   }
#  118|   static int
#  119|-> bettertop(X509 *candidate, X509 *current, unsigned int flags)
#  120|   {
#  121|   	return -1;

Error: COMPILER_WARNING (CWE-563): [#def729]
certmonger-0.79.21/src/pkcs7.c:119:34: warning[-Wunused-parameter]: unused parameter ‘current’
#  119 | bettertop(X509 *candidate, X509 *current, unsigned int flags)
#      |                            ~~~~~~^~~~~~~
#  117|   }
#  118|   static int
#  119|-> bettertop(X509 *candidate, X509 *current, unsigned int flags)
#  120|   {
#  121|   	return -1;

Error: COMPILER_WARNING (CWE-563): [#def730]
certmonger-0.79.21/src/pkcs7.c:119:56: warning[-Wunused-parameter]: unused parameter ‘flags’
#  119 | bettertop(X509 *candidate, X509 *current, unsigned int flags)
#      |                                           ~~~~~~~~~~~~~^~~~~
#  117|   }
#  118|   static int
#  119|-> bettertop(X509 *candidate, X509 *current, unsigned int flags)
#  120|   {
#  121|   	return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def731]
certmonger-0.79.21/src/pkcs7.c:163:51: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
certmonger-0.79.21/src/pkcs7.c:181:1: enter_function: entry to ‘cm_pkcs7_parse_buffer’
certmonger-0.79.21/src/pkcs7.c:198:12: branch_false: following ‘false’ branch (when ‘length != 0’)...
certmonger-0.79.21/src/pkcs7.c:201:12: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:207:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/pkcs7.c:209:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:220:21: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:220:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/pkcs7.c:224:26: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/pkcs7.c:226:31: call_function: calling ‘cm_pkcs7_parse_buffer’ from ‘cm_pkcs7_parse_buffer’
#  161|   				buf = malloc(len);
#  162|   				if (buf != NULL) {
#  163|-> 					decoded = cm_store_base64_to_bin(p,
#  164|   									 q - p,
#  165|   									 buf,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def732]
certmonger-0.79.21/src/pkcs7.c:163:51: warning[-Wanalyzer-malloc-leak]: leak of ‘sp’
certmonger-0.79.21/src/pkcs7.c:181:1: enter_function: entry to ‘cm_pkcs7_parse_buffer’
certmonger-0.79.21/src/pkcs7.c:198:12: branch_false: following ‘false’ branch (when ‘length != 0’)...
certmonger-0.79.21/src/pkcs7.c:201:12: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:207:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/pkcs7.c:209:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:220:21: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:220:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/pkcs7.c:224:26: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/pkcs7.c:226:31: call_function: calling ‘cm_pkcs7_parse_buffer’ from ‘cm_pkcs7_parse_buffer’
#  161|   				buf = malloc(len);
#  162|   				if (buf != NULL) {
#  163|-> 					decoded = cm_store_base64_to_bin(p,
#  164|   									 q - p,
#  165|   									 buf,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def733]
certmonger-0.79.21/src/pkcs7.c:206:14: warning[-Wanalyzer-malloc-leak]: leak of ‘sp’
certmonger-0.79.21/src/pkcs7.c:181:1: enter_function: entry to ‘cm_pkcs7_parse_buffer’
certmonger-0.79.21/src/pkcs7.c:198:12: branch_false: following ‘false’ branch (when ‘length != 0’)...
certmonger-0.79.21/src/pkcs7.c:201:12: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:207:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/pkcs7.c:209:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:220:21: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:220:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/pkcs7.c:224:26: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/pkcs7.c:226:31: call_function: calling ‘cm_pkcs7_parse_buffer’ from ‘cm_pkcs7_parse_buffer’
#  204|   	/* First, try to parse as a PKCS#7 signed or enveloped data item. */
#  205|   	p = buffer;
#  206|-> 	p7 = d2i_PKCS7(NULL, &p, length);
#  207|   	if ((p7 != NULL) && (p == buffer + length)) {
#  208|   		/* Is it a signed-data item? */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def734]
certmonger-0.79.21/src/pkcs7.c:222:23: warning[-Wanalyzer-malloc-leak]: leak of ‘sp’
certmonger-0.79.21/src/pkcs7.c:181:1: enter_function: entry to ‘cm_pkcs7_parse_buffer’
certmonger-0.79.21/src/pkcs7.c:198:12: branch_false: following ‘false’ branch (when ‘length != 0’)...
certmonger-0.79.21/src/pkcs7.c:201:12: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:207:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/pkcs7.c:209:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:220:21: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:220:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/pkcs7.c:224:26: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/pkcs7.c:226:31: call_function: calling ‘cm_pkcs7_parse_buffer’ from ‘cm_pkcs7_parse_buffer’
#  220|   		if (PKCS7_type_is_enveloped(p7) &&
#  221|   		    (decrypt_envelope != NULL)) {
#  222|-> 		      decrypt_envelope(buffer, length, decrypt_userdata,
#  223|   				       &enveloped, &enveloped_length);
#  224|   		      if ((enveloped != NULL) && (enveloped_length > 0)) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def735]
certmonger-0.79.21/src/pkcs7.c:237:21: warning[-Wanalyzer-malloc-leak]: leak of ‘sp’
certmonger-0.79.21/src/pkcs7.c:181:1: enter_function: entry to ‘cm_pkcs7_parse_buffer’
certmonger-0.79.21/src/pkcs7.c:198:12: branch_false: following ‘false’ branch (when ‘length != 0’)...
certmonger-0.79.21/src/pkcs7.c:201:12: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:207:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/pkcs7.c:209:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:220:21: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:220:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/pkcs7.c:224:26: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/pkcs7.c:226:31: call_function: calling ‘cm_pkcs7_parse_buffer’ from ‘cm_pkcs7_parse_buffer’
#  235|   		/* Not PKCS#7?  Try to parse as a plain certificate. */
#  236|   		p = buffer;
#  237|-> 		x = d2i_X509(NULL, &p, length);
#  238|   		if ((x != NULL) && (p == buffer + length)) {
#  239|   			if (sk_X509_find(sk, x) < 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def736]
certmonger-0.79.21/src/pkcs7.c:584:13: warning[-Wanalyzer-malloc-leak]: leak of ‘u’
certmonger-0.79.21/src/pkcs7.c:542:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:546:21: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:547:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:551:9: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:554:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:558:9: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:561:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:565:14: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:569:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:573:15: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:574:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:578:15: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:578:15: acquire_memory: allocated here
certmonger-0.79.21/src/pkcs7.c:579:12: branch_false: following ‘false’ branch (when ‘dp7’ is non-NULL)...
certmonger-0.79.21/src/pkcs7.c:583:9: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:584:13: throw: if ‘i2d_PKCS7’ throws an exception...
certmonger-0.79.21/src/pkcs7.c:584:13: danger: ‘u’ leaks here; was allocated at [(13)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/12)
#  582|   	}
#  583|   	u = dp7;
#  584|-> 	if (i2d_PKCS7(p7, &u) != len) {
#  585|   		log_pkcs7_errors(0, "Error encoding encrypted signing request.\n");
#  586|   		goto done;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def737]
certmonger-0.79.21/src/pkcs7.c:637:13: warning[-Wanalyzer-malloc-leak]: leak of ‘u’
certmonger-0.79.21/src/pkcs7.c:615:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:619:15: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:621:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:626:16: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:627:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:631:16: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:631:16: acquire_memory: allocated here
certmonger-0.79.21/src/pkcs7.c:632:12: branch_false: following ‘false’ branch (when ‘dreq’ is non-NULL)...
certmonger-0.79.21/src/pkcs7.c:636:9: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:637:13: throw: if ‘i2d_X509_REQ’ throws an exception...
certmonger-0.79.21/src/pkcs7.c:637:13: danger: ‘u’ leaks here; was allocated at [(7)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/6)
#  635|   	}
#  636|   	u = dreq;
#  637|-> 	if (i2d_X509_REQ(req, &u) != dlen) {
#  638|   		log_pkcs7_errors(0, "Error encoding certificate signing request.\n");
#  639|   		goto done;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def738]
certmonger-0.79.21/src/pkcs7.c:727:13: warning[-Wanalyzer-malloc-leak]: leak of ‘u’
certmonger-0.79.21/src/pkcs7.c:693:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:697:14: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:699:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:704:14: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:705:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:709:16: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:711:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:716:35: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:717:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:721:18: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:721:18: acquire_memory: allocated here
certmonger-0.79.21/src/pkcs7.c:722:12: branch_false: following ‘false’ branch (when ‘issuer’ is non-NULL)...
certmonger-0.79.21/src/pkcs7.c:726:9: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:727:13: throw: if ‘i2d_X509_NAME’ throws an exception...
certmonger-0.79.21/src/pkcs7.c:727:13: danger: ‘u’ leaks here; was allocated at [(11)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/10)
#  725|   	}
#  726|   	u = issuer;
#  727|-> 	if (i2d_X509_NAME(X509_get_issuer_name(ca), &u) != issuerlen) {
#  728|   		log_pkcs7_errors(0, "Error encoding CA certificate issuer name.\n");
#  729|   		goto done;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def739]
certmonger-0.79.21/src/pkcs7.c:727:27: warning[-Wanalyzer-malloc-leak]: leak of ‘u’
certmonger-0.79.21/src/pkcs7.c:693:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:697:14: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:699:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:704:14: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:705:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:709:16: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:711:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:716:35: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:717:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:721:18: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:721:18: acquire_memory: allocated here
certmonger-0.79.21/src/pkcs7.c:722:12: branch_false: following ‘false’ branch (when ‘issuer’ is non-NULL)...
certmonger-0.79.21/src/pkcs7.c:726:9: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:727:27: throw: if ‘X509_get_issuer_name’ throws an exception...
certmonger-0.79.21/src/pkcs7.c:727:27: danger: ‘u’ leaks here; was allocated at [(11)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/10)
#  725|   	}
#  726|   	u = issuer;
#  727|-> 	if (i2d_X509_NAME(X509_get_issuer_name(ca), &u) != issuerlen) {
#  728|   		log_pkcs7_errors(0, "Error encoding CA certificate issuer name.\n");
#  729|   		goto done;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def740]
certmonger-0.79.21/src/pkcs7.c:743:27: warning[-Wanalyzer-malloc-leak]: leak of ‘u’
certmonger-0.79.21/src/pkcs7.c:693:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:697:14: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:699:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:704:14: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:705:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:709:16: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:711:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:716:35: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:717:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:721:18: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:722:12: branch_false: following ‘false’ branch (when ‘issuer’ is non-NULL)...
certmonger-0.79.21/src/pkcs7.c:726:9: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:727:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:732:36: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:733:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/pkcs7.c:737:19: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:737:19: acquire_memory: allocated here
certmonger-0.79.21/src/pkcs7.c:738:12: branch_false: following ‘false’ branch (when ‘subject’ is non-NULL)...
certmonger-0.79.21/src/pkcs7.c:742:9: branch_false: ...to here
certmonger-0.79.21/src/pkcs7.c:743:27: throw: if ‘X509_get_subject_name’ throws an exception...
certmonger-0.79.21/src/pkcs7.c:743:27: danger: ‘u’ leaks here; was allocated at [(17)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/16)
#  741|   	}
#  742|   	u = subject;
#  743|-> 	if (i2d_X509_NAME(X509_get_subject_name(mini), &u) != subjectlen) {
#  744|   		log_pkcs7_errors(0, "Error encoding client certificate subject name.\n");
#  745|   		goto done;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def741]
certmonger-0.79.21/src/scepgen-n.c:86:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:128:1: enter_function: entry to ‘cm_scepgen_n_main’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:209:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:213:20: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:214:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:218:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:225:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:238:15: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:258:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-n.c:259:17: branch_true: ...to here
certmonger-0.79.21/src/scepgen-n.c:260:17: call_function: calling ‘cm_scepgen_n_resign’ from ‘cm_scepgen_n_main’
#   84|   
#   85|   	if (p7 == NULL) {
#   86|-> 		cm_log(1, "Nothing to resign.\n");
#   87|   		return;
#   88|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def742]
certmonger-0.79.21/src/scepgen-n.c:89:18: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:128:1: enter_function: entry to ‘cm_scepgen_n_main’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:209:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:213:20: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:214:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:218:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:225:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:238:15: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:258:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-n.c:259:17: branch_true: ...to here
certmonger-0.79.21/src/scepgen-n.c:260:17: call_function: calling ‘cm_scepgen_n_resign’ from ‘cm_scepgen_n_main’
#   87|   		return;
#   88|   	}
#   89|-> 	sinfos = PKCS7_get_signer_info(p7);
#   90|   	if (sk_PKCS7_SIGNER_INFO_num(sinfos) != 1) {
#   91|   		cm_log(0, "More than one signer, not sure what to do.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def743]
certmonger-0.79.21/src/scepgen-n.c:91:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:128:1: enter_function: entry to ‘cm_scepgen_n_main’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:209:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:213:20: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:214:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:218:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:225:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:238:15: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:258:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-n.c:259:17: branch_true: ...to here
certmonger-0.79.21/src/scepgen-n.c:260:17: call_function: calling ‘cm_scepgen_n_resign’ from ‘cm_scepgen_n_main’
#   89|   	sinfos = PKCS7_get_signer_info(p7);
#   90|   	if (sk_PKCS7_SIGNER_INFO_num(sinfos) != 1) {
#   91|-> 		cm_log(0, "More than one signer, not sure what to do.\n");
#   92|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#   93|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def744]
certmonger-0.79.21/src/scepgen-n.c:95:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:128:1: enter_function: entry to ‘cm_scepgen_n_main’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:209:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:213:20: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:214:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:218:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:225:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:238:15: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:258:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-n.c:259:17: branch_true: ...to here
certmonger-0.79.21/src/scepgen-n.c:260:17: call_function: calling ‘cm_scepgen_n_resign’ from ‘cm_scepgen_n_main’
#   93|   	}
#   94|   	sinfo = sk_PKCS7_SIGNER_INFO_value(sinfos, 0);
#   95|-> 	salen = ASN1_item_i2d((ASN1_VALUE *)sinfo->auth_attr, NULL, ASN1_ITEM_rptr(PKCS7_ATTR_SIGN));
#   96|   	u = sabuf = malloc(salen);
#   97|   	if (sabuf == NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def745]
certmonger-0.79.21/src/scepgen-n.c:98:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:128:1: enter_function: entry to ‘cm_scepgen_n_main’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:209:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:213:20: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:214:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:218:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:225:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:238:15: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:258:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-n.c:259:17: branch_true: ...to here
certmonger-0.79.21/src/scepgen-n.c:260:17: call_function: calling ‘cm_scepgen_n_resign’ from ‘cm_scepgen_n_main’
#   96|   	u = sabuf = malloc(salen);
#   97|   	if (sabuf == NULL) {
#   98|-> 		cm_log(0, "Out of memory.\n");
#   99|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  100|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def746]
certmonger-0.79.21/src/scepgen-n.c:104:13: warning[-Wanalyzer-malloc-leak]: leak of ‘u’
certmonger-0.79.21/src/scepgen-n.c:85:12: branch_false: following ‘false’ branch (when ‘p7’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:89:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:90:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:94:17: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:96:21: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:97:12: branch_false: following ‘false’ branch (when ‘sabuf’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:104:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:104:13: throw: if ‘PKCS7_ATTR_SIGN_it’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:104:13: danger: ‘u’ leaks here; was allocated at [(5)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/4)
#  102|   	 * allows it to allocate the memory on its own, but we want to handle
#  103|   	 * that ourselves. */
#  104|-> 	l = ASN1_item_i2d((ASN1_VALUE *)sinfo->auth_attr, &u, ASN1_ITEM_rptr(PKCS7_ATTR_SIGN));
#  105|   	if (l != salen) {
#  106|   		cm_log(0, "Error encoding attributes.\n");

Error: COMPILER_WARNING (CWE-563): [#def747]
certmonger-0.79.21/src/scepgen-n.c:129:25: warning[-Wunused-parameter]: unused parameter ‘userdata’
#  129 |                   void *userdata)
#      |                   ~~~~~~^~~~~~~~
#  127|   static int
#  128|   cm_scepgen_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#  129|-> 		  void *userdata)
#  130|   {
#  131|   	FILE *status;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def748]
certmonger-0.79.21/src/scepgen-n.c:148:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-n.c:148:17: branch_true: ...to here
certmonger-0.79.21/src/scepgen-n.c:148:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:148:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/0)
#  146|   
#  147|   	if (ca->cm_ca_encryption_cert == NULL) {
#  148|-> 		cm_log(0, "Can't generate new SCEP request data without "
#  149|   		       "the RA/CA encryption certificate.\n");
#  150|   		_exit(CM_SUB_STATUS_NEED_SCEP_DATA);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def749]
certmonger-0.79.21/src/scepgen-n.c:155:15: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:155:15: throw: if ‘NSS_InitContext’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:155:15: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/0)
#  153|   	/* Start up NSS and open the database. */
#  154|   	errno = 0;
#  155|-> 	ctx = NSS_InitContext(entry->cm_key_storage_location,
#  156|   			      NULL, NULL, NULL, NULL,
#  157|   			      NSS_INIT_READONLY |

Error: GCC_ANALYZER_WARNING (CWE-401): [#def750]
certmonger-0.79.21/src/scepgen-n.c:160:14: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:160:14: throw: if ‘PORT_GetError’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:160:14: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/0)
#  158|   			      NSS_INIT_NOROOTINIT |
#  159|   			      NSS_INIT_NOMODDB);
#  160|-> 	ec = PORT_GetError();
#  161|   	if (ctx == NULL) {
#  162|   		if (ec != 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def751]
certmonger-0.79.21/src/scepgen-n.c:163:30: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-n.c:162:20: branch_true: ...to here
certmonger-0.79.21/src/scepgen-n.c:162:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-n.c:163:30: branch_true: ...to here
certmonger-0.79.21/src/scepgen-n.c:163:30: throw: if ‘PR_ErrorToName’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:163:30: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/0)
#  161|   	if (ctx == NULL) {
#  162|   		if (ec != 0) {
#  163|-> 			es = PR_ErrorToName(ec);
#  164|   		} else {
#  165|   			es = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def752]
certmonger-0.79.21/src/scepgen-n.c:171:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-n.c:162:20: branch_true: ...to here
certmonger-0.79.21/src/scepgen-n.c:162:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-n.c:163:30: branch_true: ...to here
certmonger-0.79.21/src/scepgen-n.c:167:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-n.c:168:25: branch_true: ...to here
certmonger-0.79.21/src/scepgen-n.c:171:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:171:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/0)
#  169|   				"'%s': %s.\n",
#  170|   				entry->cm_key_storage_location, es);
#  171|-> 			cm_log(0, "Error opening database '%s': %s.\n",
#  172|   			       entry->cm_key_storage_location, es);
#  173|   		} else {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def753]
certmonger-0.79.21/src/scepgen-n.c:176:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-n.c:162:20: branch_true: ...to here
certmonger-0.79.21/src/scepgen-n.c:176:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:176:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/0)
#  174|   			fprintf(status, "Error opening database '%s'.\n",
#  175|   				entry->cm_key_storage_location);
#  176|-> 			cm_log(0, "Error opening database '%s'.\n",
#  177|   			       entry->cm_key_storage_location);
#  178|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def754]
certmonger-0.79.21/src/scepgen-n.c:188:13: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:13: throw: if ‘NSS_ShutdownContext’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:188:13: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/0)
#  186|   		}
#  187|   	}
#  188|-> 	if (NSS_ShutdownContext(ctx) != SECSuccess) {
#  189|   		cm_log(0, "Error shutting down NSS.\n");
#  190|   		_exit(1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def755]
certmonger-0.79.21/src/scepgen-n.c:189:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-n.c:189:17: branch_true: ...to here
certmonger-0.79.21/src/scepgen-n.c:189:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:189:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/0)
#  187|   	}
#  188|   	if (NSS_ShutdownContext(ctx) != SECSuccess) {
#  189|-> 		cm_log(0, "Error shutting down NSS.\n");
#  190|   		_exit(1);
#  191|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def756]
certmonger-0.79.21/src/scepgen-n.c:192:15: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:192:15: throw: if ‘NSS_InitContext’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:192:15: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/0)
#  190|   		_exit(1);
#  191|   	}
#  192|-> 	ctx = NSS_InitContext(entry->cm_key_storage_location,
#  193|   			      NULL, NULL, NULL, NULL,
#  194|   			      NSS_INIT_READONLY |

Error: GCC_ANALYZER_WARNING (CWE-401): [#def757]
certmonger-0.79.21/src/scepgen-n.c:197:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-n.c:197:17: branch_true: ...to here
certmonger-0.79.21/src/scepgen-n.c:197:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:197:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/0)
#  195|   			      NSS_INIT_NOROOTINIT);
#  196|   	if (ctx == NULL) {
#  197|-> 		cm_log(0, "Unable to initialize NSS %s.\n", entry->cm_key_storage_location);
#  198|   		_exit(1);
#  199|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def758]
certmonger-0.79.21/src/scepgen-n.c:200:18: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:200:18: throw: if ‘util_n_fips_hook’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:200:18: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/0)
#  198|   		_exit(1);
#  199|   	}
#  200|-> 	reason = util_n_fips_hook();
#  201|   	if (reason != NULL) {
#  202|   		cm_log(0, "Error putting NSS into FIPS mode: %s\n", reason);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def759]
certmonger-0.79.21/src/scepgen-n.c:202:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-n.c:202:17: branch_true: ...to here
certmonger-0.79.21/src/scepgen-n.c:202:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:202:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/0)
#  200|   	reason = util_n_fips_hook();
#  201|   	if (reason != NULL) {
#  202|-> 		cm_log(0, "Error putting NSS into FIPS mode: %s\n", reason);
#  203|   		_exit(CM_SUB_STATUS_ERROR_INITIALIZING);
#  204|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def760]
certmonger-0.79.21/src/scepgen-n.c:207:9: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:207:9: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:207:9: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/0)
#  205|   
#  206|   	/* Use a dummy key to sign using OpenSSL. */
#  207|-> 	cm_log(1, "Generating dummy key.\n");
#  208|   	key = EVP_PKEY_new();
#  209|   	if (key == NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def761]
certmonger-0.79.21/src/scepgen-n.c:208:15: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:208:15: throw: if ‘EVP_PKEY_new’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:208:15: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/0)
#  206|   	/* Use a dummy key to sign using OpenSSL. */
#  207|   	cm_log(1, "Generating dummy key.\n");
#  208|-> 	key = EVP_PKEY_new();
#  209|   	if (key == NULL) {
#  210|   		cm_log(0, "Error allocating new key.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def762]
certmonger-0.79.21/src/scepgen-n.c:210:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:209:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-n.c:210:17: branch_true: ...to here
certmonger-0.79.21/src/scepgen-n.c:210:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:210:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/0)
#  208|   	key = EVP_PKEY_new();
#  209|   	if (key == NULL) {
#  210|-> 		cm_log(0, "Error allocating new key.\n");
#  211|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  212|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def763]
certmonger-0.79.21/src/scepgen-n.c:213:20: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:209:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:213:20: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:213:20: throw: if ‘BN_new’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:213:20: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/27/codeFlows/0/threadFlows/0/locations/0)
#  211|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  212|   	}
#  213|-> 	exponent = BN_new();
#  214|   	if (exponent == NULL) {
#  215|   		cm_log(0, "Error setting up exponent.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def764]
certmonger-0.79.21/src/scepgen-n.c:215:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:209:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:213:20: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:214:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-n.c:215:17: branch_true: ...to here
certmonger-0.79.21/src/scepgen-n.c:215:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:215:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/28/codeFlows/0/threadFlows/0/locations/0)
#  213|   	exponent = BN_new();
#  214|   	if (exponent == NULL) {
#  215|-> 		cm_log(0, "Error setting up exponent.\n");
#  216|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  217|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def765]
certmonger-0.79.21/src/scepgen-n.c:218:9: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:209:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:213:20: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:214:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:218:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:218:9: throw: if ‘BN_set_word’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:218:9: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/29/codeFlows/0/threadFlows/0/locations/0)
#  216|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  217|   	}
#  218|-> 	BN_set_word(exponent, CM_DEFAULT_RSA_EXPONENT);
#  219|   	rsa = RSA_new();
#  220|   	if (rsa == NULL) {

Error: COMPILER_WARNING (CWE-477): [#def766]
certmonger-0.79.21/src/scepgen-n.c: scope_hint: In function ‘cm_scepgen_n_main’
certmonger-0.79.21/src/scepgen-n.c:219:9: warning[-Wdeprecated-declarations]: ‘RSA_new’ is deprecated: Since OpenSSL 3.0
#  219 |         rsa = RSA_new();
#      |         ^~~
certmonger-0.79.21/src/scepgen-n.c:45: included_from: Included from here.
/usr/include/openssl/rsa.h:212:28: note: declared here
#  212 | OSSL_DEPRECATEDIN_3_0 RSA *RSA_new(void);
#      |                            ^~~~~~~
#  217|   	}
#  218|   	BN_set_word(exponent, CM_DEFAULT_RSA_EXPONENT);
#  219|-> 	rsa = RSA_new();
#  220|   	if (rsa == NULL) {
#  221|   		cm_log(0, "Error allocating new RSA key.\n");

Error: COMPILER_WARNING (CWE-477): [#def767]
certmonger-0.79.21/src/scepgen-n.c:219:9: warning[-Wdeprecated-declarations]: ‘RSA_new’ is deprecated: Since OpenSSL 3.0
#  217|   	}
#  218|   	BN_set_word(exponent, CM_DEFAULT_RSA_EXPONENT);
#  219|-> 	rsa = RSA_new();
#  220|   	if (rsa == NULL) {
#  221|   		cm_log(0, "Error allocating new RSA key.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def768]
certmonger-0.79.21/src/scepgen-n.c:219:15: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:209:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:213:20: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:214:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:218:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:219:15: throw: if ‘RSA_new’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:219:15: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/0)
#  217|   	}
#  218|   	BN_set_word(exponent, CM_DEFAULT_RSA_EXPONENT);
#  219|-> 	rsa = RSA_new();
#  220|   	if (rsa == NULL) {
#  221|   		cm_log(0, "Error allocating new RSA key.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def769]
certmonger-0.79.21/src/scepgen-n.c:221:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:209:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:213:20: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:214:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:218:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-n.c:221:17: branch_true: ...to here
certmonger-0.79.21/src/scepgen-n.c:221:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:221:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/31/codeFlows/0/threadFlows/0/locations/0)
#  219|   	rsa = RSA_new();
#  220|   	if (rsa == NULL) {
#  221|-> 		cm_log(0, "Error allocating new RSA key.\n");
#  222|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  223|   	}

Error: COMPILER_WARNING (CWE-477): [#def770]
certmonger-0.79.21/src/scepgen-n.c:225:9: warning[-Wdeprecated-declarations]: ‘RSA_generate_key_ex’ is deprecated: Since OpenSSL 3.0
#  225 |         if (RSA_generate_key_ex(rsa, CM_DEFAULT_PUBKEY_SIZE, exponent, NULL) != 1) {
#      |         ^~
/usr/include/openssl/rsa.h:271:27: note: declared here
#  271 | OSSL_DEPRECATEDIN_3_0 int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e,
#      |                           ^~~~~~~~~~~~~~~~~~~
#  223|   	}
#  224|   retry_gen:
#  225|-> 	if (RSA_generate_key_ex(rsa, CM_DEFAULT_PUBKEY_SIZE, exponent, NULL) != 1) {
#  226|   		cm_log(0, "Error generating key.\n");
#  227|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);

Error: COMPILER_WARNING (CWE-477): [#def771]
certmonger-0.79.21/src/scepgen-n.c:225:9: warning[-Wdeprecated-declarations]: ‘RSA_generate_key_ex’ is deprecated: Since OpenSSL 3.0
#  223|   	}
#  224|   retry_gen:
#  225|-> 	if (RSA_generate_key_ex(rsa, CM_DEFAULT_PUBKEY_SIZE, exponent, NULL) != 1) {
#  226|   		cm_log(0, "Error generating key.\n");
#  227|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def772]
certmonger-0.79.21/src/scepgen-n.c:225:13: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:209:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:213:20: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:214:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:218:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:225:13: throw: if ‘RSA_generate_key_ex’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:225:13: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/32/codeFlows/0/threadFlows/0/locations/0)
#  223|   	}
#  224|   retry_gen:
#  225|-> 	if (RSA_generate_key_ex(rsa, CM_DEFAULT_PUBKEY_SIZE, exponent, NULL) != 1) {
#  226|   		cm_log(0, "Error generating key.\n");
#  227|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def773]
certmonger-0.79.21/src/scepgen-n.c:226:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:209:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:213:20: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:214:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:218:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:226:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:226:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/33/codeFlows/0/threadFlows/0/locations/0)
#  224|   retry_gen:
#  225|   	if (RSA_generate_key_ex(rsa, CM_DEFAULT_PUBKEY_SIZE, exponent, NULL) != 1) {
#  226|-> 		cm_log(0, "Error generating key.\n");
#  227|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  228|   	}

Error: COMPILER_WARNING (CWE-477): [#def774]
certmonger-0.79.21/src/scepgen-n.c:229:9: warning[-Wdeprecated-declarations]: ‘RSA_check_key’ is deprecated: Since OpenSSL 3.0
#  229 |         if (RSA_check_key(rsa) != 1) { /* should be unnecessary */
#      |         ^~
/usr/include/openssl/rsa.h:289:27: note: declared here
#  289 | OSSL_DEPRECATEDIN_3_0 int RSA_check_key(const RSA *);
#      |                           ^~~~~~~~~~~~~
#  227|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  228|   	}
#  229|-> 	if (RSA_check_key(rsa) != 1) { /* should be unnecessary */
#  230|   		cm_log(1, "Key fails checks.  Retrying.\n");
#  231|   		goto retry_gen;

Error: COMPILER_WARNING (CWE-477): [#def775]
certmonger-0.79.21/src/scepgen-n.c:229:9: warning[-Wdeprecated-declarations]: ‘RSA_check_key’ is deprecated: Since OpenSSL 3.0
#  227|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  228|   	}
#  229|-> 	if (RSA_check_key(rsa) != 1) { /* should be unnecessary */
#  230|   		cm_log(1, "Key fails checks.  Retrying.\n");
#  231|   		goto retry_gen;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def776]
certmonger-0.79.21/src/scepgen-n.c:229:13: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:209:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:213:20: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:214:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:218:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:225:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:229:13: throw: if ‘RSA_check_key’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:229:13: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/34/codeFlows/0/threadFlows/0/locations/0)
#  227|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  228|   	}
#  229|-> 	if (RSA_check_key(rsa) != 1) { /* should be unnecessary */
#  230|   		cm_log(1, "Key fails checks.  Retrying.\n");
#  231|   		goto retry_gen;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def777]
certmonger-0.79.21/src/scepgen-n.c:230:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:209:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:213:20: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:214:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:218:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:225:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:229:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-n.c:230:17: branch_true: ...to here
certmonger-0.79.21/src/scepgen-n.c:230:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:230:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/35/codeFlows/0/threadFlows/0/locations/0)
#  228|   	}
#  229|   	if (RSA_check_key(rsa) != 1) { /* should be unnecessary */
#  230|-> 		cm_log(1, "Key fails checks.  Retrying.\n");
#  231|   		goto retry_gen;
#  232|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def778]
certmonger-0.79.21/src/scepgen-n.c:233:9: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:209:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:213:20: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:214:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:218:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:225:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:233:9: throw: if ‘BN_free’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:233:9: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/36/codeFlows/0/threadFlows/0/locations/0)
#  231|   		goto retry_gen;
#  232|   	}
#  233|-> 	BN_free(exponent);
#  234|   
#  235|   	/* Read the proper keys. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def779]
certmonger-0.79.21/src/scepgen-n.c:236:16: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:209:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:213:20: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:214:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:218:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:225:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:236:16: throw: if ‘cm_keyiread_n_get_keys’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:236:16: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/37/codeFlows/0/threadFlows/0/locations/0)
#  234|   
#  235|   	/* Read the proper keys. */
#  236|-> 	keys = cm_keyiread_n_get_keys(entry, 0);
#  237|   	if ((keys->privkey->keyType != rsaKey) ||
#  238|   	    ((keys->privkey_next != NULL) &&

Error: GCC_ANALYZER_WARNING (CWE-401): [#def780]
certmonger-0.79.21/src/scepgen-n.c:240:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:209:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:213:20: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:214:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:218:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:225:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:240:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:240:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/38/codeFlows/0/threadFlows/0/locations/0)
#  238|   	    ((keys->privkey_next != NULL) &&
#  239|   	     (keys->privkey_next->keyType != rsaKey))) {
#  240|-> 		cm_log(0, "Keys aren't RSA.  They won't work with SCEP.\n");
#  241|   		_exit(CM_SUB_STATUS_ERROR_KEY_TYPE);
#  242|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def781]
certmonger-0.79.21/src/scepgen-n.c:245:9: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:209:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:213:20: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:214:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:218:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:225:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:238:15: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:245:9: throw: if ‘EVP_PKEY_set1_RSA’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:245:9: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/39/codeFlows/0/threadFlows/0/locations/0)
#  243|   
#  244|   	/* Sign using a dummy key. */
#  245|-> 	EVP_PKEY_set1_RSA(key, rsa);
#  246|   	csr_new = NULL;
#  247|   	csr_old = NULL;

Error: COMPILER_WARNING (CWE-477): [#def782]
certmonger-0.79.21/src/scepgen-n.c:245:9: warning[-Wdeprecated-declarations]: ‘EVP_PKEY_set1_RSA’ is deprecated: Since OpenSSL 3.0
#  245 |         EVP_PKEY_set1_RSA(key, rsa);
#      |         ^~~~~~~~~~~~~~~~~
certmonger-0.79.21/src/scepgen-n.c:43: included_from: Included from here.
/usr/include/openssl/evp.h:1414:5: note: declared here
# 1414 | int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, struct rsa_st *key);
#      |     ^~~~~~~~~~~~~~~~~
#  243|   
#  244|   	/* Sign using a dummy key. */
#  245|-> 	EVP_PKEY_set1_RSA(key, rsa);
#  246|   	csr_new = NULL;
#  247|   	csr_old = NULL;

Error: COMPILER_WARNING (CWE-477): [#def783]
certmonger-0.79.21/src/scepgen-n.c:245:9: warning[-Wdeprecated-declarations]: ‘EVP_PKEY_set1_RSA’ is deprecated: Since OpenSSL 3.0
#  243|   
#  244|   	/* Sign using a dummy key. */
#  245|-> 	EVP_PKEY_set1_RSA(key, rsa);
#  246|   	csr_new = NULL;
#  247|   	csr_old = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def784]
certmonger-0.79.21/src/scepgen-n.c:250:9: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:209:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:213:20: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:214:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:218:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:225:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:238:15: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:250:9: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:250:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:250:9: throw: if ‘cm_scepgen_o_cooked’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:250:9: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/40/codeFlows/0/threadFlows/0/locations/0)
#  248|   	ias_new = NULL;
#  249|   	ias_old = NULL;
#  250|-> 	cm_scepgen_o_cooked(ca, entry,
#  251|   			    nonce, sizeof(nonce),
#  252|   			    key, (keys->privkey_next != NULL) ? key : NULL,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def785]
certmonger-0.79.21/src/scepgen-n.c:255:9: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:209:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:213:20: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:214:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:218:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:225:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:238:15: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:255:9: throw: if ‘EVP_PKEY_free’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:255:9: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/41/codeFlows/0/threadFlows/0/locations/0)
#  253|   			    &csr_new, &csr_old,
#  254|   			    &ias_new, &ias_old);
#  255|-> 	EVP_PKEY_free(key);
#  256|   
#  257|   	/* Re-sign using the proper keys. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def786]
certmonger-0.79.21/src/scepgen-n.c:259:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:209:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:213:20: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:214:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:218:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:225:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:238:15: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:258:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-n.c:259:17: branch_true: ...to here
certmonger-0.79.21/src/scepgen-n.c:259:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:259:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/42/codeFlows/0/threadFlows/0/locations/0)
#  257|   	/* Re-sign using the proper keys. */
#  258|   	if (csr_old != NULL) {
#  259|-> 		cm_log(1, "Re-signing PKCSREQ message with old key.\n");
#  260|   		cm_scepgen_n_resign(csr_old, keys->privkey);
#  261|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def787]
certmonger-0.79.21/src/scepgen-n.c:263:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:209:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:213:20: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:214:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:218:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:225:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:238:15: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:258:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:262:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:262:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-n.c:263:17: branch_true: ...to here
certmonger-0.79.21/src/scepgen-n.c:263:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:263:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/43/codeFlows/0/threadFlows/0/locations/0)
#  261|   	}
#  262|   	if (ias_old != NULL) {
#  263|-> 		cm_log(1, "Re-signing GetCertInitial message with old key.\n");
#  264|   		cm_scepgen_n_resign(ias_old, keys->privkey);
#  265|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def788]
certmonger-0.79.21/src/scepgen-n.c:268:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:209:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:213:20: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:214:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:218:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:225:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:238:15: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:238:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:245:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:258:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:262:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:262:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:266:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:266:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-n.c:267:21: branch_true: ...to here
certmonger-0.79.21/src/scepgen-n.c:267:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-n.c:268:25: branch_true: ...to here
certmonger-0.79.21/src/scepgen-n.c:268:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:268:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/44/codeFlows/0/threadFlows/0/locations/0)
#  266|   	if (keys->privkey_next != NULL) {
#  267|   		if (csr_new != NULL) {
#  268|-> 			cm_log(1, "Re-signing PKCSREQ rekeying message with "
#  269|   			       "new key.\n");
#  270|   			cm_scepgen_n_resign(csr_new, keys->privkey_next);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def789]
certmonger-0.79.21/src/scepgen-n.c:273:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:209:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:213:20: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:214:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:218:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:225:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:238:15: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:238:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:245:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:258:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:262:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:262:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:266:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:266:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-n.c:267:21: branch_true: ...to here
certmonger-0.79.21/src/scepgen-n.c:267:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:272:21: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:272:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-n.c:273:25: branch_true: ...to here
certmonger-0.79.21/src/scepgen-n.c:273:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:273:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/45/codeFlows/0/threadFlows/0/locations/0)
#  271|   		}
#  272|   		if (ias_new != NULL) {
#  273|-> 			cm_log(1, "Re-signing GetCertInitial rekeying message "
#  274|   			       "with new key.\n");
#  275|   			cm_scepgen_n_resign(ias_new, keys->privkey_next);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def790]
certmonger-0.79.21/src/scepgen-n.c:279:13: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:209:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:213:20: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:214:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:218:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:225:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:238:15: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:258:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:262:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:262:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:266:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:279:13: throw: if ‘cm_store_base64_from_bin’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:279:13: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/46/codeFlows/0/threadFlows/0/locations/0)
#  277|   	}
#  278|   
#  279|-> 	p = cm_store_base64_from_bin(NULL, nonce, sizeof(nonce));
#  280|   	fprintf(status, "%s:", p ? p : "");
#  281|   	p = csr_old ? cm_scepgen_o_b64_from_p7(NULL, csr_old) : NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def791]
certmonger-0.79.21/src/scepgen-n.c:281:23: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:209:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:213:20: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:214:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:218:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:225:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:238:15: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:258:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:262:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:262:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:266:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:281:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-n.c:281:23: branch_true: ...to here
certmonger-0.79.21/src/scepgen-n.c:281:23: throw: if ‘cm_scepgen_o_b64_from_p7’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:281:23: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/47/codeFlows/0/threadFlows/0/locations/0)
#  279|   	p = cm_store_base64_from_bin(NULL, nonce, sizeof(nonce));
#  280|   	fprintf(status, "%s:", p ? p : "");
#  281|-> 	p = csr_old ? cm_scepgen_o_b64_from_p7(NULL, csr_old) : NULL;
#  282|   	fprintf(status, "%s:", p ? p : "");
#  283|   	p = ias_old ? cm_scepgen_o_b64_from_p7(NULL, ias_old) : NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def792]
certmonger-0.79.21/src/scepgen-n.c:283:23: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:209:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:213:20: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:214:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:218:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:225:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:238:15: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:258:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:262:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:262:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:266:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:283:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-n.c:283:23: branch_true: ...to here
certmonger-0.79.21/src/scepgen-n.c:283:23: throw: if ‘cm_scepgen_o_b64_from_p7’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:283:23: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/48/codeFlows/0/threadFlows/0/locations/0)
#  281|   	p = csr_old ? cm_scepgen_o_b64_from_p7(NULL, csr_old) : NULL;
#  282|   	fprintf(status, "%s:", p ? p : "");
#  283|-> 	p = ias_old ? cm_scepgen_o_b64_from_p7(NULL, ias_old) : NULL;
#  284|   	fprintf(status, "%s:", p ? p : "");
#  285|   	p = csr_new ? cm_scepgen_o_b64_from_p7(NULL, csr_new) : NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def793]
certmonger-0.79.21/src/scepgen-n.c:285:23: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:209:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:213:20: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:214:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:218:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:225:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:238:15: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:258:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:262:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:262:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:266:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:285:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-n.c:285:23: branch_true: ...to here
certmonger-0.79.21/src/scepgen-n.c:285:23: throw: if ‘cm_scepgen_o_b64_from_p7’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:285:23: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/49/codeFlows/0/threadFlows/0/locations/0)
#  283|   	p = ias_old ? cm_scepgen_o_b64_from_p7(NULL, ias_old) : NULL;
#  284|   	fprintf(status, "%s:", p ? p : "");
#  285|-> 	p = csr_new ? cm_scepgen_o_b64_from_p7(NULL, csr_new) : NULL;
#  286|   	fprintf(status, "%s:", p ? p : "");
#  287|   	p = ias_new ? cm_scepgen_o_b64_from_p7(NULL, ias_new) : NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def794]
certmonger-0.79.21/src/scepgen-n.c:287:23: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-n.c:142:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-n.c:143:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-n.c:147:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:147:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:154:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:161:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:188:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:188:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:192:31: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:196:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:200:18: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:201:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:207:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:209:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:213:20: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:214:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:218:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:220:12: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:225:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:229:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:237:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:238:15: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:258:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:262:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:262:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-n.c:266:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-n.c:287:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-n.c:287:23: branch_true: ...to here
certmonger-0.79.21/src/scepgen-n.c:287:23: throw: if ‘cm_scepgen_o_b64_from_p7’ throws an exception...
certmonger-0.79.21/src/scepgen-n.c:287:23: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/50/codeFlows/0/threadFlows/0/locations/0)
#  285|   	p = csr_new ? cm_scepgen_o_b64_from_p7(NULL, csr_new) : NULL;
#  286|   	fprintf(status, "%s:", p ? p : "");
#  287|-> 	p = ias_new ? cm_scepgen_o_b64_from_p7(NULL, ias_new) : NULL;
#  288|   	fprintf(status, "%s:\n", p ? p : "");
#  289|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def795]
certmonger-0.79.21/src/scepgen-o.c:79:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-o.c:716:1: enter_function: entry to ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:725:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-o.c:726:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-o.c:730:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:730:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:736:34: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:736:20: call_function: calling ‘key_from_file’ from ‘cm_scepgen_o_main’
#   77|   	if (keyfp == NULL) {
#   78|   		if (errno != ENOENT) {
#   79|-> 			cm_log(0, "Error opening key file \"%s\" "
#   80|   			       "for reading: %s.\n",
#   81|   			       filename, strerror(errno));

Error: GCC_ANALYZER_WARNING (CWE-775): [#def796]
certmonger-0.79.21/src/scepgen-o.c:85:12: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(filename, "r")’
certmonger-0.79.21/src/scepgen-o.c:76:17: acquire_resource: opened here
certmonger-0.79.21/src/scepgen-o.c:77:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:85:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:85:12: danger: ‘fopen(filename, "r")’ leaks here; was opened at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#   83|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#   84|   	}
#   85|-> 	if (cm_pin_read_for_key(entry, &pin) != 0) {
#   86|   		cm_log(0, "Internal error reading key encryption PIN.\n");
#   87|   		_exit(CM_SUB_STATUS_ERROR_AUTH);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def797]
certmonger-0.79.21/src/scepgen-o.c:85:12: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "r")’
certmonger-0.79.21/src/scepgen-o.c:76:17: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-o.c:77:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:85:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:85:12: danger: ‘fopen(filename, "r")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#   83|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#   84|   	}
#   85|-> 	if (cm_pin_read_for_key(entry, &pin) != 0) {
#   86|   		cm_log(0, "Internal error reading key encryption PIN.\n");
#   87|   		_exit(CM_SUB_STATUS_ERROR_AUTH);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def798]
certmonger-0.79.21/src/scepgen-o.c:85:13: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(filename, "r")’
certmonger-0.79.21/src/scepgen-o.c:76:17: acquire_resource: opened here
certmonger-0.79.21/src/scepgen-o.c:77:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:85:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:85:13: throw: if ‘cm_pin_read_for_key’ throws an exception...
certmonger-0.79.21/src/scepgen-o.c:85:13: danger: ‘fopen(filename, "r")’ leaks here; was opened at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
#   83|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#   84|   	}
#   85|-> 	if (cm_pin_read_for_key(entry, &pin) != 0) {
#   86|   		cm_log(0, "Internal error reading key encryption PIN.\n");
#   87|   		_exit(CM_SUB_STATUS_ERROR_AUTH);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def799]
certmonger-0.79.21/src/scepgen-o.c:85:13: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "r")’
certmonger-0.79.21/src/scepgen-o.c:76:17: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-o.c:77:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:85:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:85:13: throw: if ‘cm_pin_read_for_key’ throws an exception...
certmonger-0.79.21/src/scepgen-o.c:85:13: danger: ‘fopen(filename, "r")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
#   83|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#   84|   	}
#   85|-> 	if (cm_pin_read_for_key(entry, &pin) != 0) {
#   86|   		cm_log(0, "Internal error reading key encryption PIN.\n");
#   87|   		_exit(CM_SUB_STATUS_ERROR_AUTH);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def800]
certmonger-0.79.21/src/scepgen-o.c:85:13: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-o.c:716:1: enter_function: entry to ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:725:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-o.c:726:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-o.c:730:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:730:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:736:34: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:736:20: call_function: calling ‘key_from_file’ from ‘cm_scepgen_o_main’
#   83|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#   84|   	}
#   85|-> 	if (cm_pin_read_for_key(entry, &pin) != 0) {
#   86|   		cm_log(0, "Internal error reading key encryption PIN.\n");
#   87|   		_exit(CM_SUB_STATUS_ERROR_AUTH);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def801]
certmonger-0.79.21/src/scepgen-o.c:86:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-o.c:716:1: enter_function: entry to ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:725:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-o.c:726:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-o.c:730:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:730:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:736:34: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:736:20: call_function: calling ‘key_from_file’ from ‘cm_scepgen_o_main’
#   84|   	}
#   85|   	if (cm_pin_read_for_key(entry, &pin) != 0) {
#   86|-> 		cm_log(0, "Internal error reading key encryption PIN.\n");
#   87|   		_exit(CM_SUB_STATUS_ERROR_AUTH);
#   88|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def802]
certmonger-0.79.21/src/scepgen-o.c:92:16: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(filename, "r")’
certmonger-0.79.21/src/scepgen-o.c:76:17: acquire_resource: opened here
certmonger-0.79.21/src/scepgen-o.c:77:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:85:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:85:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:89:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:92:16: danger: ‘fopen(filename, "r")’ leaks here; was opened at [(1)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/0)
#   90|   	cb_data.entry = entry;
#   91|   	cb_data.n_attempts = 0;
#   92|-> 	pkey = PEM_read_PrivateKey(keyfp, NULL,
#   93|   				   cm_pin_read_for_key_ossl_cb, &cb_data);
#   94|   	if (pkey == NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def803]
certmonger-0.79.21/src/scepgen-o.c:92:16: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "r")’
certmonger-0.79.21/src/scepgen-o.c:76:17: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-o.c:77:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:85:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:85:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:89:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:92:16: danger: ‘fopen(filename, "r")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/0)
#   90|   	cb_data.entry = entry;
#   91|   	cb_data.n_attempts = 0;
#   92|-> 	pkey = PEM_read_PrivateKey(keyfp, NULL,
#   93|   				   cm_pin_read_for_key_ossl_cb, &cb_data);
#   94|   	if (pkey == NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def804]
certmonger-0.79.21/src/scepgen-o.c:92:16: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-o.c:716:1: enter_function: entry to ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:725:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-o.c:726:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-o.c:730:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:730:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:736:34: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:736:20: call_function: calling ‘key_from_file’ from ‘cm_scepgen_o_main’
#   90|   	cb_data.entry = entry;
#   91|   	cb_data.n_attempts = 0;
#   92|-> 	pkey = PEM_read_PrivateKey(keyfp, NULL,
#   93|   				   cm_pin_read_for_key_ossl_cb, &cb_data);
#   94|   	if (pkey == NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def805]
certmonger-0.79.21/src/scepgen-o.c:96:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-o.c:716:1: enter_function: entry to ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:725:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-o.c:726:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-o.c:730:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:730:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:736:34: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:736:20: call_function: calling ‘key_from_file’ from ‘cm_scepgen_o_main’
#   94|   	if (pkey == NULL) {
#   95|   		error = errno;
#   96|-> 		cm_log(0, "Error reading private key '%s': %s.\n",
#   97|   		       filename, strerror(error));
#   98|   		while ((error = ERR_get_error()) != 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def806]
certmonger-0.79.21/src/scepgen-o.c:98:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-o.c:716:1: enter_function: entry to ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:725:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-o.c:726:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-o.c:730:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:730:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:736:34: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:736:20: call_function: calling ‘key_from_file’ from ‘cm_scepgen_o_main’
#   96|   		cm_log(0, "Error reading private key '%s': %s.\n",
#   97|   		       filename, strerror(error));
#   98|-> 		while ((error = ERR_get_error()) != 0) {
#   99|   			ERR_error_string_n(error, buf, sizeof(buf));
#  100|   			cm_log(0, "%s\n", buf);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def807]
certmonger-0.79.21/src/scepgen-o.c:107:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-o.c:716:1: enter_function: entry to ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:725:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-o.c:726:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-o.c:730:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:730:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:736:34: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:736:20: call_function: calling ‘key_from_file’ from ‘cm_scepgen_o_main’
#  105|   		    (strlen(pin) > 0) &&
#  106|   		    (cb_data.n_attempts == 0)) {
#  107|-> 			cm_log(0, "PIN was not needed to read private "
#  108|   			       "key '%s', though one was provided. "
#  109|   			       "Treating this as an error.\n",

Error: COMPILER_WARNING (CWE-563): [#def808]
certmonger-0.79.21/src/scepgen-o.c: scope_hint: In function ‘cert_from_pem’
certmonger-0.79.21/src/scepgen-o.c:122:49: warning[-Wunused-parameter]: unused parameter ‘entry’
#  122 | cert_from_pem(char *pem, struct cm_store_entry *entry)
#      |                          ~~~~~~~~~~~~~~~~~~~~~~~^~~~~
#  120|   
#  121|   static X509 *
#  122|-> cert_from_pem(char *pem, struct cm_store_entry *entry)
#  123|   {
#  124|   	BIO *in;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def809]
certmonger-0.79.21/src/scepgen-o.c:128:22: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-o.c:716:1: enter_function: entry to ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:725:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-o.c:726:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-o.c:730:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:730:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:736:34: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:736:20: call_function: calling ‘key_from_file’ from ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:736:20: return_function: returning to ‘cm_scepgen_o_main’ from ‘key_from_file’
certmonger-0.79.21/src/scepgen-o.c:762:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:768:9: call_function: calling ‘cm_scepgen_o_cooked’ from ‘cm_scepgen_o_main’
#  126|   
#  127|   	if ((pem != NULL) && (strlen(pem) > 0)) {
#  128|-> 		in = BIO_new_mem_buf(pem, -1);
#  129|   		if (in == NULL) {
#  130|   			cm_log(0, "Out of memory.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def810]
certmonger-0.79.21/src/scepgen-o.c:130:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-o.c:716:1: enter_function: entry to ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:725:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-o.c:726:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-o.c:730:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:730:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:736:34: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:736:20: call_function: calling ‘key_from_file’ from ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:736:20: return_function: returning to ‘cm_scepgen_o_main’ from ‘key_from_file’
certmonger-0.79.21/src/scepgen-o.c:762:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:768:9: call_function: calling ‘cm_scepgen_o_cooked’ from ‘cm_scepgen_o_main’
#  128|   		in = BIO_new_mem_buf(pem, -1);
#  129|   		if (in == NULL) {
#  130|-> 			cm_log(0, "Out of memory.\n");
#  131|   			_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  132|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def811]
certmonger-0.79.21/src/scepgen-o.c:193:13: warning[-Wanalyzer-malloc-leak]: leak of ‘u’
certmonger-0.79.21/src/scepgen-o.c:188:13: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-o.c:189:12: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/scepgen-o.c:192:9: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:193:13: throw: if ‘i2d_PKCS7’ throws an exception...
certmonger-0.79.21/src/scepgen-o.c:193:13: danger: ‘u’ leaks here; was allocated at [(1)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/0)
#  191|   	}
#  192|   	u = p;
#  193|-> 	if (i2d_PKCS7(p7, &u) != len) {
#  194|   		free(p);
#  195|   		return NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def812]
certmonger-0.79.21/src/scepgen-o.c:395:9: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-o.c:716:1: enter_function: entry to ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:725:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-o.c:726:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-o.c:730:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:730:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:736:34: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:736:20: call_function: calling ‘key_from_file’ from ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:736:20: return_function: returning to ‘cm_scepgen_o_main’ from ‘key_from_file’
certmonger-0.79.21/src/scepgen-o.c:762:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:768:9: call_function: calling ‘cm_scepgen_o_cooked’ from ‘cm_scepgen_o_main’
#  393|   	enum cm_prefs_digest digest, pref_digest;
#  394|   
#  395|-> 	util_o_init();
#  396|   	ERR_load_crypto_strings();
#  397|           if (RAND_status() != 1) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def813]
certmonger-0.79.21/src/scepgen-o.c:397:13: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-o.c:716:1: enter_function: entry to ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:725:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-o.c:726:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-o.c:730:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:730:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:736:34: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:736:20: call_function: calling ‘key_from_file’ from ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:736:20: return_function: returning to ‘cm_scepgen_o_main’ from ‘key_from_file’
certmonger-0.79.21/src/scepgen-o.c:762:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:768:9: call_function: calling ‘cm_scepgen_o_cooked’ from ‘cm_scepgen_o_main’
#  395|   	util_o_init();
#  396|   	ERR_load_crypto_strings();
#  397|->         if (RAND_status() != 1) {
#  398|   		cm_log(0, "PRNG not seeded for generating key.\n");
#  399|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def814]
certmonger-0.79.21/src/scepgen-o.c:398:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-o.c:716:1: enter_function: entry to ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:725:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-o.c:726:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-o.c:730:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:730:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:736:34: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:736:20: call_function: calling ‘key_from_file’ from ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:736:20: return_function: returning to ‘cm_scepgen_o_main’ from ‘key_from_file’
certmonger-0.79.21/src/scepgen-o.c:762:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:768:9: call_function: calling ‘cm_scepgen_o_cooked’ from ‘cm_scepgen_o_main’
#  396|   	ERR_load_crypto_strings();
#  397|           if (RAND_status() != 1) {
#  398|-> 		cm_log(0, "PRNG not seeded for generating key.\n");
#  399|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  400|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def815]
certmonger-0.79.21/src/scepgen-o.c:401:13: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-o.c:716:1: enter_function: entry to ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:725:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-o.c:726:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-o.c:730:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:730:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:736:34: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:736:20: call_function: calling ‘key_from_file’ from ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:736:20: return_function: returning to ‘cm_scepgen_o_main’ from ‘key_from_file’
certmonger-0.79.21/src/scepgen-o.c:762:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:768:9: call_function: calling ‘cm_scepgen_o_cooked’ from ‘cm_scepgen_o_main’
#  399|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  400|   	}
#  401|-> 	if (RAND_bytes(nonce, nonce_length) == -1) {
#  402|   		cm_log(0, "PRNG unable to generate nonce.\n");
#  403|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def816]
certmonger-0.79.21/src/scepgen-o.c:402:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-o.c:716:1: enter_function: entry to ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:725:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-o.c:726:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-o.c:730:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:730:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:736:34: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:736:20: call_function: calling ‘key_from_file’ from ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:736:20: return_function: returning to ‘cm_scepgen_o_main’ from ‘key_from_file’
certmonger-0.79.21/src/scepgen-o.c:762:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:768:9: call_function: calling ‘cm_scepgen_o_cooked’ from ‘cm_scepgen_o_main’
#  400|   	}
#  401|   	if (RAND_bytes(nonce, nonce_length) == -1) {
#  402|-> 		cm_log(0, "PRNG unable to generate nonce.\n");
#  403|   		_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  404|   	}

Error: COMPILER_WARNING (CWE-563): [#def817]
certmonger-0.79.21/src/scepgen-o.c: scope_hint: In function ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:717:25: warning[-Wunused-parameter]: unused parameter ‘userdata’
#  717 |                   void *userdata)
#      |                   ~~~~~~^~~~~~~~
#  715|   static int
#  716|   cm_scepgen_o_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#  717|-> 		  void *userdata)
#  718|   {
#  719|   	unsigned char nonce[16];

Error: GCC_ANALYZER_WARNING (CWE-401): [#def818]
certmonger-0.79.21/src/scepgen-o.c:731:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-o.c:725:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-o.c:726:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-o.c:730:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:730:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-o.c:731:17: branch_true: ...to here
certmonger-0.79.21/src/scepgen-o.c:731:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/scepgen-o.c:731:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/0)
#  729|   
#  730|   	if (ca->cm_ca_encryption_cert == NULL) {
#  731|-> 		cm_log(0, "Can't generate new SCEP request data without "
#  732|   		       "the RA/CA encryption certificate.\n");
#  733|   		_exit(CM_SUB_STATUS_NEED_SCEP_DATA);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def819]
certmonger-0.79.21/src/scepgen-o.c:744:28: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-o.c:716:1: enter_function: entry to ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:725:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-o.c:726:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-o.c:730:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:730:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:736:34: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:736:20: call_function: calling ‘key_from_file’ from ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:736:20: return_function: returning to ‘cm_scepgen_o_main’ from ‘key_from_file’
certmonger-0.79.21/src/scepgen-o.c:742:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-o.c:743:13: branch_true: ...to here
certmonger-0.79.21/src/scepgen-o.c:742:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-o.c:744:53: branch_true: ...to here
certmonger-0.79.21/src/scepgen-o.c:744:28: throw: if ‘util_build_next_filename’ throws an exception...
certmonger-0.79.21/src/scepgen-o.c:744:28: danger: ‘status’ leaks here; was allocated at [(2)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/1)
#  742|   	if ((entry->cm_key_next_marker != NULL) &&
#  743|   	    (strlen(entry->cm_key_next_marker) > 0)) {
#  744|-> 		filename = util_build_next_filename(entry->cm_key_storage_location,
#  745|   						    entry->cm_key_next_marker);
#  746|   		if (filename == NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def820]
certmonger-0.79.21/src/scepgen-o.c:747:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-o.c:716:1: enter_function: entry to ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:725:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-o.c:726:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-o.c:730:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:730:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:736:34: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:736:20: call_function: calling ‘key_from_file’ from ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:736:20: return_function: returning to ‘cm_scepgen_o_main’ from ‘key_from_file’
certmonger-0.79.21/src/scepgen-o.c:742:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-o.c:743:13: branch_true: ...to here
certmonger-0.79.21/src/scepgen-o.c:742:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-o.c:744:53: branch_true: ...to here
certmonger-0.79.21/src/scepgen-o.c:746:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-o.c:748:41: branch_true: ...to here
certmonger-0.79.21/src/scepgen-o.c:747:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/scepgen-o.c:747:25: danger: ‘status’ leaks here; was allocated at [(2)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/1)
#  745|   						    entry->cm_key_next_marker);
#  746|   		if (filename == NULL) {
#  747|-> 			cm_log(0, "Error opening key file for reading: %s.\n",
#  748|   			       strerror(errno));
#  749|   			_exit(CM_SUB_STATUS_INTERNAL_ERROR);

Error: CPPCHECK_WARNING (CWE-415): [#def821]
certmonger-0.79.21/src/scepgen-o.c:758: error[doubleFree]: Memory pointed to by 'filename' is freed twice.
#  756|   			_exit(CM_SUB_STATUS_INTERNAL_ERROR);
#  757|   		}
#  758|-> 		free(filename);
#  759|   	} else {
#  760|   		new_pkey = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def822]
certmonger-0.79.21/src/scepgen-o.c:762:14: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-o.c:716:1: enter_function: entry to ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:725:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-o.c:726:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-o.c:730:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:730:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:736:34: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:736:20: call_function: calling ‘key_from_file’ from ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:736:20: return_function: returning to ‘cm_scepgen_o_main’ from ‘key_from_file’
certmonger-0.79.21/src/scepgen-o.c:762:14: throw: if ‘util_EVP_PKEY_base_id’ throws an exception...
certmonger-0.79.21/src/scepgen-o.c:762:14: danger: ‘status’ leaks here; was allocated at [(2)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/1)
#  760|   		new_pkey = NULL;
#  761|   	}
#  762|-> 	if ((util_EVP_PKEY_base_id(old_pkey) != EVP_PKEY_RSA) ||
#  763|   	    ((new_pkey != NULL) && (util_EVP_PKEY_base_id(new_pkey) != EVP_PKEY_RSA))) {
#  764|   		cm_log(0, "Keys aren't RSA.  They won't work with SCEP.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def823]
certmonger-0.79.21/src/scepgen-o.c:763:37: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-o.c:716:1: enter_function: entry to ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:725:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-o.c:726:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-o.c:730:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:730:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:736:34: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:736:20: call_function: calling ‘key_from_file’ from ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:736:20: return_function: returning to ‘cm_scepgen_o_main’ from ‘key_from_file’
certmonger-0.79.21/src/scepgen-o.c:742:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-o.c:743:13: branch_true: ...to here
certmonger-0.79.21/src/scepgen-o.c:742:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-o.c:744:53: branch_true: ...to here
certmonger-0.79.21/src/scepgen-o.c:746:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:751:28: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:751:28: call_function: calling ‘key_from_file’ from ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:751:28: return_function: returning to ‘cm_scepgen_o_main’ from ‘key_from_file’
certmonger-0.79.21/src/scepgen-o.c:762:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:762:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:762:13: branch_true: following ‘true’ branch (when ‘new_pkey’ is non-NULL)...
certmonger-0.79.21/src/scepgen-o.c:763:37: branch_true: ...to here
certmonger-0.79.21/src/scepgen-o.c:763:37: throw: if ‘util_EVP_PKEY_base_id’ throws an exception...
certmonger-0.79.21/src/scepgen-o.c:763:37: danger: ‘status’ leaks here; was allocated at [(2)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/1)
#  761|   	}
#  762|   	if ((util_EVP_PKEY_base_id(old_pkey) != EVP_PKEY_RSA) ||
#  763|-> 	    ((new_pkey != NULL) && (util_EVP_PKEY_base_id(new_pkey) != EVP_PKEY_RSA))) {
#  764|   		cm_log(0, "Keys aren't RSA.  They won't work with SCEP.\n");
#  765|   		_exit(CM_SUB_STATUS_ERROR_KEY_TYPE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def824]
certmonger-0.79.21/src/scepgen-o.c:764:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/scepgen-o.c:716:1: enter_function: entry to ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:725:18: acquire_memory: allocated here
certmonger-0.79.21/src/scepgen-o.c:726:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/scepgen-o.c:730:13: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:730:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/scepgen-o.c:736:34: branch_false: ...to here
certmonger-0.79.21/src/scepgen-o.c:736:20: call_function: calling ‘key_from_file’ from ‘cm_scepgen_o_main’
certmonger-0.79.21/src/scepgen-o.c:736:20: return_function: returning to ‘cm_scepgen_o_main’ from ‘key_from_file’
certmonger-0.79.21/src/scepgen-o.c:762:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/scepgen-o.c:764:17: branch_true: ...to here
certmonger-0.79.21/src/scepgen-o.c:764:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/scepgen-o.c:764:17: danger: ‘status’ leaks here; was allocated at [(2)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/1)
#  762|   	if ((util_EVP_PKEY_base_id(old_pkey) != EVP_PKEY_RSA) ||
#  763|   	    ((new_pkey != NULL) && (util_EVP_PKEY_base_id(new_pkey) != EVP_PKEY_RSA))) {
#  764|-> 		cm_log(0, "Keys aren't RSA.  They won't work with SCEP.\n");
#  765|   		_exit(CM_SUB_STATUS_ERROR_KEY_TYPE);
#  766|   	}

Error: COMPILER_WARNING (CWE-563): [#def825]
certmonger-0.79.21/src/serial-check.c: scope_hint: In function ‘main’
certmonger-0.79.21/src/serial-check.c:26:10: warning[-Wunused-parameter]: unused parameter ‘argc’
#   26 | main(int argc, char **argv)
#      |      ~~~~^~~~
#   24|   #include "store.h"
#   25|   int
#   26|-> main(int argc, char **argv)
#   27|   {
#   28|   	int i;

Error: COMPILER_WARNING (CWE-563): [#def826]
certmonger-0.79.21/src/serial-check.c:26:23: warning[-Wunused-parameter]: unused parameter ‘argv’
#   26 | main(int argc, char **argv)
#      |                ~~~~~~~^~~~
#   24|   #include "store.h"
#   25|   int
#   26|-> main(int argc, char **argv)
#   27|   {
#   28|   	int i;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def827]
certmonger-0.79.21/src/store-files.c:549:29: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
certmonger-0.79.21/src/store-files.c:2317:1: enter_function: entry to ‘cm_store_get_all_entries’
certmonger-0.79.21/src/store-files.c:2331:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/store-files.c:2332:23: branch_true: ...to here
certmonger-0.79.21/src/store-files.c:2333:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/store-files.c:2333:20: branch_true: ...to here
certmonger-0.79.21/src/store-files.c:2334:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/store-files.c:2335:37: branch_true: ...to here
certmonger-0.79.21/src/store-files.c:2336:37: call_function: calling ‘cm_store_should_ignore_file’ from ‘cm_store_get_all_entries’
certmonger-0.79.21/src/store-files.c:2336:37: return_function: returning to ‘cm_store_get_all_entries’ from ‘cm_store_should_ignore_file’
certmonger-0.79.21/src/store-files.c:2341:50: call_function: calling ‘cm_store_entry_read’ from ‘cm_store_get_all_entries’
#  547|   			 * end-of-line markers. */
#  548|   			trim = 1;
#  549|-> 			s = talloc_strdup(parent, buf + offset);
#  550|   			break;
#  551|   		case ' ':

Error: GCC_ANALYZER_WARNING (CWE-401): [#def828]
certmonger-0.79.21/src/store-files.c:556:29: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
certmonger-0.79.21/src/store-files.c:2317:1: enter_function: entry to ‘cm_store_get_all_entries’
certmonger-0.79.21/src/store-files.c:2331:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/store-files.c:2332:23: branch_true: ...to here
certmonger-0.79.21/src/store-files.c:2333:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/store-files.c:2333:20: branch_true: ...to here
certmonger-0.79.21/src/store-files.c:2334:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/store-files.c:2335:37: branch_true: ...to here
certmonger-0.79.21/src/store-files.c:2336:37: call_function: calling ‘cm_store_should_ignore_file’ from ‘cm_store_get_all_entries’
certmonger-0.79.21/src/store-files.c:2336:37: return_function: returning to ‘cm_store_get_all_entries’ from ‘cm_store_should_ignore_file’
certmonger-0.79.21/src/store-files.c:2341:50: call_function: calling ‘cm_store_entry_read’ from ‘cm_store_get_all_entries’
#  554|   			 * append it to the list of things we've read. */
#  555|   			trim = 0;
#  556|-> 			t = talloc_strdup_append(s, buf + 1);
#  557|   			if (t != NULL) {
#  558|   				s = t;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def829]
certmonger-0.79.21/src/store-files.c:1805:13: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(&path, "w")’
certmonger-0.79.21/src/store-files.c:2228:1: enter_function: entry to ‘cm_store_entry_save’
certmonger-0.79.21/src/store-files.c:2289:14: acquire_resource: opened here
certmonger-0.79.21/src/store-files.c:2290:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/store-files.c:2291:21: branch_true: ...to here
certmonger-0.79.21/src/store-files.c:2291:21: call_function: calling ‘cm_store_entry_write’ from ‘cm_store_entry_save’
# 1803|   	const char *p;
# 1804|   
# 1805|-> 	if (entry->cm_nickname == NULL) {
# 1806|   		p = cm_store_timestamp_from_time(cm_time(NULL), timestamp);
# 1807|   	} else {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def830]
certmonger-0.79.21/src/store-files.c:1805:13: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(&path, "w")’
certmonger-0.79.21/src/store-files.c:2228:1: enter_function: entry to ‘cm_store_entry_save’
certmonger-0.79.21/src/store-files.c:2289:14: acquire_memory: allocated here
certmonger-0.79.21/src/store-files.c:2290:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/store-files.c:2291:21: branch_true: ...to here
certmonger-0.79.21/src/store-files.c:2291:21: call_function: calling ‘cm_store_entry_write’ from ‘cm_store_entry_save’
# 1803|   	const char *p;
# 1804|   
# 1805|-> 	if (entry->cm_nickname == NULL) {
# 1806|   		p = cm_store_timestamp_from_time(cm_time(NULL), timestamp);
# 1807|   	} else {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def831]
certmonger-0.79.21/src/store-files.c:2342:70: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(p, "r")’
certmonger-0.79.21/src/store-files.c:2317:1: enter_function: entry to ‘cm_store_get_all_entries’
certmonger-0.79.21/src/store-files.c:2331:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/store-files.c:2332:23: branch_true: ...to here
certmonger-0.79.21/src/store-files.c:2333:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/store-files.c:2333:20: branch_true: ...to here
certmonger-0.79.21/src/store-files.c:2334:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/store-files.c:2335:37: branch_true: ...to here
certmonger-0.79.21/src/store-files.c:2336:37: call_function: calling ‘cm_store_should_ignore_file’ from ‘cm_store_get_all_entries’
certmonger-0.79.21/src/store-files.c:2336:37: return_function: returning to ‘cm_store_get_all_entries’ from ‘cm_store_should_ignore_file’
certmonger-0.79.21/src/store-files.c:2339:38: acquire_resource: opened here
certmonger-0.79.21/src/store-files.c:2341:50: call_function: calling ‘cm_store_entry_read’ from ‘cm_store_get_all_entries’
# 2340|   				if (fp != NULL) {
# 2341|   					ret[j] = cm_store_entry_read(ret,
# 2342|-> 								     globs.gl_pathv[i],
# 2343|   								     fp);
# 2344|   					if ((ret[j] != NULL) &&

Error: GCC_ANALYZER_WARNING (CWE-401): [#def832]
certmonger-0.79.21/src/store-files.c:2342:70: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(p, "r")’
certmonger-0.79.21/src/store-files.c:2317:1: enter_function: entry to ‘cm_store_get_all_entries’
certmonger-0.79.21/src/store-files.c:2331:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/store-files.c:2332:23: branch_true: ...to here
certmonger-0.79.21/src/store-files.c:2333:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/store-files.c:2333:20: branch_true: ...to here
certmonger-0.79.21/src/store-files.c:2334:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/store-files.c:2335:37: branch_true: ...to here
certmonger-0.79.21/src/store-files.c:2336:37: call_function: calling ‘cm_store_should_ignore_file’ from ‘cm_store_get_all_entries’
certmonger-0.79.21/src/store-files.c:2336:37: return_function: returning to ‘cm_store_get_all_entries’ from ‘cm_store_should_ignore_file’
certmonger-0.79.21/src/store-files.c:2339:38: acquire_memory: allocated here
certmonger-0.79.21/src/store-files.c:2341:50: call_function: calling ‘cm_store_entry_read’ from ‘cm_store_get_all_entries’
# 2340|   				if (fp != NULL) {
# 2341|   					ret[j] = cm_store_entry_read(ret,
# 2342|-> 								     globs.gl_pathv[i],
# 2343|   								     fp);
# 2344|   					if ((ret[j] != NULL) &&

Error: GCC_ANALYZER_WARNING (CWE-775): [#def833]
certmonger-0.79.21/src/store-files.c:2380:13: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(&path, "w")’
certmonger-0.79.21/src/store-files.c:2490:1: enter_function: entry to ‘cm_store_ca_save’
certmonger-0.79.21/src/store-files.c:2550:14: acquire_resource: opened here
certmonger-0.79.21/src/store-files.c:2551:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/store-files.c:2552:21: branch_true: ...to here
certmonger-0.79.21/src/store-files.c:2552:21: call_function: calling ‘cm_store_ca_write’ from ‘cm_store_ca_save’
# 2378|   	char timestamp[15];
# 2379|   
# 2380|-> 	if (ca->cm_nickname == NULL) {
# 2381|   		p = cm_store_timestamp_from_time(cm_time(NULL), timestamp);
# 2382|   	} else {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def834]
certmonger-0.79.21/src/store-files.c:2380:13: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(&path, "w")’
certmonger-0.79.21/src/store-files.c:2490:1: enter_function: entry to ‘cm_store_ca_save’
certmonger-0.79.21/src/store-files.c:2550:14: acquire_memory: allocated here
certmonger-0.79.21/src/store-files.c:2551:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/store-files.c:2552:21: branch_true: ...to here
certmonger-0.79.21/src/store-files.c:2552:21: call_function: calling ‘cm_store_ca_write’ from ‘cm_store_ca_save’
# 2378|   	char timestamp[15];
# 2379|   
# 2380|-> 	if (ca->cm_nickname == NULL) {
# 2381|   		p = cm_store_timestamp_from_time(cm_time(NULL), timestamp);
# 2382|   	} else {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def835]
certmonger-0.79.21/src/store-files.c:2604:59: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(p, "r")’
certmonger-0.79.21/src/store-files.c:2577:1: enter_function: entry to ‘cm_store_get_all_cas’
certmonger-0.79.21/src/store-files.c:2595:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/store-files.c:2595:12: branch_true: ...to here
certmonger-0.79.21/src/store-files.c:2596:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/store-files.c:2597:29: branch_true: ...to here
certmonger-0.79.21/src/store-files.c:2598:29: call_function: calling ‘cm_store_should_ignore_file’ from ‘cm_store_get_all_cas’
certmonger-0.79.21/src/store-files.c:2598:29: return_function: returning to ‘cm_store_get_all_cas’ from ‘cm_store_should_ignore_file’
certmonger-0.79.21/src/store-files.c:2601:30: acquire_resource: opened here
certmonger-0.79.21/src/store-files.c:2603:42: call_function: calling ‘cm_store_ca_read’ from ‘cm_store_get_all_cas’
# 2602|   			if (fp != NULL) {
# 2603|   				ret[j] = cm_store_ca_read(ret,
# 2604|-> 							  globs.gl_pathv[i],
# 2605|   							  fp);
# 2606|   				if ((ret[j] != NULL) &&

Error: GCC_ANALYZER_WARNING (CWE-401): [#def836]
certmonger-0.79.21/src/store-files.c:2604:59: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(p, "r")’
certmonger-0.79.21/src/store-files.c:2577:1: enter_function: entry to ‘cm_store_get_all_cas’
certmonger-0.79.21/src/store-files.c:2595:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/store-files.c:2595:12: branch_true: ...to here
certmonger-0.79.21/src/store-files.c:2596:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/store-files.c:2597:29: branch_true: ...to here
certmonger-0.79.21/src/store-files.c:2598:29: call_function: calling ‘cm_store_should_ignore_file’ from ‘cm_store_get_all_cas’
certmonger-0.79.21/src/store-files.c:2598:29: return_function: returning to ‘cm_store_get_all_cas’ from ‘cm_store_should_ignore_file’
certmonger-0.79.21/src/store-files.c:2601:30: acquire_memory: allocated here
certmonger-0.79.21/src/store-files.c:2603:42: call_function: calling ‘cm_store_ca_read’ from ‘cm_store_get_all_cas’
# 2602|   			if (fp != NULL) {
# 2603|   				ret[j] = cm_store_ca_read(ret,
# 2604|-> 							  globs.gl_pathv[i],
# 2605|   							  fp);
# 2606|   				if ((ret[j] != NULL) &&

Error: GCC_ANALYZER_WARNING (CWE-401): [#def837]
certmonger-0.79.21/src/store-gen.c:689:25: warning[-Wanalyzer-malloc-leak]: leak of ‘iconv_open("UTF16BE", "UTF8")’
certmonger-0.79.21/src/store-gen.c:682:16: acquire_memory: allocated here
certmonger-0.79.21/src/store-gen.c:683:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/store-gen.c:684:17: branch_true: ...to here
certmonger-0.79.21/src/store-gen.c:688:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/store-gen.c:689:25: branch_true: ...to here
certmonger-0.79.21/src/store-gen.c:689:25: danger: ‘iconv_open("UTF16BE", "UTF8")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  687|   		outbuf = (char *) *bmp;
#  688|   		if (outbuf == NULL) {
#  689|-> 			iconv_close(conv);
#  690|   			return -1;
#  691|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def838]
certmonger-0.79.21/src/store-gen.c:695:23: warning[-Wanalyzer-malloc-leak]: leak of ‘iconv_open("UTF16BE", "UTF8")’
certmonger-0.79.21/src/store-gen.c:682:16: acquire_memory: allocated here
certmonger-0.79.21/src/store-gen.c:683:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/store-gen.c:684:17: branch_true: ...to here
certmonger-0.79.21/src/store-gen.c:688:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/store-gen.c:692:17: branch_false: ...to here
certmonger-0.79.21/src/store-gen.c:695:23: throw: if ‘iconv’ throws an exception...
certmonger-0.79.21/src/store-gen.c:695:23: danger: ‘iconv_open("UTF16BE", "UTF8")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  693|   		inleft = strlen(s);
#  694|   		outleft = space;
#  695|-> 		res = iconv(conv, &inbuf, &inleft, &outbuf, &outleft);
#  696|   		iconv_close(conv);
#  697|   		switch (res) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def839]
certmonger-0.79.21/src/store-gen.c:732:25: warning[-Wanalyzer-malloc-leak]: leak of ‘iconv_open("UTF8", "UTF16BE")’
certmonger-0.79.21/src/store-gen.c:729:16: acquire_memory: allocated here
certmonger-0.79.21/src/store-gen.c:730:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/store-gen.c:731:17: branch_true: ...to here
certmonger-0.79.21/src/store-gen.c:735:20: branch_true: following ‘true’ branch (when ‘s’ is NULL)...
certmonger-0.79.21/src/store-gen.c:736:25: branch_true: ...to here
certmonger-0.79.21/src/store-gen.c:732:25: danger: ‘iconv_open("UTF8", "UTF16BE")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#  730|   	if (conv != NULL) {
#  731|   		inbuf = (char *) bmp;
#  732|-> 		space = len * 3;
#  733|   		s = malloc(space);
#  734|   		outbuf = s;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def840]
certmonger-0.79.21/src/store-gen.c:742:23: warning[-Wanalyzer-malloc-leak]: leak of ‘outbuf’
certmonger-0.79.21/src/store-gen.c:730:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/store-gen.c:731:17: branch_true: ...to here
certmonger-0.79.21/src/store-gen.c:733:21: acquire_memory: allocated here
certmonger-0.79.21/src/store-gen.c:735:20: branch_false: following ‘false’ branch (when ‘s’ is non-NULL)...
certmonger-0.79.21/src/store-gen.c:739:17: branch_false: ...to here
certmonger-0.79.21/src/store-gen.c:742:23: throw: if ‘iconv’ throws an exception...
certmonger-0.79.21/src/store-gen.c:742:23: danger: ‘outbuf’ leaks here; was allocated at [(3)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/2)
#  740|   		inleft = len;
#  741|   		outleft = space;
#  742|-> 		res = iconv(conv, &inbuf, &inleft, &outbuf, &outleft);
#  743|   		iconv_close(conv);
#  744|   		switch (res) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def841]
certmonger-0.79.21/src/store-gen.c:805:15: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/store-gen.c:898:1: enter_function: entry to ‘cm_store_base64_from_hex’
certmonger-0.79.21/src/store-gen.c:906:12: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
certmonger-0.79.21/src/store-gen.c:909:18: branch_false: ...to here
certmonger-0.79.21/src/store-gen.c:909:18: call_function: calling ‘cm_store_hex_to_bin’ from ‘cm_store_base64_from_hex’
certmonger-0.79.21/src/store-gen.c:909:18: return_function: returning to ‘cm_store_base64_from_hex’ from ‘cm_store_hex_to_bin’
certmonger-0.79.21/src/store-gen.c:910:15: call_function: calling ‘cm_store_base64_from_bin’ from ‘cm_store_base64_from_hex’
#  803|   	p[j++] = '\0';
#  804|   
#  805|-> 	ret = talloc_strdup(parent, p);
#  806|   	free(p);
#  807|   	return ret;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def842]
certmonger-0.79.21/src/submit-d.c:115:23: warning[-Wanalyzer-malloc-leak]: leak of ‘ret’
certmonger-0.79.21/src/submit-d.c:179:1: enter_function: entry to ‘cm_submit_d_xml_defaults’
certmonger-0.79.21/src/submit-d.c:192:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-d.c:193:25: branch_true: ...to here
certmonger-0.79.21/src/submit-d.c:194:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-d.c:195:33: branch_true: ...to here
certmonger-0.79.21/src/submit-d.c:197:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-d.c:198:39: branch_true: ...to here
certmonger-0.79.21/src/submit-d.c:202:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-d.c:203:30: branch_true: ...to here
certmonger-0.79.21/src/submit-d.c:202:29: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-d.c:204:30: branch_true: ...to here
certmonger-0.79.21/src/submit-d.c:202:29: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-d.c:206:46: branch_true: ...to here
certmonger-0.79.21/src/submit-d.c:205:39: acquire_memory: allocated here
certmonger-0.79.21/src/submit-d.c:207:36: branch_false: following ‘false’ branch (when ‘ret’ is non-NULL)...
certmonger-0.79.21/src/submit-d.c:211:33: branch_false: ...to here
certmonger-0.79.21/src/submit-d.c:215:38: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-d.c:217:48: branch_true: ...to here
certmonger-0.79.21/src/submit-d.c:218:50: call_function: calling ‘cm_submit_d_xml_default’ from ‘cm_submit_d_xml_defaults’
#  113|   			i--;
#  114|   		}
#  115|-> 		ret = talloc_strndup(parent, content, i);
#  116|   	}
#  117|   	return ret;

Error: GCC_ANALYZER_WARNING (CWE-688): [#def843]
certmonger-0.79.21/src/submit-d.c:380:21: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
certmonger-0.79.21/src/submit-d.c:396:1: enter_function: entry to ‘cm_submit_d_xml_profiles’
certmonger-0.79.21/src/submit-d.c:407:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-d.c:408:25: branch_true: ...to here
certmonger-0.79.21/src/submit-d.c:409:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-d.c:410:33: branch_true: ...to here
certmonger-0.79.21/src/submit-d.c:412:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-d.c:413:39: branch_true: ...to here
certmonger-0.79.21/src/submit-d.c:417:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-d.c:418:30: branch_true: ...to here
certmonger-0.79.21/src/submit-d.c:417:29: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-d.c:419:30: branch_true: ...to here
certmonger-0.79.21/src/submit-d.c:417:29: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-d.c:417:29: branch_true: ...to here
certmonger-0.79.21/src/submit-d.c:421:38: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-d.c:423:48: branch_true: ...to here
certmonger-0.79.21/src/submit-d.c:424:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-d.c:425:68: branch_true: ...to here
certmonger-0.79.21/src/submit-d.c:424:45: branch_true: following ‘true’ branch (when the strings are equal)...
certmonger-0.79.21/src/submit-d.c:427:59: branch_true: ...to here
certmonger-0.79.21/src/submit-d.c:427:59: call_function: calling ‘cm_submit_d_xml_value_if’ from ‘cm_submit_d_xml_profiles’
#  378|   	if (bobj1 != NULL) {
#  379|   		b1 = cm_submit_d_text_node(parent, bobj1);
#  380|-> 		if (strcasecmp(b1, "true") != 0) {
#  381|   			v = NULL;
#  382|   		}

Error: GCC_ANALYZER_WARNING (CWE-688): [#def844]
certmonger-0.79.21/src/submit-d.c:387:21: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
certmonger-0.79.21/src/submit-d.c:396:1: enter_function: entry to ‘cm_submit_d_xml_profiles’
certmonger-0.79.21/src/submit-d.c:407:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-d.c:408:25: branch_true: ...to here
certmonger-0.79.21/src/submit-d.c:409:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-d.c:410:33: branch_true: ...to here
certmonger-0.79.21/src/submit-d.c:412:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-d.c:413:39: branch_true: ...to here
certmonger-0.79.21/src/submit-d.c:417:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-d.c:418:30: branch_true: ...to here
certmonger-0.79.21/src/submit-d.c:417:29: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-d.c:419:30: branch_true: ...to here
certmonger-0.79.21/src/submit-d.c:417:29: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-d.c:417:29: branch_true: ...to here
certmonger-0.79.21/src/submit-d.c:421:38: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-d.c:423:48: branch_true: ...to here
certmonger-0.79.21/src/submit-d.c:424:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-d.c:425:68: branch_true: ...to here
certmonger-0.79.21/src/submit-d.c:424:45: branch_true: following ‘true’ branch (when the strings are equal)...
certmonger-0.79.21/src/submit-d.c:427:59: branch_true: ...to here
certmonger-0.79.21/src/submit-d.c:427:59: call_function: calling ‘cm_submit_d_xml_value_if’ from ‘cm_submit_d_xml_profiles’
#  385|   	if (bobj2 != NULL) {
#  386|   		b2 = cm_submit_d_text_node(parent, bobj2);
#  387|-> 		if (strcasecmp(b2, "true") != 0) {
#  388|   			v = NULL;
#  389|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def845]
certmonger-0.79.21/src/submit-e.c:507:16: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:537:1: enter_function: entry to ‘cm_submit_e_postprocess_main’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:789:16: call_function: calling ‘cm_submit_e_get_spki’ from ‘cm_submit_e_postprocess_main’
#  505|   	int pubkey_len;
#  506|   
#  507|-> 	wpem = talloc_strdup(parent, pem);
#  508|   	if (wpem != NULL) {
#  509|   		in = BIO_new_mem_buf(wpem, -1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def846]
certmonger-0.79.21/src/submit-e.c:509:22: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:537:1: enter_function: entry to ‘cm_submit_e_postprocess_main’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:789:16: call_function: calling ‘cm_submit_e_get_spki’ from ‘cm_submit_e_postprocess_main’
#  507|   	wpem = talloc_strdup(parent, pem);
#  508|   	if (wpem != NULL) {
#  509|-> 		in = BIO_new_mem_buf(wpem, -1);
#  510|   		if (in != NULL) {
#  511|   			x = PEM_read_bio_X509(in, NULL, NULL, NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def847]
certmonger-0.79.21/src/submit-e.c:511:29: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:537:1: enter_function: entry to ‘cm_submit_e_postprocess_main’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:789:16: call_function: calling ‘cm_submit_e_get_spki’ from ‘cm_submit_e_postprocess_main’
#  509|   		in = BIO_new_mem_buf(wpem, -1);
#  510|   		if (in != NULL) {
#  511|-> 			x = PEM_read_bio_X509(in, NULL, NULL, NULL);
#  512|   			BIO_free(in);
#  513|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def848]
certmonger-0.79.21/src/submit-e.c:512:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:537:1: enter_function: entry to ‘cm_submit_e_postprocess_main’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:789:16: call_function: calling ‘cm_submit_e_get_spki’ from ‘cm_submit_e_postprocess_main’
#  510|   		if (in != NULL) {
#  511|   			x = PEM_read_bio_X509(in, NULL, NULL, NULL);
#  512|-> 			BIO_free(in);
#  513|   		}
#  514|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def849]
certmonger-0.79.21/src/submit-e.c:516:30: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:537:1: enter_function: entry to ‘cm_submit_e_postprocess_main’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:789:16: call_function: calling ‘cm_submit_e_get_spki’ from ‘cm_submit_e_postprocess_main’
#  514|   	}
#  515|   	if (x != NULL) {
#  516|-> 		pubkey_len = i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x), NULL);
#  517|   		if (pubkey_len > 0) {
#  518|   			pubkey = talloc_size(wpem, pubkey_len);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def850]
certmonger-0.79.21/src/submit-e.c:516:46: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:537:1: enter_function: entry to ‘cm_submit_e_postprocess_main’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:789:16: call_function: calling ‘cm_submit_e_get_spki’ from ‘cm_submit_e_postprocess_main’
#  514|   	}
#  515|   	if (x != NULL) {
#  516|-> 		pubkey_len = i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x), NULL);
#  517|   		if (pubkey_len > 0) {
#  518|   			pubkey = talloc_size(wpem, pubkey_len);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def851]
certmonger-0.79.21/src/submit-e.c:521:49: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:537:1: enter_function: entry to ‘cm_submit_e_postprocess_main’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:789:16: call_function: calling ‘cm_submit_e_get_spki’ from ‘cm_submit_e_postprocess_main’
#  519|   			if (pubkey != NULL) {
#  520|   				p = pubkey;
#  521|-> 				i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x), &p);
#  522|   				ret = cm_store_hex_from_bin(parent,
#  523|   							    pubkey,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def852]
certmonger-0.79.21/src/submit-e.c:560:9: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:560:9: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/submit-e.c:560:9: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/0)
#  558|   		_exit(errno);
#  559|   	}
#  560|-> 	cm_log(1, "Postprocessing output \"%.*s\".\n", estate->msg_length,
#  561|   	       estate->msg);
#  562|   	switch (entry->cm_key_storage_type) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def853]
certmonger-0.79.21/src/submit-e.c:577:14: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:577:14: throw: if ‘cm_json_decode’ throws an exception...
certmonger-0.79.21/src/submit-e.c:577:14: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/0)
#  575|   	decrypt_args.entry = entry;
#  576|   	/* If we can't decode it as JSON, decode it as basic data. */
#  577|-> 	if ((cm_json_decode(estate, estate->msg, estate->msg_length, &msg,
#  578|   			    &eom) != 0) ||
#  579|   	    (eom != estate->msg + estate->msg_length)) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def854]
certmonger-0.79.21/src/submit-e.c:584:21: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:584:21: throw: if ‘cm_pkcs7_parse’ throws an exception...
certmonger-0.79.21/src/submit-e.c:584:21: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/0)
#  582|   		 * DER format.  Take it apart and build a JSON structure out of
#  583|   		 * it to mimic an incoming message. */
#  584|-> 		i = cm_pkcs7_parse(0, estate, &leaf, &top, &others,
#  585|   				   decrypt, &decrypt_args,
#  586|   				   (const unsigned char *) estate->msg,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def855]
certmonger-0.79.21/src/submit-e.c:588:23: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:588:23: throw: if ‘cm_json_new_object’ throws an exception...
certmonger-0.79.21/src/submit-e.c:588:23: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/0)
#  586|   				   (const unsigned char *) estate->msg,
#  587|   				   estate->msg_length, NULL);
#  588|-> 		msg = cm_json_new_object(estate);
#  589|   		chain = cm_json_new_array(msg);
#  590|   		if (i == 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def856]
certmonger-0.79.21/src/submit-e.c:589:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:589:25: throw: if ‘cm_json_new_array’ throws an exception...
certmonger-0.79.21/src/submit-e.c:589:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/0)
#  587|   				   estate->msg_length, NULL);
#  588|   		msg = cm_json_new_object(estate);
#  589|-> 		chain = cm_json_new_array(msg);
#  590|   		if (i == 0) {
#  591|   			if (leaf != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def857]
certmonger-0.79.21/src/submit-e.c:592:40: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:590:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:591:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:591:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:592:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:592:40: throw: if ‘cm_json_new_string’ throws an exception...
certmonger-0.79.21/src/submit-e.c:592:40: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/0)
#  590|   		if (i == 0) {
#  591|   			if (leaf != NULL) {
#  592|-> 				cert = cm_json_new_string(msg, leaf, -1);
#  593|   				cm_json_set(msg, CM_SUBMIT_E_CERTIFICATE, cert);
#  594|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def858]
certmonger-0.79.21/src/submit-e.c:593:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:590:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:591:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:591:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:592:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:593:33: throw: if ‘cm_json_set’ throws an exception...
certmonger-0.79.21/src/submit-e.c:593:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/0)
#  591|   			if (leaf != NULL) {
#  592|   				cert = cm_json_new_string(msg, leaf, -1);
#  593|-> 				cm_json_set(msg, CM_SUBMIT_E_CERTIFICATE, cert);
#  594|   			}
#  595|   			for (i = 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def859]
certmonger-0.79.21/src/submit-e.c:598:40: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:590:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:591:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:596:30: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:598:40: throw: if ‘cm_json_new_object’ throws an exception...
certmonger-0.79.21/src/submit-e.c:598:40: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/0)
#  596|   			     (others != NULL) && (others[i] != NULL);
#  597|   			     i++) {
#  598|-> 				cert = cm_json_new_object(chain);
#  599|   				val = cm_json_new_string(cert, others[i], -1);
#  600|   				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def860]
certmonger-0.79.21/src/submit-e.c:599:39: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:590:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:591:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:596:30: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:599:39: throw: if ‘cm_json_new_string’ throws an exception...
certmonger-0.79.21/src/submit-e.c:599:39: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/0)
#  597|   			     i++) {
#  598|   				cert = cm_json_new_object(chain);
#  599|-> 				val = cm_json_new_string(cert, others[i], -1);
#  600|   				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
#  601|   				nthnick = talloc_asprintf(cert, "chain #%d", i + 1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def861]
certmonger-0.79.21/src/submit-e.c:600:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:590:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:591:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:596:30: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:600:33: throw: if ‘cm_json_set’ throws an exception...
certmonger-0.79.21/src/submit-e.c:600:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/0)
#  598|   				cert = cm_json_new_object(chain);
#  599|   				val = cm_json_new_string(cert, others[i], -1);
#  600|-> 				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
#  601|   				nthnick = talloc_asprintf(cert, "chain #%d", i + 1);
#  602|   				nick = cm_json_new_string(cert, nthnick, -1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def862]
certmonger-0.79.21/src/submit-e.c:601:43: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:590:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:591:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:596:30: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:601:43: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/submit-e.c:601:43: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/0)
#  599|   				val = cm_json_new_string(cert, others[i], -1);
#  600|   				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
#  601|-> 				nthnick = talloc_asprintf(cert, "chain #%d", i + 1);
#  602|   				nick = cm_json_new_string(cert, nthnick, -1);
#  603|   				cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def863]
certmonger-0.79.21/src/submit-e.c:602:40: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:590:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:591:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:596:30: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:602:40: throw: if ‘cm_json_new_string’ throws an exception...
certmonger-0.79.21/src/submit-e.c:602:40: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/0)
#  600|   				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
#  601|   				nthnick = talloc_asprintf(cert, "chain #%d", i + 1);
#  602|-> 				nick = cm_json_new_string(cert, nthnick, -1);
#  603|   				cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
#  604|   				cm_json_append(chain, cert);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def864]
certmonger-0.79.21/src/submit-e.c:603:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:590:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:591:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:596:30: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:603:33: throw: if ‘cm_json_set’ throws an exception...
certmonger-0.79.21/src/submit-e.c:603:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/0)
#  601|   				nthnick = talloc_asprintf(cert, "chain #%d", i + 1);
#  602|   				nick = cm_json_new_string(cert, nthnick, -1);
#  603|-> 				cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
#  604|   				cm_json_append(chain, cert);
#  605|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def865]
certmonger-0.79.21/src/submit-e.c:604:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:590:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:591:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:596:30: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:604:33: throw: if ‘cm_json_append’ throws an exception...
certmonger-0.79.21/src/submit-e.c:604:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/0)
#  602|   				nick = cm_json_new_string(cert, nthnick, -1);
#  603|   				cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
#  604|-> 				cm_json_append(chain, cert);
#  605|   			}
#  606|   			if (top!= NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def866]
certmonger-0.79.21/src/submit-e.c:607:40: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:590:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:591:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:606:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:607:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:607:40: throw: if ‘cm_json_new_object’ throws an exception...
certmonger-0.79.21/src/submit-e.c:607:40: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/0)
#  605|   			}
#  606|   			if (top!= NULL) {
#  607|-> 				cert = cm_json_new_object(chain);
#  608|   				val = cm_json_new_string(cert, top, -1);
#  609|   				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def867]
certmonger-0.79.21/src/submit-e.c:608:39: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:590:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:591:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:606:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:607:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:608:39: throw: if ‘cm_json_new_string’ throws an exception...
certmonger-0.79.21/src/submit-e.c:608:39: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/0)
#  606|   			if (top!= NULL) {
#  607|   				cert = cm_json_new_object(chain);
#  608|-> 				val = cm_json_new_string(cert, top, -1);
#  609|   				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
#  610|   				nthnick = talloc_asprintf(cert, "chain #%d", i + 1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def868]
certmonger-0.79.21/src/submit-e.c:609:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:590:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:591:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:606:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:607:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:609:33: throw: if ‘cm_json_set’ throws an exception...
certmonger-0.79.21/src/submit-e.c:609:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/0)
#  607|   				cert = cm_json_new_object(chain);
#  608|   				val = cm_json_new_string(cert, top, -1);
#  609|-> 				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
#  610|   				nthnick = talloc_asprintf(cert, "chain #%d", i + 1);
#  611|   				nick = cm_json_new_string(cert, nthnick, -1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def869]
certmonger-0.79.21/src/submit-e.c:610:43: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:590:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:591:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:606:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:607:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:610:43: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/submit-e.c:610:43: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/0)
#  608|   				val = cm_json_new_string(cert, top, -1);
#  609|   				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
#  610|-> 				nthnick = talloc_asprintf(cert, "chain #%d", i + 1);
#  611|   				nick = cm_json_new_string(cert, nthnick, -1);
#  612|   				cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def870]
certmonger-0.79.21/src/submit-e.c:611:40: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:590:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:591:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:606:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:607:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:611:40: throw: if ‘cm_json_new_string’ throws an exception...
certmonger-0.79.21/src/submit-e.c:611:40: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/0)
#  609|   				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
#  610|   				nthnick = talloc_asprintf(cert, "chain #%d", i + 1);
#  611|-> 				nick = cm_json_new_string(cert, nthnick, -1);
#  612|   				cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
#  613|   				cm_json_append(chain, cert);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def871]
certmonger-0.79.21/src/submit-e.c:612:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:590:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:591:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:606:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:607:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:612:33: throw: if ‘cm_json_set’ throws an exception...
certmonger-0.79.21/src/submit-e.c:612:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/0)
#  610|   				nthnick = talloc_asprintf(cert, "chain #%d", i + 1);
#  611|   				nick = cm_json_new_string(cert, nthnick, -1);
#  612|-> 				cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
#  613|   				cm_json_append(chain, cert);
#  614|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def872]
certmonger-0.79.21/src/submit-e.c:613:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:590:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:591:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:606:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:607:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:613:33: throw: if ‘cm_json_append’ throws an exception...
certmonger-0.79.21/src/submit-e.c:613:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/27/codeFlows/0/threadFlows/0/locations/0)
#  611|   				nick = cm_json_new_string(cert, nthnick, -1);
#  612|   				cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
#  613|-> 				cm_json_append(chain, cert);
#  614|   			}
#  615|   			if (cm_json_array_size(chain) > 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def873]
certmonger-0.79.21/src/submit-e.c:615:29: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:590:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:591:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:615:29: throw: if ‘cm_json_array_size’ throws an exception...
certmonger-0.79.21/src/submit-e.c:615:29: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/28/codeFlows/0/threadFlows/0/locations/0)
#  613|   				cm_json_append(chain, cert);
#  614|   			}
#  615|-> 			if (cm_json_array_size(chain) > 0) {
#  616|   				cm_json_set(msg, CM_SUBMIT_E_CHAIN, chain);
#  617|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def874]
certmonger-0.79.21/src/submit-e.c:616:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:590:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:591:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:615:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:616:33: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:616:33: throw: if ‘cm_json_set’ throws an exception...
certmonger-0.79.21/src/submit-e.c:616:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/29/codeFlows/0/threadFlows/0/locations/0)
#  614|   			}
#  615|   			if (cm_json_array_size(chain) > 0) {
#  616|-> 				cm_json_set(msg, CM_SUBMIT_E_CHAIN, chain);
#  617|   			}
#  618|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def875]
certmonger-0.79.21/src/submit-e.c:621:16: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:577:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:579:21: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:577:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:621:16: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:621:16: throw: if ‘cm_json_new_object’ throws an exception...
certmonger-0.79.21/src/submit-e.c:621:16: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/0)
#  619|   	}
#  620|   	/* Get ready to build an output message. */
#  621|-> 	json = cm_json_new_object(entry);
#  622|   	roots = cm_json_new_array(json);
#  623|   	chain = cm_json_new_array(json);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def876]
certmonger-0.79.21/src/submit-e.c:622:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:577:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:579:21: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:577:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:621:16: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:622:17: throw: if ‘cm_json_new_array’ throws an exception...
certmonger-0.79.21/src/submit-e.c:622:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/31/codeFlows/0/threadFlows/0/locations/0)
#  620|   	/* Get ready to build an output message. */
#  621|   	json = cm_json_new_object(entry);
#  622|-> 	roots = cm_json_new_array(json);
#  623|   	chain = cm_json_new_array(json);
#  624|   	/* Data is a JSON object, with a "certificate" PEM string, and possibly

Error: GCC_ANALYZER_WARNING (CWE-401): [#def877]
certmonger-0.79.21/src/submit-e.c:623:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:577:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:579:21: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:577:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:621:16: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:623:17: throw: if ‘cm_json_new_array’ throws an exception...
certmonger-0.79.21/src/submit-e.c:623:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/32/codeFlows/0/threadFlows/0/locations/0)
#  621|   	json = cm_json_new_object(entry);
#  622|   	roots = cm_json_new_array(json);
#  623|-> 	chain = cm_json_new_array(json);
#  624|   	/* Data is a JSON object, with a "certificate" PEM string, and possibly
#  625|   	 * "chain" and "roots" arrays containing objects which are

Error: GCC_ANALYZER_WARNING (CWE-401): [#def878]
certmonger-0.79.21/src/submit-e.c:628:16: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:577:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:579:21: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:577:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:621:16: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:628:16: throw: if ‘cm_json_get’ throws an exception...
certmonger-0.79.21/src/submit-e.c:628:16: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/33/codeFlows/0/threadFlows/0/locations/0)
#  626|   	 * nickname/string sets.  Parse out the certificate, keeping the leaf
#  627|   	 * node as the certificate, relegating the rest to the chain list. */
#  628|-> 	cert = cm_json_get(msg, CM_SUBMIT_E_CERTIFICATE);
#  629|   	u = (const unsigned char *) cm_json_string(cert, &length);
#  630|   	i = cm_pkcs7_parse(0, estate,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def879]
certmonger-0.79.21/src/submit-e.c:629:37: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:577:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:579:21: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:577:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:621:16: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:629:37: throw: if ‘cm_json_string’ throws an exception...
certmonger-0.79.21/src/submit-e.c:629:37: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/34/codeFlows/0/threadFlows/0/locations/0)
#  627|   	 * node as the certificate, relegating the rest to the chain list. */
#  628|   	cert = cm_json_get(msg, CM_SUBMIT_E_CERTIFICATE);
#  629|-> 	u = (const unsigned char *) cm_json_string(cert, &length);
#  630|   	i = cm_pkcs7_parse(0, estate,
#  631|   			   &leaf, &top, &others,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def880]
certmonger-0.79.21/src/submit-e.c:630:13: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:577:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:579:21: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:577:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:621:16: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:630:13: throw: if ‘cm_pkcs7_parse’ throws an exception...
certmonger-0.79.21/src/submit-e.c:630:13: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/35/codeFlows/0/threadFlows/0/locations/0)
#  628|   	cert = cm_json_get(msg, CM_SUBMIT_E_CERTIFICATE);
#  629|   	u = (const unsigned char *) cm_json_string(cert, &length);
#  630|-> 	i = cm_pkcs7_parse(0, estate,
#  631|   			   &leaf, &top, &others,
#  632|   			   NULL, NULL, u, length, NULL);

Error: COMPILER_WARNING (CWE-457): [#def881]
certmonger-0.79.21/src/submit-e.c: scope_hint: In function ‘cm_submit_e_postprocess_main’
certmonger-0.79.21/src/submit-e.c:630:13: warning[-Wmaybe-uninitialized]: ‘length’ may be used uninitialized
#  630 |         i = cm_pkcs7_parse(0, estate,
#      |             ^
certmonger-0.79.21/src/submit-e.c:547:17: note: ‘length’ was declared here
#  547 |         ssize_t length;
#      |                 ^
#  628|   	cert = cm_json_get(msg, CM_SUBMIT_E_CERTIFICATE);
#  629|   	u = (const unsigned char *) cm_json_string(cert, &length);
#  630|-> 	i = cm_pkcs7_parse(0, estate,
#  631|   			   &leaf, &top, &others,
#  632|   			   NULL, NULL, u, length, NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def882]
certmonger-0.79.21/src/submit-e.c:635:32: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:633:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:634:21: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:634:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:635:32: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:635:32: throw: if ‘cm_json_new_string’ throws an exception...
certmonger-0.79.21/src/submit-e.c:635:32: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/36/codeFlows/0/threadFlows/0/locations/0)
#  633|   	if (i == 0) {
#  634|   		if (leaf != NULL) {
#  635|-> 			cert = cm_json_new_string(json, leaf, -1);
#  636|   			cm_json_set(json, CM_SUBMIT_E_CERTIFICATE, cert);
#  637|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def883]
certmonger-0.79.21/src/submit-e.c:636:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:633:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:634:21: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:634:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:635:32: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:636:25: throw: if ‘cm_json_set’ throws an exception...
certmonger-0.79.21/src/submit-e.c:636:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/37/codeFlows/0/threadFlows/0/locations/0)
#  634|   		if (leaf != NULL) {
#  635|   			cert = cm_json_new_string(json, leaf, -1);
#  636|-> 			cm_json_set(json, CM_SUBMIT_E_CERTIFICATE, cert);
#  637|   		}
#  638|   		for (i = 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def884]
certmonger-0.79.21/src/submit-e.c:641:32: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:633:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:634:21: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:639:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:641:32: throw: if ‘cm_json_new_object’ throws an exception...
certmonger-0.79.21/src/submit-e.c:641:32: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/38/codeFlows/0/threadFlows/0/locations/0)
#  639|   		     (others != NULL) && (others[i] != NULL);
#  640|   		     i++) {
#  641|-> 			cert = cm_json_new_object(chain);
#  642|   			val = cm_json_new_string(cert, others[i], -1);
#  643|   			cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def885]
certmonger-0.79.21/src/submit-e.c:642:31: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:633:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:634:21: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:639:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:642:31: throw: if ‘cm_json_new_string’ throws an exception...
certmonger-0.79.21/src/submit-e.c:642:31: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/39/codeFlows/0/threadFlows/0/locations/0)
#  640|   		     i++) {
#  641|   			cert = cm_json_new_object(chain);
#  642|-> 			val = cm_json_new_string(cert, others[i], -1);
#  643|   			cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
#  644|   			nthnick = talloc_asprintf(cert, "chain #0.%d", i + 1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def886]
certmonger-0.79.21/src/submit-e.c:643:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:633:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:634:21: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:639:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:643:25: throw: if ‘cm_json_set’ throws an exception...
certmonger-0.79.21/src/submit-e.c:643:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/40/codeFlows/0/threadFlows/0/locations/0)
#  641|   			cert = cm_json_new_object(chain);
#  642|   			val = cm_json_new_string(cert, others[i], -1);
#  643|-> 			cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
#  644|   			nthnick = talloc_asprintf(cert, "chain #0.%d", i + 1);
#  645|   			nick = cm_json_new_string(cert, nthnick, -1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def887]
certmonger-0.79.21/src/submit-e.c:644:35: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:633:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:634:21: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:639:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:644:35: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/submit-e.c:644:35: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/41/codeFlows/0/threadFlows/0/locations/0)
#  642|   			val = cm_json_new_string(cert, others[i], -1);
#  643|   			cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
#  644|-> 			nthnick = talloc_asprintf(cert, "chain #0.%d", i + 1);
#  645|   			nick = cm_json_new_string(cert, nthnick, -1);
#  646|   			cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def888]
certmonger-0.79.21/src/submit-e.c:645:32: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:633:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:634:21: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:639:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:645:32: throw: if ‘cm_json_new_string’ throws an exception...
certmonger-0.79.21/src/submit-e.c:645:32: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/42/codeFlows/0/threadFlows/0/locations/0)
#  643|   			cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
#  644|   			nthnick = talloc_asprintf(cert, "chain #0.%d", i + 1);
#  645|-> 			nick = cm_json_new_string(cert, nthnick, -1);
#  646|   			cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
#  647|   			cm_json_append(chain, cert);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def889]
certmonger-0.79.21/src/submit-e.c:646:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:633:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:634:21: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:639:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:646:25: throw: if ‘cm_json_set’ throws an exception...
certmonger-0.79.21/src/submit-e.c:646:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/43/codeFlows/0/threadFlows/0/locations/0)
#  644|   			nthnick = talloc_asprintf(cert, "chain #0.%d", i + 1);
#  645|   			nick = cm_json_new_string(cert, nthnick, -1);
#  646|-> 			cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
#  647|   			cm_json_append(chain, cert);
#  648|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def890]
certmonger-0.79.21/src/submit-e.c:647:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:633:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:634:21: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:639:22: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:647:25: throw: if ‘cm_json_append’ throws an exception...
certmonger-0.79.21/src/submit-e.c:647:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/44/codeFlows/0/threadFlows/0/locations/0)
#  645|   			nick = cm_json_new_string(cert, nthnick, -1);
#  646|   			cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
#  647|-> 			cm_json_append(chain, cert);
#  648|   		}
#  649|   		if (top!= NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def891]
certmonger-0.79.21/src/submit-e.c:650:32: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:633:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:634:21: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:649:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:650:32: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:650:32: throw: if ‘cm_json_new_object’ throws an exception...
certmonger-0.79.21/src/submit-e.c:650:32: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/45/codeFlows/0/threadFlows/0/locations/0)
#  648|   		}
#  649|   		if (top!= NULL) {
#  650|-> 			cert = cm_json_new_object(chain);
#  651|   			val = cm_json_new_string(cert, top, -1);
#  652|   			cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def892]
certmonger-0.79.21/src/submit-e.c:651:31: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:633:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:634:21: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:649:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:650:32: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:651:31: throw: if ‘cm_json_new_string’ throws an exception...
certmonger-0.79.21/src/submit-e.c:651:31: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/46/codeFlows/0/threadFlows/0/locations/0)
#  649|   		if (top!= NULL) {
#  650|   			cert = cm_json_new_object(chain);
#  651|-> 			val = cm_json_new_string(cert, top, -1);
#  652|   			cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
#  653|   			nthnick = talloc_asprintf(cert, "chain #0.%d", i + 1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def893]
certmonger-0.79.21/src/submit-e.c:652:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:633:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:634:21: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:649:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:650:32: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:652:25: throw: if ‘cm_json_set’ throws an exception...
certmonger-0.79.21/src/submit-e.c:652:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/47/codeFlows/0/threadFlows/0/locations/0)
#  650|   			cert = cm_json_new_object(chain);
#  651|   			val = cm_json_new_string(cert, top, -1);
#  652|-> 			cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
#  653|   			nthnick = talloc_asprintf(cert, "chain #0.%d", i + 1);
#  654|   			nick = cm_json_new_string(cert, nthnick, -1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def894]
certmonger-0.79.21/src/submit-e.c:653:35: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:633:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:634:21: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:649:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:650:32: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:653:35: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/submit-e.c:653:35: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/48/codeFlows/0/threadFlows/0/locations/0)
#  651|   			val = cm_json_new_string(cert, top, -1);
#  652|   			cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
#  653|-> 			nthnick = talloc_asprintf(cert, "chain #0.%d", i + 1);
#  654|   			nick = cm_json_new_string(cert, nthnick, -1);
#  655|   			cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def895]
certmonger-0.79.21/src/submit-e.c:654:32: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:633:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:634:21: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:649:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:650:32: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:654:32: throw: if ‘cm_json_new_string’ throws an exception...
certmonger-0.79.21/src/submit-e.c:654:32: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/49/codeFlows/0/threadFlows/0/locations/0)
#  652|   			cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
#  653|   			nthnick = talloc_asprintf(cert, "chain #0.%d", i + 1);
#  654|-> 			nick = cm_json_new_string(cert, nthnick, -1);
#  655|   			cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
#  656|   			cm_json_append(chain, cert);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def896]
certmonger-0.79.21/src/submit-e.c:655:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:633:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:634:21: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:649:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:650:32: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:655:25: throw: if ‘cm_json_set’ throws an exception...
certmonger-0.79.21/src/submit-e.c:655:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/50/codeFlows/0/threadFlows/0/locations/0)
#  653|   			nthnick = talloc_asprintf(cert, "chain #0.%d", i + 1);
#  654|   			nick = cm_json_new_string(cert, nthnick, -1);
#  655|-> 			cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
#  656|   			cm_json_append(chain, cert);
#  657|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def897]
certmonger-0.79.21/src/submit-e.c:656:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:633:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:634:21: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:649:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:650:32: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:656:25: throw: if ‘cm_json_append’ throws an exception...
certmonger-0.79.21/src/submit-e.c:656:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/51/codeFlows/0/threadFlows/0/locations/0)
#  654|   			nick = cm_json_new_string(cert, nthnick, -1);
#  655|   			cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
#  656|-> 			cm_json_append(chain, cert);
#  657|   		}
#  658|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def898]
certmonger-0.79.21/src/submit-e.c:660:15: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:660:15: throw: if ‘cm_json_get’ throws an exception...
certmonger-0.79.21/src/submit-e.c:660:15: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/52/codeFlows/0/threadFlows/0/locations/0)
#  658|   	}
#  659|   	/* Now look at each item in the roots list. */
#  660|-> 	tmp = cm_json_get(msg, CM_SUBMIT_E_ROOTS);
#  661|   	for (i = 0; i < cm_json_array_size(tmp); i++) {
#  662|   		cert = cm_json_n(tmp, i);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def899]
certmonger-0.79.21/src/submit-e.c:661:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:25: throw: if ‘cm_json_array_size’ throws an exception...
certmonger-0.79.21/src/submit-e.c:661:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/53/codeFlows/0/threadFlows/0/locations/0)
#  659|   	/* Now look at each item in the roots list. */
#  660|   	tmp = cm_json_get(msg, CM_SUBMIT_E_ROOTS);
#  661|-> 	for (i = 0; i < cm_json_array_size(tmp); i++) {
#  662|   		cert = cm_json_n(tmp, i);
#  663|   		if (cm_json_type(cert) != cm_json_type_object) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def900]
certmonger-0.79.21/src/submit-e.c:662:24: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:662:24: throw: if ‘cm_json_n’ throws an exception...
certmonger-0.79.21/src/submit-e.c:662:24: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/54/codeFlows/0/threadFlows/0/locations/0)
#  660|   	tmp = cm_json_get(msg, CM_SUBMIT_E_ROOTS);
#  661|   	for (i = 0; i < cm_json_array_size(tmp); i++) {
#  662|-> 		cert = cm_json_n(tmp, i);
#  663|   		if (cm_json_type(cert) != cm_json_type_object) {
#  664|   			continue;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def901]
certmonger-0.79.21/src/submit-e.c:663:21: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:663:21: throw: if ‘cm_json_type’ throws an exception...
certmonger-0.79.21/src/submit-e.c:663:21: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/55/codeFlows/0/threadFlows/0/locations/0)
#  661|   	for (i = 0; i < cm_json_array_size(tmp); i++) {
#  662|   		cert = cm_json_n(tmp, i);
#  663|-> 		if (cm_json_type(cert) != cm_json_type_object) {
#  664|   			continue;
#  665|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def902]
certmonger-0.79.21/src/submit-e.c:667:23: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:663:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:667:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:667:23: throw: if ‘cm_json_get’ throws an exception...
certmonger-0.79.21/src/submit-e.c:667:23: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/56/codeFlows/0/threadFlows/0/locations/0)
#  665|   		}
#  666|   		/* Pull the root certificate, or whatever it is. */
#  667|-> 		val = cm_json_get(cert, CM_SUBMIT_E_CERTIFICATE);
#  668|   		if ((val == NULL) ||
#  669|   		    (cm_json_type(val) != cm_json_type_string)) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def903]
certmonger-0.79.21/src/submit-e.c:669:22: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:663:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:667:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:669:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:669:22: throw: if ‘cm_json_type’ throws an exception...
certmonger-0.79.21/src/submit-e.c:669:22: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/57/codeFlows/0/threadFlows/0/locations/0)
#  667|   		val = cm_json_get(cert, CM_SUBMIT_E_CERTIFICATE);
#  668|   		if ((val == NULL) ||
#  669|-> 		    (cm_json_type(val) != cm_json_type_string)) {
#  670|   			continue;
#  671|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def904]
certmonger-0.79.21/src/submit-e.c:673:24: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:663:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:667:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:669:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:673:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:673:24: throw: if ‘cm_json_get’ throws an exception...
certmonger-0.79.21/src/submit-e.c:673:24: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/58/codeFlows/0/threadFlows/0/locations/0)
#  671|   		}
#  672|   		/* Read the nickname, or provide a default. */
#  673|-> 		nick = cm_json_get(cert, CM_SUBMIT_E_NICKNAME);
#  674|   		if ((nick == NULL) ||
#  675|   		    (cm_json_type(nick) != cm_json_type_string)) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def905]
certmonger-0.79.21/src/submit-e.c:675:22: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:663:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:667:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:669:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:673:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:674:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:675:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:675:22: throw: if ‘cm_json_type’ throws an exception...
certmonger-0.79.21/src/submit-e.c:675:22: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/59/codeFlows/0/threadFlows/0/locations/0)
#  673|   		nick = cm_json_get(cert, CM_SUBMIT_E_NICKNAME);
#  674|   		if ((nick == NULL) ||
#  675|-> 		    (cm_json_type(nick) != cm_json_type_string)) {
#  676|   			p = talloc_asprintf(cert, "root #%d", i + 1);
#  677|   			nick = cm_json_new_string(roots, p, -1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def906]
certmonger-0.79.21/src/submit-e.c:676:29: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:663:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:667:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:669:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:673:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:676:29: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/submit-e.c:676:29: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/60/codeFlows/0/threadFlows/0/locations/0)
#  674|   		if ((nick == NULL) ||
#  675|   		    (cm_json_type(nick) != cm_json_type_string)) {
#  676|-> 			p = talloc_asprintf(cert, "root #%d", i + 1);
#  677|   			nick = cm_json_new_string(roots, p, -1);
#  678|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def907]
certmonger-0.79.21/src/submit-e.c:677:32: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:663:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:667:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:669:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:673:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:677:32: throw: if ‘cm_json_new_string’ throws an exception...
certmonger-0.79.21/src/submit-e.c:677:32: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/61/codeFlows/0/threadFlows/0/locations/0)
#  675|   		    (cm_json_type(nick) != cm_json_type_string)) {
#  676|   			p = talloc_asprintf(cert, "root #%d", i + 1);
#  677|-> 			nick = cm_json_new_string(roots, p, -1);
#  678|   		}
#  679|   		nickname = cm_json_string(nick, NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def908]
certmonger-0.79.21/src/submit-e.c:679:28: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:663:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:667:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:669:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:673:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:679:28: throw: if ‘cm_json_string’ throws an exception...
certmonger-0.79.21/src/submit-e.c:679:28: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/62/codeFlows/0/threadFlows/0/locations/0)
#  677|   			nick = cm_json_new_string(roots, p, -1);
#  678|   		}
#  679|-> 		nickname = cm_json_string(nick, NULL);
#  680|   		/* Let the parser at it. */
#  681|   		u = (const unsigned char *) cm_json_string(val, &length);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def909]
certmonger-0.79.21/src/submit-e.c:681:45: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:663:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:667:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:669:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:673:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:681:45: throw: if ‘cm_json_string’ throws an exception...
certmonger-0.79.21/src/submit-e.c:681:45: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/63/codeFlows/0/threadFlows/0/locations/0)
#  679|   		nickname = cm_json_string(nick, NULL);
#  680|   		/* Let the parser at it. */
#  681|-> 		u = (const unsigned char *) cm_json_string(val, &length);
#  682|   		j = cm_pkcs7_parse(0, estate,
#  683|   				   &leafroot, &toproot, &otherroots,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def910]
certmonger-0.79.21/src/submit-e.c:682:21: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:663:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:667:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:669:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:673:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:682:21: throw: if ‘cm_pkcs7_parse’ throws an exception...
certmonger-0.79.21/src/submit-e.c:682:21: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/64/codeFlows/0/threadFlows/0/locations/0)
#  680|   		/* Let the parser at it. */
#  681|   		u = (const unsigned char *) cm_json_string(val, &length);
#  682|-> 		j = cm_pkcs7_parse(0, estate,
#  683|   				   &leafroot, &toproot, &otherroots,
#  684|   				   NULL, NULL, u, length, NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def911]
certmonger-0.79.21/src/submit-e.c:687:40: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:663:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:667:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:669:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:673:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:685:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:686:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:686:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:687:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:687:40: throw: if ‘cm_json_new_object’ throws an exception...
certmonger-0.79.21/src/submit-e.c:687:40: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/65/codeFlows/0/threadFlows/0/locations/0)
#  685|   		if (j == 0) {
#  686|   			if (leafroot != NULL) {
#  687|-> 				cert = cm_json_new_object(roots);
#  688|   				val = cm_json_new_string(cert, leafroot, -1);
#  689|   				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def912]
certmonger-0.79.21/src/submit-e.c:688:39: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:663:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:667:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:669:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:673:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:685:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:686:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:686:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:687:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:688:39: throw: if ‘cm_json_new_string’ throws an exception...
certmonger-0.79.21/src/submit-e.c:688:39: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/66/codeFlows/0/threadFlows/0/locations/0)
#  686|   			if (leafroot != NULL) {
#  687|   				cert = cm_json_new_object(roots);
#  688|-> 				val = cm_json_new_string(cert, leafroot, -1);
#  689|   				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
#  690|   				nick = cm_json_new_string(cert, nickname, -1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def913]
certmonger-0.79.21/src/submit-e.c:689:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:663:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:667:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:669:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:673:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:685:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:686:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:686:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:687:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:689:33: throw: if ‘cm_json_set’ throws an exception...
certmonger-0.79.21/src/submit-e.c:689:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/67/codeFlows/0/threadFlows/0/locations/0)
#  687|   				cert = cm_json_new_object(roots);
#  688|   				val = cm_json_new_string(cert, leafroot, -1);
#  689|-> 				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
#  690|   				nick = cm_json_new_string(cert, nickname, -1);
#  691|   				cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def914]
certmonger-0.79.21/src/submit-e.c:690:40: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:663:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:667:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:669:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:673:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:685:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:686:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:686:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:687:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:690:40: throw: if ‘cm_json_new_string’ throws an exception...
certmonger-0.79.21/src/submit-e.c:690:40: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/68/codeFlows/0/threadFlows/0/locations/0)
#  688|   				val = cm_json_new_string(cert, leafroot, -1);
#  689|   				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
#  690|-> 				nick = cm_json_new_string(cert, nickname, -1);
#  691|   				cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
#  692|   				cm_json_append(roots, cert);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def915]
certmonger-0.79.21/src/submit-e.c:691:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:663:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:667:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:669:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:673:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:685:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:686:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:686:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:687:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:691:33: throw: if ‘cm_json_set’ throws an exception...
certmonger-0.79.21/src/submit-e.c:691:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/69/codeFlows/0/threadFlows/0/locations/0)
#  689|   				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
#  690|   				nick = cm_json_new_string(cert, nickname, -1);
#  691|-> 				cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
#  692|   				cm_json_append(roots, cert);
#  693|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def916]
certmonger-0.79.21/src/submit-e.c:692:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:663:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:667:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:669:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:673:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:685:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:686:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:686:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:687:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:692:33: throw: if ‘cm_json_append’ throws an exception...
certmonger-0.79.21/src/submit-e.c:692:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/70/codeFlows/0/threadFlows/0/locations/0)
#  690|   				nick = cm_json_new_string(cert, nickname, -1);
#  691|   				cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
#  692|-> 				cm_json_append(roots, cert);
#  693|   			}
#  694|   			for (j = 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def917]
certmonger-0.79.21/src/submit-e.c:697:40: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:663:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:667:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:669:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:673:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:685:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:686:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:695:30: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:697:40: throw: if ‘cm_json_new_object’ throws an exception...
certmonger-0.79.21/src/submit-e.c:697:40: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/71/codeFlows/0/threadFlows/0/locations/0)
#  695|   			     (otherroots != NULL) && (otherroots[j] != NULL);
#  696|   			     j++) {
#  697|-> 				cert = cm_json_new_object(roots);
#  698|   				val = cm_json_new_string(cert, otherroots[i],
#  699|   							 -1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def918]
certmonger-0.79.21/src/submit-e.c:698:39: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:663:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:667:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:669:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:673:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:685:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:686:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:695:30: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:698:39: throw: if ‘cm_json_new_string’ throws an exception...
certmonger-0.79.21/src/submit-e.c:698:39: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/72/codeFlows/0/threadFlows/0/locations/0)
#  696|   			     j++) {
#  697|   				cert = cm_json_new_object(roots);
#  698|-> 				val = cm_json_new_string(cert, otherroots[i],
#  699|   							 -1);
#  700|   				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def919]
certmonger-0.79.21/src/submit-e.c:700:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:663:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:667:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:669:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:673:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:685:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:686:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:695:30: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:700:33: throw: if ‘cm_json_set’ throws an exception...
certmonger-0.79.21/src/submit-e.c:700:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/73/codeFlows/0/threadFlows/0/locations/0)
#  698|   				val = cm_json_new_string(cert, otherroots[i],
#  699|   							 -1);
#  700|-> 				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE,
#  701|   					    val);
#  702|   				nthnick = talloc_asprintf(cert, "%s #%d",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def920]
certmonger-0.79.21/src/submit-e.c:702:43: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:663:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:667:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:669:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:673:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:685:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:686:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:695:30: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:702:43: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/submit-e.c:702:43: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/74/codeFlows/0/threadFlows/0/locations/0)
#  700|   				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE,
#  701|   					    val);
#  702|-> 				nthnick = talloc_asprintf(cert, "%s #%d",
#  703|   							  nickname, j + 2);
#  704|   				nick = cm_json_new_string(cert, nthnick, -1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def921]
certmonger-0.79.21/src/submit-e.c:704:40: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:663:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:667:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:669:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:673:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:685:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:686:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:695:30: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:704:40: throw: if ‘cm_json_new_string’ throws an exception...
certmonger-0.79.21/src/submit-e.c:704:40: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/75/codeFlows/0/threadFlows/0/locations/0)
#  702|   				nthnick = talloc_asprintf(cert, "%s #%d",
#  703|   							  nickname, j + 2);
#  704|-> 				nick = cm_json_new_string(cert, nthnick, -1);
#  705|   				cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
#  706|   				cm_json_append(roots, cert);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def922]
certmonger-0.79.21/src/submit-e.c:705:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:663:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:667:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:669:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:673:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:685:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:686:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:695:30: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:705:33: throw: if ‘cm_json_set’ throws an exception...
certmonger-0.79.21/src/submit-e.c:705:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/76/codeFlows/0/threadFlows/0/locations/0)
#  703|   							  nickname, j + 2);
#  704|   				nick = cm_json_new_string(cert, nthnick, -1);
#  705|-> 				cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
#  706|   				cm_json_append(roots, cert);
#  707|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def923]
certmonger-0.79.21/src/submit-e.c:706:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:663:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:667:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:669:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:668:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:673:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:685:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:686:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:695:30: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:706:33: throw: if ‘cm_json_append’ throws an exception...
certmonger-0.79.21/src/submit-e.c:706:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/77/codeFlows/0/threadFlows/0/locations/0)
#  704|   				nick = cm_json_new_string(cert, nthnick, -1);
#  705|   				cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
#  706|-> 				cm_json_append(roots, cert);
#  707|   			}
#  708|   			if (toproot != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def924]
certmonger-0.79.21/src/submit-e.c:709:40: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:708:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:709:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:709:40: throw: if ‘cm_json_new_object’ throws an exception...
certmonger-0.79.21/src/submit-e.c:709:40: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/78/codeFlows/0/threadFlows/0/locations/0)
#  707|   			}
#  708|   			if (toproot != NULL) {
#  709|-> 				cert = cm_json_new_object(roots);
#  710|   				val = cm_json_new_string(cert, toproot, -1);
#  711|   				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def925]
certmonger-0.79.21/src/submit-e.c:710:39: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:708:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:709:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:710:39: throw: if ‘cm_json_new_string’ throws an exception...
certmonger-0.79.21/src/submit-e.c:710:39: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/79/codeFlows/0/threadFlows/0/locations/0)
#  708|   			if (toproot != NULL) {
#  709|   				cert = cm_json_new_object(roots);
#  710|-> 				val = cm_json_new_string(cert, toproot, -1);
#  711|   				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
#  712|   				nthnick = talloc_asprintf(cert, "%s #%d",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def926]
certmonger-0.79.21/src/submit-e.c:711:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:708:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:709:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:711:33: throw: if ‘cm_json_set’ throws an exception...
certmonger-0.79.21/src/submit-e.c:711:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/80/codeFlows/0/threadFlows/0/locations/0)
#  709|   				cert = cm_json_new_object(roots);
#  710|   				val = cm_json_new_string(cert, toproot, -1);
#  711|-> 				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
#  712|   				nthnick = talloc_asprintf(cert, "%s #%d",
#  713|   							  nickname, j + 2);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def927]
certmonger-0.79.21/src/submit-e.c:712:43: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:708:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:709:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:712:43: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/submit-e.c:712:43: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/81/codeFlows/0/threadFlows/0/locations/0)
#  710|   				val = cm_json_new_string(cert, toproot, -1);
#  711|   				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
#  712|-> 				nthnick = talloc_asprintf(cert, "%s #%d",
#  713|   							  nickname, j + 2);
#  714|   				nick = cm_json_new_string(cert, nthnick, -1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def928]
certmonger-0.79.21/src/submit-e.c:714:40: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:708:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:709:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:714:40: throw: if ‘cm_json_new_string’ throws an exception...
certmonger-0.79.21/src/submit-e.c:714:40: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/82/codeFlows/0/threadFlows/0/locations/0)
#  712|   				nthnick = talloc_asprintf(cert, "%s #%d",
#  713|   							  nickname, j + 2);
#  714|-> 				nick = cm_json_new_string(cert, nthnick, -1);
#  715|   				cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
#  716|   				cm_json_append(roots, cert);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def929]
certmonger-0.79.21/src/submit-e.c:715:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:708:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:709:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:715:33: throw: if ‘cm_json_set’ throws an exception...
certmonger-0.79.21/src/submit-e.c:715:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/83/codeFlows/0/threadFlows/0/locations/0)
#  713|   							  nickname, j + 2);
#  714|   				nick = cm_json_new_string(cert, nthnick, -1);
#  715|-> 				cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
#  716|   				cm_json_append(roots, cert);
#  717|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def930]
certmonger-0.79.21/src/submit-e.c:716:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:661:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:662:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:708:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:709:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:716:33: throw: if ‘cm_json_append’ throws an exception...
certmonger-0.79.21/src/submit-e.c:716:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/84/codeFlows/0/threadFlows/0/locations/0)
#  714|   				nick = cm_json_new_string(cert, nthnick, -1);
#  715|   				cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
#  716|-> 				cm_json_append(roots, cert);
#  717|   			}
#  718|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def931]
certmonger-0.79.21/src/submit-e.c:721:15: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:721:15: throw: if ‘cm_json_get’ throws an exception...
certmonger-0.79.21/src/submit-e.c:721:15: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/85/codeFlows/0/threadFlows/0/locations/0)
#  719|   	}
#  720|   	/* Now do the same for any chain certificates. */
#  721|-> 	tmp = cm_json_get(msg, CM_SUBMIT_E_CHAIN);
#  722|   	for (i = 0; i < cm_json_array_size(tmp); i++) {
#  723|   		cert = cm_json_n(tmp, i);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def932]
certmonger-0.79.21/src/submit-e.c:722:25: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:25: throw: if ‘cm_json_array_size’ throws an exception...
certmonger-0.79.21/src/submit-e.c:722:25: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/86/codeFlows/0/threadFlows/0/locations/0)
#  720|   	/* Now do the same for any chain certificates. */
#  721|   	tmp = cm_json_get(msg, CM_SUBMIT_E_CHAIN);
#  722|-> 	for (i = 0; i < cm_json_array_size(tmp); i++) {
#  723|   		cert = cm_json_n(tmp, i);
#  724|   		if (cm_json_type(cert) != cm_json_type_object) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def933]
certmonger-0.79.21/src/submit-e.c:723:24: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:723:24: throw: if ‘cm_json_n’ throws an exception...
certmonger-0.79.21/src/submit-e.c:723:24: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/87/codeFlows/0/threadFlows/0/locations/0)
#  721|   	tmp = cm_json_get(msg, CM_SUBMIT_E_CHAIN);
#  722|   	for (i = 0; i < cm_json_array_size(tmp); i++) {
#  723|-> 		cert = cm_json_n(tmp, i);
#  724|   		if (cm_json_type(cert) != cm_json_type_object) {
#  725|   			continue;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def934]
certmonger-0.79.21/src/submit-e.c:724:21: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:724:21: throw: if ‘cm_json_type’ throws an exception...
certmonger-0.79.21/src/submit-e.c:724:21: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/88/codeFlows/0/threadFlows/0/locations/0)
#  722|   	for (i = 0; i < cm_json_array_size(tmp); i++) {
#  723|   		cert = cm_json_n(tmp, i);
#  724|-> 		if (cm_json_type(cert) != cm_json_type_object) {
#  725|   			continue;
#  726|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def935]
certmonger-0.79.21/src/submit-e.c:728:23: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:724:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:728:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:728:23: throw: if ‘cm_json_get’ throws an exception...
certmonger-0.79.21/src/submit-e.c:728:23: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/89/codeFlows/0/threadFlows/0/locations/0)
#  726|   		}
#  727|   		/* Pull the chain certificate, or whatever it is. */
#  728|-> 		val = cm_json_get(cert, CM_SUBMIT_E_CERTIFICATE);
#  729|   		if ((val == NULL) ||
#  730|   		    (cm_json_type(val) != cm_json_type_string)) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def936]
certmonger-0.79.21/src/submit-e.c:730:22: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:724:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:728:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:730:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:730:22: throw: if ‘cm_json_type’ throws an exception...
certmonger-0.79.21/src/submit-e.c:730:22: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/90/codeFlows/0/threadFlows/0/locations/0)
#  728|   		val = cm_json_get(cert, CM_SUBMIT_E_CERTIFICATE);
#  729|   		if ((val == NULL) ||
#  730|-> 		    (cm_json_type(val) != cm_json_type_string)) {
#  731|   			continue;
#  732|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def937]
certmonger-0.79.21/src/submit-e.c:734:24: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:724:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:728:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:730:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:734:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:734:24: throw: if ‘cm_json_get’ throws an exception...
certmonger-0.79.21/src/submit-e.c:734:24: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/91/codeFlows/0/threadFlows/0/locations/0)
#  732|   		}
#  733|   		/* Read the nickname, or provide a default. */
#  734|-> 		nick = cm_json_get(cert, CM_SUBMIT_E_NICKNAME);
#  735|   		if ((nick == NULL) ||
#  736|   		    (cm_json_type(nick) != cm_json_type_string)) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def938]
certmonger-0.79.21/src/submit-e.c:736:22: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:724:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:728:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:730:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:734:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:735:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:736:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:736:22: throw: if ‘cm_json_type’ throws an exception...
certmonger-0.79.21/src/submit-e.c:736:22: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/92/codeFlows/0/threadFlows/0/locations/0)
#  734|   		nick = cm_json_get(cert, CM_SUBMIT_E_NICKNAME);
#  735|   		if ((nick == NULL) ||
#  736|-> 		    (cm_json_type(nick) != cm_json_type_string)) {
#  737|   			p = talloc_asprintf(cert, "chain #%d", i + 1);
#  738|   			nick = cm_json_new_string(chain, p, -1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def939]
certmonger-0.79.21/src/submit-e.c:737:29: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:724:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:728:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:730:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:734:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:737:29: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/submit-e.c:737:29: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/93/codeFlows/0/threadFlows/0/locations/0)
#  735|   		if ((nick == NULL) ||
#  736|   		    (cm_json_type(nick) != cm_json_type_string)) {
#  737|-> 			p = talloc_asprintf(cert, "chain #%d", i + 1);
#  738|   			nick = cm_json_new_string(chain, p, -1);
#  739|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def940]
certmonger-0.79.21/src/submit-e.c:738:32: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:724:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:728:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:730:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:734:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:738:32: throw: if ‘cm_json_new_string’ throws an exception...
certmonger-0.79.21/src/submit-e.c:738:32: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/94/codeFlows/0/threadFlows/0/locations/0)
#  736|   		    (cm_json_type(nick) != cm_json_type_string)) {
#  737|   			p = talloc_asprintf(cert, "chain #%d", i + 1);
#  738|-> 			nick = cm_json_new_string(chain, p, -1);
#  739|   		}
#  740|   		nickname = cm_json_string(nick, NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def941]
certmonger-0.79.21/src/submit-e.c:740:28: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:724:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:728:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:730:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:734:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:740:28: throw: if ‘cm_json_string’ throws an exception...
certmonger-0.79.21/src/submit-e.c:740:28: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/95/codeFlows/0/threadFlows/0/locations/0)
#  738|   			nick = cm_json_new_string(chain, p, -1);
#  739|   		}
#  740|-> 		nickname = cm_json_string(nick, NULL);
#  741|   		/* Let the parser at it. */
#  742|   		u = (const unsigned char *) cm_json_string(val, &length);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def942]
certmonger-0.79.21/src/submit-e.c:742:45: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:724:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:728:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:730:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:734:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:742:45: throw: if ‘cm_json_string’ throws an exception...
certmonger-0.79.21/src/submit-e.c:742:45: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/96/codeFlows/0/threadFlows/0/locations/0)
#  740|   		nickname = cm_json_string(nick, NULL);
#  741|   		/* Let the parser at it. */
#  742|-> 		u = (const unsigned char *) cm_json_string(val, &length);
#  743|   		j = cm_pkcs7_parse(0, estate,
#  744|   				   &leafroot, &toproot, &otherroots,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def943]
certmonger-0.79.21/src/submit-e.c:743:21: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:724:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:728:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:730:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:734:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:743:21: throw: if ‘cm_pkcs7_parse’ throws an exception...
certmonger-0.79.21/src/submit-e.c:743:21: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/97/codeFlows/0/threadFlows/0/locations/0)
#  741|   		/* Let the parser at it. */
#  742|   		u = (const unsigned char *) cm_json_string(val, &length);
#  743|-> 		j = cm_pkcs7_parse(0, estate,
#  744|   				   &leafroot, &toproot, &otherroots,
#  745|   				   NULL, NULL, u, length, NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def944]
certmonger-0.79.21/src/submit-e.c:748:40: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:724:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:728:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:730:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:734:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:746:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:747:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:747:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:748:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:748:40: throw: if ‘cm_json_new_object’ throws an exception...
certmonger-0.79.21/src/submit-e.c:748:40: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/98/codeFlows/0/threadFlows/0/locations/0)
#  746|   		if (j == 0) {
#  747|   			if (leafroot != NULL) {
#  748|-> 				cert = cm_json_new_object(chain);
#  749|   				val = cm_json_new_string(cert, leafroot, -1);
#  750|   				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def945]
certmonger-0.79.21/src/submit-e.c:749:39: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:724:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:728:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:730:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:734:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:746:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:747:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:747:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:748:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:749:39: throw: if ‘cm_json_new_string’ throws an exception...
certmonger-0.79.21/src/submit-e.c:749:39: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/99/codeFlows/0/threadFlows/0/locations/0)
#  747|   			if (leafroot != NULL) {
#  748|   				cert = cm_json_new_object(chain);
#  749|-> 				val = cm_json_new_string(cert, leafroot, -1);
#  750|   				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
#  751|   				nick = cm_json_new_string(cert, nickname, -1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def946]
certmonger-0.79.21/src/submit-e.c:750:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:724:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:728:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:730:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:734:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:746:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:747:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:747:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:748:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:750:33: throw: if ‘cm_json_set’ throws an exception...
certmonger-0.79.21/src/submit-e.c:750:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/100/codeFlows/0/threadFlows/0/locations/0)
#  748|   				cert = cm_json_new_object(chain);
#  749|   				val = cm_json_new_string(cert, leafroot, -1);
#  750|-> 				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
#  751|   				nick = cm_json_new_string(cert, nickname, -1);
#  752|   				cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def947]
certmonger-0.79.21/src/submit-e.c:751:40: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:724:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:728:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:730:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:734:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:746:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:747:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:747:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:748:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:751:40: throw: if ‘cm_json_new_string’ throws an exception...
certmonger-0.79.21/src/submit-e.c:751:40: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/101/codeFlows/0/threadFlows/0/locations/0)
#  749|   				val = cm_json_new_string(cert, leafroot, -1);
#  750|   				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
#  751|-> 				nick = cm_json_new_string(cert, nickname, -1);
#  752|   				cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
#  753|   				cm_json_append(chain, cert);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def948]
certmonger-0.79.21/src/submit-e.c:752:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:724:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:728:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:730:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:734:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:746:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:747:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:747:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:748:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:752:33: throw: if ‘cm_json_set’ throws an exception...
certmonger-0.79.21/src/submit-e.c:752:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/102/codeFlows/0/threadFlows/0/locations/0)
#  750|   				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
#  751|   				nick = cm_json_new_string(cert, nickname, -1);
#  752|-> 				cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
#  753|   				cm_json_append(chain, cert);
#  754|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def949]
certmonger-0.79.21/src/submit-e.c:753:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:724:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:728:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:730:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:734:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:746:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:747:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:747:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:748:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:753:33: throw: if ‘cm_json_append’ throws an exception...
certmonger-0.79.21/src/submit-e.c:753:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/103/codeFlows/0/threadFlows/0/locations/0)
#  751|   				nick = cm_json_new_string(cert, nickname, -1);
#  752|   				cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
#  753|-> 				cm_json_append(chain, cert);
#  754|   			}
#  755|   			for (j = 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def950]
certmonger-0.79.21/src/submit-e.c:758:40: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:724:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:728:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:730:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:734:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:746:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:747:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:756:30: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:758:40: throw: if ‘cm_json_new_object’ throws an exception...
certmonger-0.79.21/src/submit-e.c:758:40: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/104/codeFlows/0/threadFlows/0/locations/0)
#  756|   			     (otherroots != NULL) && (otherroots[j] != NULL);
#  757|   			     j++) {
#  758|-> 				cert = cm_json_new_object(chain);
#  759|   				val = cm_json_new_string(cert, otherroots[i],
#  760|   							 -1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def951]
certmonger-0.79.21/src/submit-e.c:759:39: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:724:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:728:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:730:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:734:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:746:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:747:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:756:30: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:759:39: throw: if ‘cm_json_new_string’ throws an exception...
certmonger-0.79.21/src/submit-e.c:759:39: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/105/codeFlows/0/threadFlows/0/locations/0)
#  757|   			     j++) {
#  758|   				cert = cm_json_new_object(chain);
#  759|-> 				val = cm_json_new_string(cert, otherroots[i],
#  760|   							 -1);
#  761|   				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def952]
certmonger-0.79.21/src/submit-e.c:761:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:724:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:728:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:730:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:734:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:746:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:747:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:756:30: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:761:33: throw: if ‘cm_json_set’ throws an exception...
certmonger-0.79.21/src/submit-e.c:761:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/106/codeFlows/0/threadFlows/0/locations/0)
#  759|   				val = cm_json_new_string(cert, otherroots[i],
#  760|   							 -1);
#  761|-> 				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE,
#  762|   					    val);
#  763|   				nthnick = talloc_asprintf(cert, "%s #%d",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def953]
certmonger-0.79.21/src/submit-e.c:763:43: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:724:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:728:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:730:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:734:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:746:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:747:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:756:30: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:763:43: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/submit-e.c:763:43: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/107/codeFlows/0/threadFlows/0/locations/0)
#  761|   				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE,
#  762|   					    val);
#  763|-> 				nthnick = talloc_asprintf(cert, "%s #%d",
#  764|   							  nickname, j + 2);
#  765|   				nick = cm_json_new_string(cert, nthnick, -1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def954]
certmonger-0.79.21/src/submit-e.c:765:40: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:724:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:728:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:730:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:734:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:746:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:747:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:756:30: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:765:40: throw: if ‘cm_json_new_string’ throws an exception...
certmonger-0.79.21/src/submit-e.c:765:40: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/108/codeFlows/0/threadFlows/0/locations/0)
#  763|   				nthnick = talloc_asprintf(cert, "%s #%d",
#  764|   							  nickname, j + 2);
#  765|-> 				nick = cm_json_new_string(cert, nthnick, -1);
#  766|   				cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
#  767|   				cm_json_append(chain, cert);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def955]
certmonger-0.79.21/src/submit-e.c:766:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:724:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:728:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:730:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:734:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:746:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:747:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:756:30: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:766:33: throw: if ‘cm_json_set’ throws an exception...
certmonger-0.79.21/src/submit-e.c:766:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/109/codeFlows/0/threadFlows/0/locations/0)
#  764|   							  nickname, j + 2);
#  765|   				nick = cm_json_new_string(cert, nthnick, -1);
#  766|-> 				cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
#  767|   				cm_json_append(chain, cert);
#  768|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def956]
certmonger-0.79.21/src/submit-e.c:767:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:724:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:728:23: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:730:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:734:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:746:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:747:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:756:30: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:767:33: throw: if ‘cm_json_append’ throws an exception...
certmonger-0.79.21/src/submit-e.c:767:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/110/codeFlows/0/threadFlows/0/locations/0)
#  765|   				nick = cm_json_new_string(cert, nthnick, -1);
#  766|   				cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
#  767|-> 				cm_json_append(chain, cert);
#  768|   			}
#  769|   			if (toproot != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def957]
certmonger-0.79.21/src/submit-e.c:770:40: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:729:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:730:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:734:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:746:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:747:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:769:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:770:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:770:40: throw: if ‘cm_json_new_object’ throws an exception...
certmonger-0.79.21/src/submit-e.c:770:40: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/111/codeFlows/0/threadFlows/0/locations/0)
#  768|   			}
#  769|   			if (toproot != NULL) {
#  770|-> 				cert = cm_json_new_object(chain);
#  771|   				val = cm_json_new_string(cert, toproot, -1);
#  772|   				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def958]
certmonger-0.79.21/src/submit-e.c:771:39: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:729:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:730:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:734:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:746:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:747:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:769:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:770:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:771:39: throw: if ‘cm_json_new_string’ throws an exception...
certmonger-0.79.21/src/submit-e.c:771:39: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/112/codeFlows/0/threadFlows/0/locations/0)
#  769|   			if (toproot != NULL) {
#  770|   				cert = cm_json_new_object(chain);
#  771|-> 				val = cm_json_new_string(cert, toproot, -1);
#  772|   				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
#  773|   				nthnick = talloc_asprintf(cert, "%s #%d",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def959]
certmonger-0.79.21/src/submit-e.c:772:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:729:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:730:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:734:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:746:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:747:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:769:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:770:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:772:33: throw: if ‘cm_json_set’ throws an exception...
certmonger-0.79.21/src/submit-e.c:772:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/113/codeFlows/0/threadFlows/0/locations/0)
#  770|   				cert = cm_json_new_object(chain);
#  771|   				val = cm_json_new_string(cert, toproot, -1);
#  772|-> 				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
#  773|   				nthnick = talloc_asprintf(cert, "%s #%d",
#  774|   							  nickname, j + 2);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def960]
certmonger-0.79.21/src/submit-e.c:773:43: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:729:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:730:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:734:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:746:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:747:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:769:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:770:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:773:43: throw: if ‘talloc_asprintf’ throws an exception...
certmonger-0.79.21/src/submit-e.c:773:43: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/114/codeFlows/0/threadFlows/0/locations/0)
#  771|   				val = cm_json_new_string(cert, toproot, -1);
#  772|   				cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
#  773|-> 				nthnick = talloc_asprintf(cert, "%s #%d",
#  774|   							  nickname, j + 2);
#  775|   				nick = cm_json_new_string(cert, nthnick, -1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def961]
certmonger-0.79.21/src/submit-e.c:775:40: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:729:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:730:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:734:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:746:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:747:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:769:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:770:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:775:40: throw: if ‘cm_json_new_string’ throws an exception...
certmonger-0.79.21/src/submit-e.c:775:40: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/115/codeFlows/0/threadFlows/0/locations/0)
#  773|   				nthnick = talloc_asprintf(cert, "%s #%d",
#  774|   							  nickname, j + 2);
#  775|-> 				nick = cm_json_new_string(cert, nthnick, -1);
#  776|   				cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
#  777|   				cm_json_append(chain, cert);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def962]
certmonger-0.79.21/src/submit-e.c:776:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:729:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:730:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:734:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:746:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:747:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:769:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:770:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:776:33: throw: if ‘cm_json_set’ throws an exception...
certmonger-0.79.21/src/submit-e.c:776:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/116/codeFlows/0/threadFlows/0/locations/0)
#  774|   							  nickname, j + 2);
#  775|   				nick = cm_json_new_string(cert, nthnick, -1);
#  776|-> 				cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
#  777|   				cm_json_append(chain, cert);
#  778|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def963]
certmonger-0.79.21/src/submit-e.c:777:33: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:722:21: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:723:24: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:729:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:730:22: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:729:21: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:734:24: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:746:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:747:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:769:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:770:40: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:777:33: throw: if ‘cm_json_append’ throws an exception...
certmonger-0.79.21/src/submit-e.c:777:33: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/117/codeFlows/0/threadFlows/0/locations/0)
#  775|   				nick = cm_json_new_string(cert, nthnick, -1);
#  776|   				cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
#  777|-> 				cm_json_append(chain, cert);
#  778|   			}
#  779|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def964]
certmonger-0.79.21/src/submit-e.c:782:13: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:782:13: throw: if ‘cm_json_array_size’ throws an exception...
certmonger-0.79.21/src/submit-e.c:782:13: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/118/codeFlows/0/threadFlows/0/locations/0)
#  780|   	}
#  781|   	/* and put the lists into the final document. */
#  782|-> 	if (cm_json_array_size(chain) > 0) {
#  783|   		cm_json_set(json, CM_SUBMIT_E_CHAIN, chain);
#  784|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def965]
certmonger-0.79.21/src/submit-e.c:783:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:782:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:783:17: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:783:17: throw: if ‘cm_json_set’ throws an exception...
certmonger-0.79.21/src/submit-e.c:783:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/119/codeFlows/0/threadFlows/0/locations/0)
#  781|   	/* and put the lists into the final document. */
#  782|   	if (cm_json_array_size(chain) > 0) {
#  783|-> 		cm_json_set(json, CM_SUBMIT_E_CHAIN, chain);
#  784|   	}
#  785|   	if (cm_json_array_size(roots) > 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def966]
certmonger-0.79.21/src/submit-e.c:785:13: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:785:13: throw: if ‘cm_json_array_size’ throws an exception...
certmonger-0.79.21/src/submit-e.c:785:13: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/120/codeFlows/0/threadFlows/0/locations/0)
#  783|   		cm_json_set(json, CM_SUBMIT_E_CHAIN, chain);
#  784|   	}
#  785|-> 	if (cm_json_array_size(roots) > 0) {
#  786|   		cm_json_set(json, CM_SUBMIT_E_ROOTS, roots);
#  787|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def967]
certmonger-0.79.21/src/submit-e.c:786:17: warning[-Wanalyzer-malloc-leak]: leak of ‘status’
certmonger-0.79.21/src/submit-e.c:555:18: acquire_memory: allocated here
certmonger-0.79.21/src/submit-e.c:556:12: branch_false: following ‘false’ branch (when ‘status’ is non-NULL)...
certmonger-0.79.21/src/submit-e.c:560:9: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:785:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:786:17: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:786:17: throw: if ‘cm_json_set’ throws an exception...
certmonger-0.79.21/src/submit-e.c:786:17: danger: ‘status’ leaks here; was allocated at [(1)](sarif:/runs/0/results/121/codeFlows/0/threadFlows/0/locations/0)
#  784|   	}
#  785|   	if (cm_json_array_size(roots) > 0) {
#  786|-> 		cm_json_set(json, CM_SUBMIT_E_ROOTS, roots);
#  787|   	}
#  788|   	/* Provide some indications about the key. */

Error: GCC_ANALYZER_WARNING (CWE-775): [#def968]
certmonger-0.79.21/src/submit-e.c:922:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(fd, 1)’
certmonger-0.79.21/src/submit-e.c:847:1: enter_function: entry to ‘cm_submit_e_helper_main’
certmonger-0.79.21/src/submit-e.c:891:9: call_function: calling ‘maybe_setenv’ from ‘cm_submit_e_helper_main’
certmonger-0.79.21/src/submit-e.c:891:9: return_function: returning to ‘cm_submit_e_helper_main’ from ‘maybe_setenv’
certmonger-0.79.21/src/submit-e.c:922:13: acquire_resource: opened here
certmonger-0.79.21/src/submit-e.c:922:12: danger: ‘dup2(fd, 1)’ leaks here; was opened at [(7)](sarif:/runs/0/results/122/codeFlows/0/threadFlows/0/locations/6)
#  920|   		     cm_submit_maybe_joinv(NULL, "\n",
#  921|   					   entry->cm_template_ipaddress));
#  922|-> 	if (dup2(fd, STDOUT_FILENO) == -1) {
#  923|   		u = errno;
#  924|   		cm_log(1, "Error redirecting standard out for "

Error: GCC_ANALYZER_WARNING (CWE-775): [#def969]
certmonger-0.79.21/src/submit-e.c:994:29: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘errorfds[0]’
certmonger-0.79.21/src/submit-e.c:969:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:969:12: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:984:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:988:17: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:993:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:994:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:994:29: throw: if ‘fcntl’ throws an exception...
certmonger-0.79.21/src/submit-e.c:994:29: danger: ‘errorfds[0]’ leaks here
#  992|   		state->reserved = estate;
#  993|   		if (pipe(errorfds) != -1) {
#  994|-> 			if (fcntl(errorfds[1], F_SETFD, 1L) == -1) {
#  995|   				close(errorfds[0]);
#  996|   				close(errorfds[1]);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def970]
certmonger-0.79.21/src/submit-e.c:994:29: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘errorfds[1]’
certmonger-0.79.21/src/submit-e.c:969:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:969:12: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:984:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:988:17: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:993:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:994:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:994:29: throw: if ‘fcntl’ throws an exception...
certmonger-0.79.21/src/submit-e.c:994:29: danger: ‘errorfds[1]’ leaks here
#  992|   		state->reserved = estate;
#  993|   		if (pipe(errorfds) != -1) {
#  994|-> 			if (fcntl(errorfds[1], F_SETFD, 1L) == -1) {
#  995|   				close(errorfds[0]);
#  996|   				close(errorfds[1]);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def971]
certmonger-0.79.21/src/submit-e.c:995:33: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘errorfds[0]’
certmonger-0.79.21/src/submit-e.c:969:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:969:12: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:984:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:988:17: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:993:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:994:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:994:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:995:33: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:995:33: throw: if ‘close’ throws an exception...
certmonger-0.79.21/src/submit-e.c:995:33: danger: ‘errorfds[0]’ leaks here
#  993|   		if (pipe(errorfds) != -1) {
#  994|   			if (fcntl(errorfds[1], F_SETFD, 1L) == -1) {
#  995|-> 				close(errorfds[0]);
#  996|   				close(errorfds[1]);
#  997|   				cm_log(-1, "Unexpected error while "

Error: GCC_ANALYZER_WARNING (CWE-775): [#def972]
certmonger-0.79.21/src/submit-e.c:1007:50: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘errorfds[0]’
certmonger-0.79.21/src/submit-e.c:969:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:969:12: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:984:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:988:17: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:993:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-e.c:994:29: branch_true: ...to here
certmonger-0.79.21/src/submit-e.c:994:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-e.c:1004:49: branch_false: ...to here
certmonger-0.79.21/src/submit-e.c:1007:50: throw: if ‘cm_subproc_start’ throws an exception...
certmonger-0.79.21/src/submit-e.c:1007:50: danger: ‘errorfds[0]’ leaks here
# 1005|   				args.spki = spki;
# 1006|   				args.operation = operation;
# 1007|-> 				state->subproc = cm_subproc_start(cm_submit_e_helper_main,
# 1008|   								  state,
# 1009|   								  ca, entry,

Error: COMPILER_WARNING (CWE-9001): [#def973]
certmonger-0.79.21/src/submit-h.c:225:25: warning[-Wattribute-warning]: call to ‘Wcurl_easy_setopt_err_long’ declared with attribute warning: curl_easy_setopt expects a long argument
#  225 |                         curl_easy_setopt(ctx->curl,
#      |                         ^
#  223|   			}
#  224|   		} else {
#  225|-> 			curl_easy_setopt(ctx->curl,
#  226|   					 CURLOPT_FOLLOWLOCATION,
#  227|   					 1);

Error: COMPILER_WARNING (CWE-9001): [#def974]
certmonger-0.79.21/src/submit-h.c:257:17: warning[-Wattribute-warning]: call to ‘Wcurl_easy_setopt_err_write_callback’ declared with attribute warning: curl_easy_setopt expects a curl_write_callback argument
#  257 |                 curl_easy_setopt(ctx->curl, CURLOPT_WRITEFUNCTION,
#      |                 ^
#  255|   		}
#  256|   		curl_easy_setopt(ctx->curl, CURLOPT_HTTPHEADER, headers);
#  257|-> 		curl_easy_setopt(ctx->curl, CURLOPT_WRITEFUNCTION,
#  258|   				 append_result);
#  259|   		curl_easy_setopt(ctx->curl, CURLOPT_WRITEDATA, ctx);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def975]
certmonger-0.79.21/src/submit-h.c:366:21: warning[-Wanalyzer-malloc-leak]: leak of ‘sslpass’
certmonger-0.79.21/src/submit-h.c:362:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-h.c:365:9: branch_false: ...to here
certmonger-0.79.21/src/submit-h.c:366:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-h.c:367:17: branch_true: ...to here
certmonger-0.79.21/src/submit-h.c:384:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-h.c:385:46: branch_true: ...to here
certmonger-0.79.21/src/submit-h.c:385:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-h.c:386:59: acquire_memory: allocated here
certmonger-0.79.21/src/submit-h.c:387:52: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-h.c:388:61: branch_true: ...to here
certmonger-0.79.21/src/submit-h.c:388:60: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-h.c:389:72: branch_true: ...to here
certmonger-0.79.21/src/submit-h.c:366:21: throw: if ‘poptGetNextOpt’ throws an exception...
certmonger-0.79.21/src/submit-h.c:366:21: danger: ‘sslpass’ leaks here; was allocated at [(9)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/8)
#  364|   	}
#  365|   	poptSetOtherOptionHelp(pctx, "[options...] METHOD URL");
#  366|-> 	while ((c = poptGetNextOpt(pctx)) > 0) {
#  367|   		switch (c) {
#  368|   		case 'N':

Error: GCC_ANALYZER_WARNING (CWE-401): [#def976]
certmonger-0.79.21/src/submit-h.c:403:41: warning[-Wanalyzer-malloc-leak]: leak of ‘sslpass’
certmonger-0.79.21/src/submit-h.c:362:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-h.c:365:9: branch_false: ...to here
certmonger-0.79.21/src/submit-h.c:366:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-h.c:367:17: branch_true: ...to here
certmonger-0.79.21/src/submit-h.c:384:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-h.c:385:46: branch_true: ...to here
certmonger-0.79.21/src/submit-h.c:385:44: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-h.c:386:59: acquire_memory: allocated here
certmonger-0.79.21/src/submit-h.c:387:52: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-h.c:388:61: branch_true: ...to here
certmonger-0.79.21/src/submit-h.c:388:60: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-h.c:389:72: branch_true: ...to here
certmonger-0.79.21/src/submit-h.c:403:41: throw: if ‘close’ throws an exception...
certmonger-0.79.21/src/submit-h.c:403:41: danger: ‘sslpass’ leaks here; was allocated at [(9)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/8)
#  401|   						exit(1);
#  402|   					}
#  403|-> 					close(fd);
#  404|   				} else {
#  405|   					fprintf(stderr, "Error reading PIN from \"%s\": %s.\n", pinfile, strerror(errno));

Error: COMPILER_WARNING (CWE-563): [#def977]
certmonger-0.79.21/src/submit-n.c:86:48: warning[-Wunused-parameter]: unused parameter ‘old_cert’
#   86 |               SECKEYPrivateKey *privkey, X509 *old_cert)
#      |                                          ~~~~~~^~~~~~~~
#   84|   static SECItem *
#   85|   try_to_decode(void *parent, PLArenaPool *arena, SECItem *item,
#   86|-> 	      SECKEYPrivateKey *privkey, X509 *old_cert)
#   87|   {
#   88|   	SECOidTag tag;

Error: COMPILER_WARNING (CWE-477): [#def978]
certmonger-0.79.21/src/submit-n.c: scope_hint: In function ‘try_to_decode’
certmonger-0.79.21/src/submit-n.c:202:9: warning[-Wdeprecated-declarations]: ‘RSA_new’ is deprecated: Since OpenSSL 3.0
#  202 |         rsa = RSA_new();
#      |         ^~~
/usr/include/openssl/x509.h:36: included_from: Included from here.
certmonger-0.79.21/src/submit-n.c:35: included_from: Included from here.
/usr/include/openssl/rsa.h:212:28: note: declared here
#  212 | OSSL_DEPRECATEDIN_3_0 RSA *RSA_new(void);
#      |                            ^~~~~~~
#  200|   	}
#  201|   	BN_set_word(exponent, CM_DEFAULT_RSA_EXPONENT);
#  202|-> 	rsa = RSA_new();
#  203|   	if (rsa == NULL) {
#  204|   		cm_log(1, "Error allocating new RSA key.\n");

Error: COMPILER_WARNING (CWE-477): [#def979]
certmonger-0.79.21/src/submit-n.c:202:9: warning[-Wdeprecated-declarations]: ‘RSA_new’ is deprecated: Since OpenSSL 3.0
#  200|   	}
#  201|   	BN_set_word(exponent, CM_DEFAULT_RSA_EXPONENT);
#  202|-> 	rsa = RSA_new();
#  203|   	if (rsa == NULL) {
#  204|   		cm_log(1, "Error allocating new RSA key.\n");

Error: COMPILER_WARNING (CWE-477): [#def980]
certmonger-0.79.21/src/submit-n.c:208:9: warning[-Wdeprecated-declarations]: ‘RSA_generate_key_ex’ is deprecated: Since OpenSSL 3.0
#  208 |         if (RSA_generate_key_ex(rsa, CM_DEFAULT_PUBKEY_SIZE, exponent, NULL) != 1) {
#      |         ^~
/usr/include/openssl/rsa.h:271:27: note: declared here
#  271 | OSSL_DEPRECATEDIN_3_0 int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e,
#      |                           ^~~~~~~~~~~~~~~~~~~
#  206|   	}
#  207|   retry_gen:
#  208|-> 	if (RSA_generate_key_ex(rsa, CM_DEFAULT_PUBKEY_SIZE, exponent, NULL) != 1) {
#  209|   		cm_log(1, "Error generating key.\n");
#  210|   		goto done;

Error: COMPILER_WARNING (CWE-477): [#def981]
certmonger-0.79.21/src/submit-n.c:208:9: warning[-Wdeprecated-declarations]: ‘RSA_generate_key_ex’ is deprecated: Since OpenSSL 3.0
#  206|   	}
#  207|   retry_gen:
#  208|-> 	if (RSA_generate_key_ex(rsa, CM_DEFAULT_PUBKEY_SIZE, exponent, NULL) != 1) {
#  209|   		cm_log(1, "Error generating key.\n");
#  210|   		goto done;

Error: COMPILER_WARNING (CWE-477): [#def982]
certmonger-0.79.21/src/submit-n.c:212:9: warning[-Wdeprecated-declarations]: ‘RSA_check_key’ is deprecated: Since OpenSSL 3.0
#  212 |         if (RSA_check_key(rsa) != 1) { /* should be unnecessary */
#      |         ^~
/usr/include/openssl/rsa.h:289:27: note: declared here
#  289 | OSSL_DEPRECATEDIN_3_0 int RSA_check_key(const RSA *);
#      |                           ^~~~~~~~~~~~~
#  210|   		goto done;
#  211|   	}
#  212|-> 	if (RSA_check_key(rsa) != 1) { /* should be unnecessary */
#  213|   		cm_log(1, "Key fails checks.  Retrying.\n");
#  214|   		goto retry_gen;

Error: COMPILER_WARNING (CWE-477): [#def983]
certmonger-0.79.21/src/submit-n.c:212:9: warning[-Wdeprecated-declarations]: ‘RSA_check_key’ is deprecated: Since OpenSSL 3.0
#  210|   		goto done;
#  211|   	}
#  212|-> 	if (RSA_check_key(rsa) != 1) { /* should be unnecessary */
#  213|   		cm_log(1, "Key fails checks.  Retrying.\n");
#  214|   		goto retry_gen;

Error: COMPILER_WARNING (CWE-477): [#def984]
certmonger-0.79.21/src/submit-n.c:216:9: warning[-Wdeprecated-declarations]: ‘EVP_PKEY_set1_RSA’ is deprecated: Since OpenSSL 3.0
#  216 |         EVP_PKEY_set1_RSA(pkey, rsa);
#      |         ^~~~~~~~~~~~~~~~~
certmonger-0.79.21/src/submit-n.c:31: included_from: Included from here.
/usr/include/openssl/evp.h:1414:5: note: declared here
# 1414 | int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, struct rsa_st *key);
#      |     ^~~~~~~~~~~~~~~~~
#  214|   		goto retry_gen;
#  215|   	}
#  216|-> 	EVP_PKEY_set1_RSA(pkey, rsa);
#  217|   
#  218|   	/* Encrypt the bulk key.  We're about to decrypt it again, so do it the

Error: COMPILER_WARNING (CWE-477): [#def985]
certmonger-0.79.21/src/submit-n.c:216:9: warning[-Wdeprecated-declarations]: ‘EVP_PKEY_set1_RSA’ is deprecated: Since OpenSSL 3.0
#  214|   		goto retry_gen;
#  215|   	}
#  216|-> 	EVP_PKEY_set1_RSA(pkey, rsa);
#  217|   
#  218|   	/* Encrypt the bulk key.  We're about to decrypt it again, so do it the

Error: COMPILER_WARNING (CWE-477): [#def986]
certmonger-0.79.21/src/submit-n.c:220:9: warning[-Wdeprecated-declarations]: ‘RSA_size’ is deprecated: Since OpenSSL 3.0
#  220 |         reenc_len = dec_len + RSA_size(rsa);
#      |         ^~~~~~~~~
/usr/include/openssl/rsa.h:215:27: note: declared here
#  215 | OSSL_DEPRECATEDIN_3_0 int RSA_size(const RSA *rsa);
#      |                           ^~~~~~~~
#  218|   	/* Encrypt the bulk key.  We're about to decrypt it again, so do it the
#  219|   	 * simplest way that we can. */
#  220|-> 	reenc_len = dec_len + RSA_size(rsa);
#  221|   	reenc = talloc_size(parent, reenc_len);
#  222|   	padding = RSA_PKCS1_PADDING;

Error: COMPILER_WARNING (CWE-477): [#def987]
certmonger-0.79.21/src/submit-n.c:220:9: warning[-Wdeprecated-declarations]: ‘RSA_size’ is deprecated: Since OpenSSL 3.0
#  218|   	/* Encrypt the bulk key.  We're about to decrypt it again, so do it the
#  219|   	 * simplest way that we can. */
#  220|-> 	reenc_len = dec_len + RSA_size(rsa);
#  221|   	reenc = talloc_size(parent, reenc_len);
#  222|   	padding = RSA_PKCS1_PADDING;

Error: COMPILER_WARNING (CWE-477): [#def988]
certmonger-0.79.21/src/submit-n.c:223:9: warning[-Wdeprecated-declarations]: ‘RSA_public_encrypt’ is deprecated: Since OpenSSL 3.0
#  223 |         reenc_len = RSA_public_encrypt(dec_len, dec, reenc, rsa, padding);
#      |         ^~~~~~~~~
/usr/include/openssl/rsa.h:293:5: note: declared here
#  293 | int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to,
#      |     ^~~~~~~~~~~~~~~~~~
#  221|   	reenc = talloc_size(parent, reenc_len);
#  222|   	padding = RSA_PKCS1_PADDING;
#  223|-> 	reenc_len = RSA_public_encrypt(dec_len, dec, reenc, rsa, padding);
#  224|   	if (reenc_len < 0) {
#  225|   		cm_log(1, "Error reencrypting.\n");

Error: COMPILER_WARNING (CWE-477): [#def989]
certmonger-0.79.21/src/submit-n.c:223:9: warning[-Wdeprecated-declarations]: ‘RSA_public_encrypt’ is deprecated: Since OpenSSL 3.0
#  221|   	reenc = talloc_size(parent, reenc_len);
#  222|   	padding = RSA_PKCS1_PADDING;
#  223|-> 	reenc_len = RSA_public_encrypt(dec_len, dec, reenc, rsa, padding);
#  224|   	if (reenc_len < 0) {
#  225|   		cm_log(1, "Error reencrypting.\n");

Error: COMPILER_WARNING: [#def990]
certmonger-0.79.21/src/submit-n.c: scope_hint: In function ‘cm_submit_n_decrypt_envelope’
certmonger-0.79.21/src/submit-n.c:293:13: warning[-Wunused-but-set-variable=]: variable ‘n_tokens’ set but not used
#  293 |         int n_tokens, ec;
#      |             ^~~~~~~~
#  291|   	SECItem item, *plain;
#  292|   	struct cm_pin_cb_data cb_data;
#  293|-> 	int n_tokens, ec;
#  294|   	struct cm_submit_decrypt_envelope_args *args = decrypt_userdata;
#  295|   	X509 *old_cert = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def991]
certmonger-0.79.21/src/submit-o.c:89:21: warning[-Wanalyzer-malloc-leak]: leak of ‘q’
certmonger-0.79.21/src/submit-o.c:75:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-o.c:79:9: branch_false: ...to here
certmonger-0.79.21/src/submit-o.c:81:12: branch_true: following ‘true’ branch (when ‘signer’ is non-NULL)...
certmonger-0.79.21/src/submit-o.c:82:26: branch_true: ...to here
certmonger-0.79.21/src/submit-o.c:83:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-o.c:88:25: branch_false: ...to here
certmonger-0.79.21/src/submit-o.c:88:25: acquire_memory: allocated here
certmonger-0.79.21/src/submit-o.c:89:21: throw: if ‘i2d_X509’ throws an exception...
certmonger-0.79.21/src/submit-o.c:89:21: danger: ‘q’ leaks here; was allocated at [(7)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/6)
#   87|   		}
#   88|   		p = q = malloc(length);
#   89|-> 		l = i2d_X509(signer, &q);
#   90|   		if (l != length) {
#   91|   			cm_log(1, "Error encoding signer cert: %d != %d.", l, length);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def992]
certmonger-0.79.21/src/submit-o.c:133:13: warning[-Wanalyzer-malloc-leak]: leak of ‘q’
certmonger-0.79.21/src/submit-o.c:75:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-o.c:79:9: branch_false: ...to here
certmonger-0.79.21/src/submit-o.c:81:12: branch_false: following ‘false’ branch (when ‘signer’ is NULL)...
certmonger-0.79.21/src/submit-o.c:115:9: branch_false: ...to here
certmonger-0.79.21/src/submit-o.c:127:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-o.c:132:17: branch_false: ...to here
certmonger-0.79.21/src/submit-o.c:132:17: acquire_memory: allocated here
certmonger-0.79.21/src/submit-o.c:133:13: throw: if ‘i2d_X509’ throws an exception...
certmonger-0.79.21/src/submit-o.c:133:13: danger: ‘q’ leaks here; was allocated at [(7)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/6)
#  131|   	}
#  132|   	p = q = malloc(length);
#  133|-> 	l = i2d_X509(*cert, &q);
#  134|   	if (l != length) {
#  135|   		cm_log(1, "Error encoding cert: %d != %d.", l, length);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def993]
certmonger-0.79.21/src/submit-o.c:343:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(*MEM[(struct cm_submit_decrypt_envelope_args *)decrypt_userdata_57(D)].entry.cm_key_storage_location, "r")’
certmonger-0.79.21/src/submit-o.c:341:17: acquire_resource: opened here
certmonger-0.79.21/src/submit-o.c:343:9: throw: if ‘util_o_init’ throws an exception...
certmonger-0.79.21/src/submit-o.c:343:9: danger: ‘fopen(*MEM[(struct cm_submit_decrypt_envelope_args *)decrypt_userdata_57(D)].entry.cm_key_storage_location, "r")’ leaks here; was opened at [(1)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/0)
#  341|   	keyfp = fopen(args->entry->cm_key_storage_location, "r");
#  342|   
#  343|-> 	util_o_init();
#  344|   	ERR_load_crypto_strings();
#  345|   	if (cm_pin_read_for_key(args->entry, &pin) != 0) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def994]
certmonger-0.79.21/src/submit-o.c:343:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘keyfp_next’
certmonger-0.79.21/src/submit-o.c:332:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-o.c:333:13: branch_true: ...to here
certmonger-0.79.21/src/submit-o.c:332:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-o.c:334:53: branch_true: ...to here
certmonger-0.79.21/src/submit-o.c:336:30: acquire_resource: opened here
certmonger-0.79.21/src/submit-o.c:343:9: throw: if ‘util_o_init’ throws an exception...
certmonger-0.79.21/src/submit-o.c:343:9: danger: ‘keyfp_next’ leaks here; was opened at [(5)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/4)
#  341|   	keyfp = fopen(args->entry->cm_key_storage_location, "r");
#  342|   
#  343|-> 	util_o_init();
#  344|   	ERR_load_crypto_strings();
#  345|   	if (cm_pin_read_for_key(args->entry, &pin) != 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def995]
certmonger-0.79.21/src/submit-o.c:343:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(*MEM[(struct cm_submit_decrypt_envelope_args *)decrypt_userdata_57(D)].entry.cm_key_storage_location, "r")’
certmonger-0.79.21/src/submit-o.c:341:17: acquire_memory: allocated here
certmonger-0.79.21/src/submit-o.c:343:9: throw: if ‘util_o_init’ throws an exception...
certmonger-0.79.21/src/submit-o.c:343:9: danger: ‘fopen(*MEM[(struct cm_submit_decrypt_envelope_args *)decrypt_userdata_57(D)].entry.cm_key_storage_location, "r")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/0)
#  341|   	keyfp = fopen(args->entry->cm_key_storage_location, "r");
#  342|   
#  343|-> 	util_o_init();
#  344|   	ERR_load_crypto_strings();
#  345|   	if (cm_pin_read_for_key(args->entry, &pin) != 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def996]
certmonger-0.79.21/src/submit-o.c:343:9: warning[-Wanalyzer-malloc-leak]: leak of ‘keyfp_next’
certmonger-0.79.21/src/submit-o.c:332:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-o.c:333:13: branch_true: ...to here
certmonger-0.79.21/src/submit-o.c:332:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-o.c:334:53: branch_true: ...to here
certmonger-0.79.21/src/submit-o.c:336:30: acquire_memory: allocated here
certmonger-0.79.21/src/submit-o.c:343:9: throw: if ‘util_o_init’ throws an exception...
certmonger-0.79.21/src/submit-o.c:343:9: danger: ‘keyfp_next’ leaks here; was allocated at [(5)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/4)
#  341|   	keyfp = fopen(args->entry->cm_key_storage_location, "r");
#  342|   
#  343|-> 	util_o_init();
#  344|   	ERR_load_crypto_strings();
#  345|   	if (cm_pin_read_for_key(args->entry, &pin) != 0) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def997]
certmonger-0.79.21/src/submit-o.c:345:13: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(*MEM[(struct cm_submit_decrypt_envelope_args *)decrypt_userdata_57(D)].entry.cm_key_storage_location, "r")’
certmonger-0.79.21/src/submit-o.c:341:17: acquire_resource: opened here
certmonger-0.79.21/src/submit-o.c:345:13: throw: if ‘cm_pin_read_for_key’ throws an exception...
certmonger-0.79.21/src/submit-o.c:345:13: danger: ‘fopen(*MEM[(struct cm_submit_decrypt_envelope_args *)decrypt_userdata_57(D)].entry.cm_key_storage_location, "r")’ leaks here; was opened at [(1)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/0)
#  343|   	util_o_init();
#  344|   	ERR_load_crypto_strings();
#  345|-> 	if (cm_pin_read_for_key(args->entry, &pin) != 0) {
#  346|   		cm_log(1, "Error reading key encryption PIN.\n");
#  347|   		goto done;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def998]
certmonger-0.79.21/src/submit-o.c:345:13: warning[-Wanalyzer-file-leak]: leak of FILE ‘keyfp_next’
certmonger-0.79.21/src/submit-o.c:332:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-o.c:333:13: branch_true: ...to here
certmonger-0.79.21/src/submit-o.c:332:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-o.c:334:53: branch_true: ...to here
certmonger-0.79.21/src/submit-o.c:336:30: acquire_resource: opened here
certmonger-0.79.21/src/submit-o.c:345:13: throw: if ‘cm_pin_read_for_key’ throws an exception...
certmonger-0.79.21/src/submit-o.c:345:13: danger: ‘keyfp_next’ leaks here; was opened at [(5)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/4)
#  343|   	util_o_init();
#  344|   	ERR_load_crypto_strings();
#  345|-> 	if (cm_pin_read_for_key(args->entry, &pin) != 0) {
#  346|   		cm_log(1, "Error reading key encryption PIN.\n");
#  347|   		goto done;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def999]
certmonger-0.79.21/src/submit-o.c:345:13: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(*MEM[(struct cm_submit_decrypt_envelope_args *)decrypt_userdata_57(D)].entry.cm_key_storage_location, "r")’
certmonger-0.79.21/src/submit-o.c:341:17: acquire_memory: allocated here
certmonger-0.79.21/src/submit-o.c:345:13: throw: if ‘cm_pin_read_for_key’ throws an exception...
certmonger-0.79.21/src/submit-o.c:345:13: danger: ‘fopen(*MEM[(struct cm_submit_decrypt_envelope_args *)decrypt_userdata_57(D)].entry.cm_key_storage_location, "r")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/0)
#  343|   	util_o_init();
#  344|   	ERR_load_crypto_strings();
#  345|-> 	if (cm_pin_read_for_key(args->entry, &pin) != 0) {
#  346|   		cm_log(1, "Error reading key encryption PIN.\n");
#  347|   		goto done;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1000]
certmonger-0.79.21/src/submit-o.c:345:13: warning[-Wanalyzer-malloc-leak]: leak of ‘keyfp_next’
certmonger-0.79.21/src/submit-o.c:332:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-o.c:333:13: branch_true: ...to here
certmonger-0.79.21/src/submit-o.c:332:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-o.c:334:53: branch_true: ...to here
certmonger-0.79.21/src/submit-o.c:336:30: acquire_memory: allocated here
certmonger-0.79.21/src/submit-o.c:345:13: throw: if ‘cm_pin_read_for_key’ throws an exception...
certmonger-0.79.21/src/submit-o.c:345:13: danger: ‘keyfp_next’ leaks here; was allocated at [(5)](sarif:/runs/0/results/28/codeFlows/0/threadFlows/0/locations/4)
#  343|   	util_o_init();
#  344|   	ERR_load_crypto_strings();
#  345|-> 	if (cm_pin_read_for_key(args->entry, &pin) != 0) {
#  346|   		cm_log(1, "Error reading key encryption PIN.\n");
#  347|   		goto done;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def1001]
certmonger-0.79.21/src/submit-o.c:346:17: warning[-Wanalyzer-file-leak]: leak of FILE ‘keyfp_next’
certmonger-0.79.21/src/submit-o.c:332:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-o.c:333:13: branch_true: ...to here
certmonger-0.79.21/src/submit-o.c:332:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-o.c:334:53: branch_true: ...to here
certmonger-0.79.21/src/submit-o.c:336:30: acquire_resource: opened here
certmonger-0.79.21/src/submit-o.c:345:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-o.c:346:17: branch_true: ...to here
certmonger-0.79.21/src/submit-o.c:346:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/submit-o.c:346:17: danger: ‘keyfp_next’ leaks here; was opened at [(5)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/4)
#  344|   	ERR_load_crypto_strings();
#  345|   	if (cm_pin_read_for_key(args->entry, &pin) != 0) {
#  346|-> 		cm_log(1, "Error reading key encryption PIN.\n");
#  347|   		goto done;
#  348|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1002]
certmonger-0.79.21/src/submit-o.c:346:17: warning[-Wanalyzer-malloc-leak]: leak of ‘keyfp_next’
certmonger-0.79.21/src/submit-o.c:332:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-o.c:333:13: branch_true: ...to here
certmonger-0.79.21/src/submit-o.c:332:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-o.c:334:53: branch_true: ...to here
certmonger-0.79.21/src/submit-o.c:336:30: acquire_memory: allocated here
certmonger-0.79.21/src/submit-o.c:345:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-o.c:346:17: branch_true: ...to here
certmonger-0.79.21/src/submit-o.c:346:17: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/submit-o.c:346:17: danger: ‘keyfp_next’ leaks here; was allocated at [(5)](sarif:/runs/0/results/31/codeFlows/0/threadFlows/0/locations/4)
#  344|   	ERR_load_crypto_strings();
#  345|   	if (cm_pin_read_for_key(args->entry, &pin) != 0) {
#  346|-> 		cm_log(1, "Error reading key encryption PIN.\n");
#  347|   		goto done;
#  348|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def1003]
certmonger-0.79.21/src/submit-o.c:353:24: warning[-Wanalyzer-file-leak]: leak of FILE ‘keyfp_next’
certmonger-0.79.21/src/submit-o.c:332:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-o.c:333:13: branch_true: ...to here
certmonger-0.79.21/src/submit-o.c:332:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-o.c:334:53: branch_true: ...to here
certmonger-0.79.21/src/submit-o.c:336:30: acquire_resource: opened here
certmonger-0.79.21/src/submit-o.c:345:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-o.c:349:9: branch_false: ...to here
certmonger-0.79.21/src/submit-o.c:352:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-o.c:353:24: branch_true: ...to here
certmonger-0.79.21/src/submit-o.c:353:24: throw: if ‘PEM_read_PrivateKey’ throws an exception...
certmonger-0.79.21/src/submit-o.c:353:24: danger: ‘keyfp_next’ leaks here; was opened at [(5)](sarif:/runs/0/results/32/codeFlows/0/threadFlows/0/locations/4)
#  351|   	cb_data.n_attempts = 0;
#  352|   	if (keyfp != NULL) {
#  353|-> 		pkey = PEM_read_PrivateKey(keyfp, NULL,
#  354|   					   cm_pin_read_for_key_ossl_cb, &cb_data);
#  355|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1004]
certmonger-0.79.21/src/submit-o.c:353:24: warning[-Wanalyzer-malloc-leak]: leak of ‘keyfp_next’
certmonger-0.79.21/src/submit-o.c:332:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-o.c:333:13: branch_true: ...to here
certmonger-0.79.21/src/submit-o.c:332:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-o.c:334:53: branch_true: ...to here
certmonger-0.79.21/src/submit-o.c:336:30: acquire_memory: allocated here
certmonger-0.79.21/src/submit-o.c:345:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-o.c:349:9: branch_false: ...to here
certmonger-0.79.21/src/submit-o.c:352:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-o.c:353:24: branch_true: ...to here
certmonger-0.79.21/src/submit-o.c:353:24: throw: if ‘PEM_read_PrivateKey’ throws an exception...
certmonger-0.79.21/src/submit-o.c:353:24: danger: ‘keyfp_next’ leaks here; was allocated at [(5)](sarif:/runs/0/results/33/codeFlows/0/threadFlows/0/locations/4)
#  351|   	cb_data.n_attempts = 0;
#  352|   	if (keyfp != NULL) {
#  353|-> 		pkey = PEM_read_PrivateKey(keyfp, NULL,
#  354|   					   cm_pin_read_for_key_ossl_cb, &cb_data);
#  355|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def1005]
certmonger-0.79.21/src/submit-o.c:357:29: warning[-Wanalyzer-file-leak]: leak of FILE ‘keyfp_next’
certmonger-0.79.21/src/submit-o.c:332:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-o.c:333:13: branch_true: ...to here
certmonger-0.79.21/src/submit-o.c:332:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-o.c:334:53: branch_true: ...to here
certmonger-0.79.21/src/submit-o.c:336:30: acquire_resource: opened here
certmonger-0.79.21/src/submit-o.c:345:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-o.c:349:9: branch_false: ...to here
certmonger-0.79.21/src/submit-o.c:352:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-o.c:356:12: branch_false: ...to here
certmonger-0.79.21/src/submit-o.c:356:12: branch_true: following ‘true’ branch (when ‘keyfp_next’ is non-NULL)...
certmonger-0.79.21/src/submit-o.c:357:29: branch_true: ...to here
certmonger-0.79.21/src/submit-o.c:357:29: throw: if ‘PEM_read_PrivateKey’ throws an exception...
certmonger-0.79.21/src/submit-o.c:357:29: danger: ‘keyfp_next’ leaks here; was opened at [(5)](sarif:/runs/0/results/34/codeFlows/0/threadFlows/0/locations/4)
#  355|   	}
#  356|   	if (keyfp_next != NULL) {
#  357|-> 		pkey_next = PEM_read_PrivateKey(keyfp_next, NULL,
#  358|   						cm_pin_read_for_key_ossl_cb, &cb_data);
#  359|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1006]
certmonger-0.79.21/src/submit-o.c:357:29: warning[-Wanalyzer-malloc-leak]: leak of ‘keyfp_next’
certmonger-0.79.21/src/submit-o.c:332:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-o.c:333:13: branch_true: ...to here
certmonger-0.79.21/src/submit-o.c:332:13: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-o.c:334:53: branch_true: ...to here
certmonger-0.79.21/src/submit-o.c:336:30: acquire_memory: allocated here
certmonger-0.79.21/src/submit-o.c:345:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-o.c:349:9: branch_false: ...to here
certmonger-0.79.21/src/submit-o.c:352:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-o.c:356:12: branch_false: ...to here
certmonger-0.79.21/src/submit-o.c:356:12: branch_true: following ‘true’ branch (when ‘keyfp_next’ is non-NULL)...
certmonger-0.79.21/src/submit-o.c:357:29: branch_true: ...to here
certmonger-0.79.21/src/submit-o.c:357:29: throw: if ‘PEM_read_PrivateKey’ throws an exception...
certmonger-0.79.21/src/submit-o.c:357:29: danger: ‘keyfp_next’ leaks here; was allocated at [(5)](sarif:/runs/0/results/35/codeFlows/0/threadFlows/0/locations/4)
#  355|   	}
#  356|   	if (keyfp_next != NULL) {
#  357|-> 		pkey_next = PEM_read_PrivateKey(keyfp_next, NULL,
#  358|   						cm_pin_read_for_key_ossl_cb, &cb_data);
#  359|   	}

Error: COMPILER_WARNING (CWE-563): [#def1007]
certmonger-0.79.21/src/submit-sn.c: scope_hint: In function ‘cm_submit_sn_main’
certmonger-0.79.21/src/submit-sn.c:55:25: warning[-Wunused-parameter]: unused parameter ‘userdata’
#   55 |                   void *userdata)
#      |                   ~~~~~~^~~~~~~~
#   53|   static int
#   54|   cm_submit_sn_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#   55|-> 		  void *userdata)
#   56|   {
#   57|   	FILE *status;

Error: COMPILER_WARNING (CWE-563): [#def1008]
certmonger-0.79.21/src/submit-sn.c: scope_hint: In function ‘cm_submit_sn_rejected’
certmonger-0.79.21/src/submit-sn.c:407:47: warning[-Wunused-parameter]: unused parameter ‘state’
#  407 | cm_submit_sn_rejected(struct cm_submit_state *state)
#      |                       ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~
#  405|   /* Check if the signing request was rejected. */
#  406|   static int
#  407|-> cm_submit_sn_rejected(struct cm_submit_state *state)
#  408|   {
#  409|   	return -1; /* it never gets rejected */

Error: COMPILER_WARNING (CWE-563): [#def1009]
certmonger-0.79.21/src/submit-sn.c: scope_hint: In function ‘cm_submit_sn_need_scep_messages’
certmonger-0.79.21/src/submit-sn.c:414:57: warning[-Wunused-parameter]: unused parameter ‘state’
#  414 | cm_submit_sn_need_scep_messages(struct cm_submit_state *state)
#      |                                 ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~
#  412|   /* Check if we need SCEP messages. */
#  413|   static int
#  414|-> cm_submit_sn_need_scep_messages(struct cm_submit_state *state)
#  415|   {
#  416|   	return -1; /* nope */

Error: COMPILER_WARNING (CWE-563): [#def1010]
certmonger-0.79.21/src/submit-sn.c: scope_hint: In function ‘cm_submit_sn_need_rekey’
certmonger-0.79.21/src/submit-sn.c:421:49: warning[-Wunused-parameter]: unused parameter ‘state’
#  421 | cm_submit_sn_need_rekey(struct cm_submit_state *state)
#      |                         ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~
#  419|   /* Check if we need to use a different key. */
#  420|   static int
#  421|-> cm_submit_sn_need_rekey(struct cm_submit_state *state)
#  422|   {
#  423|   	return -1; /* nope */

Error: COMPILER_WARNING (CWE-563): [#def1011]
certmonger-0.79.21/src/submit-sn.c: scope_hint: In function ‘cm_submit_sn_unreachable’
certmonger-0.79.21/src/submit-sn.c:428:50: warning[-Wunused-parameter]: unused parameter ‘state’
#  428 | cm_submit_sn_unreachable(struct cm_submit_state *state)
#      |                          ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~
#  426|   /* Check if the CA was unreachable. */
#  427|   static int
#  428|-> cm_submit_sn_unreachable(struct cm_submit_state *state)
#  429|   {
#  430|   	return -1; /* uh, we're the CA */

Error: COMPILER_WARNING (CWE-563): [#def1012]
certmonger-0.79.21/src/submit-sn.c: scope_hint: In function ‘cm_submit_sn_unconfigured’
certmonger-0.79.21/src/submit-sn.c:435:51: warning[-Wunused-parameter]: unused parameter ‘state’
#  435 | cm_submit_sn_unconfigured(struct cm_submit_state *state)
#      |                           ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~
#  433|   /* Check if the CA was unconfigured. */
#  434|   static int
#  435|-> cm_submit_sn_unconfigured(struct cm_submit_state *state)
#  436|   {
#  437|   	return -1; /* uh, we're the CA */

Error: COMPILER_WARNING (CWE-563): [#def1013]
certmonger-0.79.21/src/submit-sn.c: scope_hint: In function ‘cm_submit_sn_unsupported’
certmonger-0.79.21/src/submit-sn.c:442:50: warning[-Wunused-parameter]: unused parameter ‘state’
#  442 | cm_submit_sn_unsupported(struct cm_submit_state *state)
#      |                          ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~
#  440|   /* Check if the CA is something we can ask for certificates. */
#  441|   static int
#  442|-> cm_submit_sn_unsupported(struct cm_submit_state *state)
#  443|   {
#  444|   	return -1; /* uh, we're the CA */

Error: COMPILER_WARNING (CWE-563): [#def1014]
certmonger-0.79.21/src/submit-so.c: scope_hint: In function ‘cm_submit_so_main’
certmonger-0.79.21/src/submit-so.c:57:25: warning[-Wunused-parameter]: unused parameter ‘userdata’
#   57 |                   void *userdata)
#      |                   ~~~~~~^~~~~~~~
#   55|   static int
#   56|   cm_submit_so_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
#   57|-> 		  void *userdata)
#   58|   {
#   59|   	FILE *keyfp, *pem;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def1015]
certmonger-0.79.21/src/submit-so.c:94:13: warning[-Wanalyzer-file-leak]: leak of FILE ‘keyfp’
certmonger-0.79.21/src/submit-so.c:92:25: acquire_resource: opened here
certmonger-0.79.21/src/submit-so.c:94:13: throw: if ‘cm_prefs_selfsign_validity_period’ throws an exception...
certmonger-0.79.21/src/submit-so.c:94:13: danger: ‘keyfp’ leaks here; was opened at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#   92|   		keyfp = fopen(filename, "r");
#   93|   	}
#   94|-> 	if (cm_submit_u_delta_from_string(cm_prefs_selfsign_validity_period(),
#   95|   					  now, &lifedelta) == 0) {
#   96|   		life = lifedelta;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1016]
certmonger-0.79.21/src/submit-so.c:94:13: warning[-Wanalyzer-malloc-leak]: leak of ‘keyfp’
certmonger-0.79.21/src/submit-so.c:92:25: acquire_memory: allocated here
certmonger-0.79.21/src/submit-so.c:94:13: throw: if ‘cm_prefs_selfsign_validity_period’ throws an exception...
certmonger-0.79.21/src/submit-so.c:94:13: danger: ‘keyfp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#   92|   		keyfp = fopen(filename, "r");
#   93|   	}
#   94|-> 	if (cm_submit_u_delta_from_string(cm_prefs_selfsign_validity_period(),
#   95|   					  now, &lifedelta) == 0) {
#   96|   		life = lifedelta;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def1017]
certmonger-0.79.21/src/submit-so.c:98:21: warning[-Wanalyzer-file-leak]: leak of FILE ‘keyfp’
certmonger-0.79.21/src/submit-so.c:92:25: acquire_resource: opened here
certmonger-0.79.21/src/submit-so.c:94:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-so.c:98:21: branch_false: ...to here
certmonger-0.79.21/src/submit-so.c:98:21: throw: if ‘cm_submit_u_delta_from_string’ throws an exception...
certmonger-0.79.21/src/submit-so.c:98:21: danger: ‘keyfp’ leaks here; was opened at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
#   96|   		life = lifedelta;
#   97|   	} else {
#   98|-> 		if (cm_submit_u_delta_from_string(CM_DEFAULT_CERT_LIFETIME, now,
#   99|   						  &lifedelta) == 0) {
#  100|   			life = lifedelta;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1018]
certmonger-0.79.21/src/submit-so.c:98:21: warning[-Wanalyzer-malloc-leak]: leak of ‘keyfp’
certmonger-0.79.21/src/submit-so.c:92:25: acquire_memory: allocated here
certmonger-0.79.21/src/submit-so.c:94:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-so.c:98:21: branch_false: ...to here
certmonger-0.79.21/src/submit-so.c:98:21: throw: if ‘cm_submit_u_delta_from_string’ throws an exception...
certmonger-0.79.21/src/submit-so.c:98:21: danger: ‘keyfp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/0)
#   96|   		life = lifedelta;
#   97|   	} else {
#   98|-> 		if (cm_submit_u_delta_from_string(CM_DEFAULT_CERT_LIFETIME, now,
#   99|   						  &lifedelta) == 0) {
#  100|   			life = lifedelta;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def1019]
certmonger-0.79.21/src/submit-so.c:106:24: warning[-Wanalyzer-file-leak]: leak of FILE ‘keyfp’
certmonger-0.79.21/src/submit-so.c:92:25: acquire_resource: opened here
certmonger-0.79.21/src/submit-so.c:105:12: branch_true: following ‘true’ branch (when ‘keyfp’ is non-NULL)...
certmonger-0.79.21/src/submit-so.c:106:24: branch_true: ...to here
certmonger-0.79.21/src/submit-so.c:106:24: throw: if ‘EVP_PKEY_new’ throws an exception...
certmonger-0.79.21/src/submit-so.c:106:24: danger: ‘keyfp’ leaks here; was opened at [(1)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/0)
#  104|   	}
#  105|   	if (keyfp != NULL) {
#  106|-> 		pkey = EVP_PKEY_new();
#  107|   		if (pkey != NULL) {
#  108|   			if (cm_pin_read_for_key(entry, &pin) == 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1020]
certmonger-0.79.21/src/submit-so.c:106:24: warning[-Wanalyzer-malloc-leak]: leak of ‘keyfp’
certmonger-0.79.21/src/submit-so.c:92:25: acquire_memory: allocated here
certmonger-0.79.21/src/submit-so.c:105:12: branch_true: following ‘true’ branch (when ‘keyfp’ is non-NULL)...
certmonger-0.79.21/src/submit-so.c:106:24: branch_true: ...to here
certmonger-0.79.21/src/submit-so.c:106:24: throw: if ‘EVP_PKEY_new’ throws an exception...
certmonger-0.79.21/src/submit-so.c:106:24: danger: ‘keyfp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/0)
#  104|   	}
#  105|   	if (keyfp != NULL) {
#  106|-> 		pkey = EVP_PKEY_new();
#  107|   		if (pkey != NULL) {
#  108|   			if (cm_pin_read_for_key(entry, &pin) == 0) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def1021]
certmonger-0.79.21/src/submit-so.c:108:29: warning[-Wanalyzer-file-leak]: leak of FILE ‘keyfp’
certmonger-0.79.21/src/submit-so.c:92:25: acquire_resource: opened here
certmonger-0.79.21/src/submit-so.c:105:12: branch_true: following ‘true’ branch (when ‘keyfp’ is non-NULL)...
certmonger-0.79.21/src/submit-so.c:106:24: branch_true: ...to here
certmonger-0.79.21/src/submit-so.c:107:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-so.c:108:29: branch_true: ...to here
certmonger-0.79.21/src/submit-so.c:108:29: throw: if ‘cm_pin_read_for_key’ throws an exception...
certmonger-0.79.21/src/submit-so.c:108:29: danger: ‘keyfp’ leaks here; was opened at [(1)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/0)
#  106|   		pkey = EVP_PKEY_new();
#  107|   		if (pkey != NULL) {
#  108|-> 			if (cm_pin_read_for_key(entry, &pin) == 0) {
#  109|   				pkey = PEM_read_PrivateKey(keyfp, NULL, NULL, pin);
#  110|   				if (pkey != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1022]
certmonger-0.79.21/src/submit-so.c:108:29: warning[-Wanalyzer-malloc-leak]: leak of ‘keyfp’
certmonger-0.79.21/src/submit-so.c:92:25: acquire_memory: allocated here
certmonger-0.79.21/src/submit-so.c:105:12: branch_true: following ‘true’ branch (when ‘keyfp’ is non-NULL)...
certmonger-0.79.21/src/submit-so.c:106:24: branch_true: ...to here
certmonger-0.79.21/src/submit-so.c:107:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-so.c:108:29: branch_true: ...to here
certmonger-0.79.21/src/submit-so.c:108:29: throw: if ‘cm_pin_read_for_key’ throws an exception...
certmonger-0.79.21/src/submit-so.c:108:29: danger: ‘keyfp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/0)
#  106|   		pkey = EVP_PKEY_new();
#  107|   		if (pkey != NULL) {
#  108|-> 			if (cm_pin_read_for_key(entry, &pin) == 0) {
#  109|   				pkey = PEM_read_PrivateKey(keyfp, NULL, NULL, pin);
#  110|   				if (pkey != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def1023]
certmonger-0.79.21/src/submit-so.c:109:40: warning[-Wanalyzer-file-leak]: leak of FILE ‘keyfp’
certmonger-0.79.21/src/submit-so.c:92:25: acquire_resource: opened here
certmonger-0.79.21/src/submit-so.c:105:12: branch_true: following ‘true’ branch (when ‘keyfp’ is non-NULL)...
certmonger-0.79.21/src/submit-so.c:106:24: branch_true: ...to here
certmonger-0.79.21/src/submit-so.c:107:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-so.c:108:29: branch_true: ...to here
certmonger-0.79.21/src/submit-so.c:108:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-so.c:109:40: branch_true: ...to here
certmonger-0.79.21/src/submit-so.c:109:40: throw: if ‘PEM_read_PrivateKey’ throws an exception...
certmonger-0.79.21/src/submit-so.c:109:40: danger: ‘keyfp’ leaks here; was opened at [(1)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/0)
#  107|   		if (pkey != NULL) {
#  108|   			if (cm_pin_read_for_key(entry, &pin) == 0) {
#  109|-> 				pkey = PEM_read_PrivateKey(keyfp, NULL, NULL, pin);
#  110|   				if (pkey != NULL) {
#  111|   					status = cm_submit_o_sign(ca, entry->cm_csr,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1024]
certmonger-0.79.21/src/submit-so.c:109:40: warning[-Wanalyzer-malloc-leak]: leak of ‘keyfp’
certmonger-0.79.21/src/submit-so.c:92:25: acquire_memory: allocated here
certmonger-0.79.21/src/submit-so.c:105:12: branch_true: following ‘true’ branch (when ‘keyfp’ is non-NULL)...
certmonger-0.79.21/src/submit-so.c:106:24: branch_true: ...to here
certmonger-0.79.21/src/submit-so.c:107:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-so.c:108:29: branch_true: ...to here
certmonger-0.79.21/src/submit-so.c:108:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-so.c:109:40: branch_true: ...to here
certmonger-0.79.21/src/submit-so.c:109:40: throw: if ‘PEM_read_PrivateKey’ throws an exception...
certmonger-0.79.21/src/submit-so.c:109:40: danger: ‘keyfp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/0)
#  107|   		if (pkey != NULL) {
#  108|   			if (cm_pin_read_for_key(entry, &pin) == 0) {
#  109|-> 				pkey = PEM_read_PrivateKey(keyfp, NULL, NULL, pin);
#  110|   				if (pkey != NULL) {
#  111|   					status = cm_submit_o_sign(ca, entry->cm_csr,

Error: GCC_ANALYZER_WARNING (CWE-775): [#def1025]
certmonger-0.79.21/src/submit-so.c:121:33: warning[-Wanalyzer-file-leak]: leak of FILE ‘keyfp’
certmonger-0.79.21/src/submit-so.c:92:25: acquire_resource: opened here
certmonger-0.79.21/src/submit-so.c:105:12: branch_true: following ‘true’ branch (when ‘keyfp’ is non-NULL)...
certmonger-0.79.21/src/submit-so.c:106:24: branch_true: ...to here
certmonger-0.79.21/src/submit-so.c:107:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-so.c:108:29: branch_true: ...to here
certmonger-0.79.21/src/submit-so.c:108:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-so.c:121:33: branch_false: ...to here
certmonger-0.79.21/src/submit-so.c:121:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/submit-so.c:121:33: danger: ‘keyfp’ leaks here; was opened at [(1)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/0)
#  119|   				}
#  120|   			} else {
#  121|-> 				cm_log(1, "Error reading PIN.\n");
#  122|   			}
#  123|   			EVP_PKEY_free(pkey);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1026]
certmonger-0.79.21/src/submit-so.c:121:33: warning[-Wanalyzer-malloc-leak]: leak of ‘keyfp’
certmonger-0.79.21/src/submit-so.c:92:25: acquire_memory: allocated here
certmonger-0.79.21/src/submit-so.c:105:12: branch_true: following ‘true’ branch (when ‘keyfp’ is non-NULL)...
certmonger-0.79.21/src/submit-so.c:106:24: branch_true: ...to here
certmonger-0.79.21/src/submit-so.c:107:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-so.c:108:29: branch_true: ...to here
certmonger-0.79.21/src/submit-so.c:108:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-so.c:121:33: branch_false: ...to here
certmonger-0.79.21/src/submit-so.c:121:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/submit-so.c:121:33: danger: ‘keyfp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/0)
#  119|   				}
#  120|   			} else {
#  121|-> 				cm_log(1, "Error reading PIN.\n");
#  122|   			}
#  123|   			EVP_PKEY_free(pkey);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def1027]
certmonger-0.79.21/src/submit-so.c:123:25: warning[-Wanalyzer-file-leak]: leak of FILE ‘keyfp’
certmonger-0.79.21/src/submit-so.c:92:25: acquire_resource: opened here
certmonger-0.79.21/src/submit-so.c:105:12: branch_true: following ‘true’ branch (when ‘keyfp’ is non-NULL)...
certmonger-0.79.21/src/submit-so.c:106:24: branch_true: ...to here
certmonger-0.79.21/src/submit-so.c:107:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-so.c:108:29: branch_true: ...to here
certmonger-0.79.21/src/submit-so.c:108:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-so.c:121:33: branch_false: ...to here
certmonger-0.79.21/src/submit-so.c:123:25: throw: if ‘EVP_PKEY_free’ throws an exception...
certmonger-0.79.21/src/submit-so.c:123:25: danger: ‘keyfp’ leaks here; was opened at [(1)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/0)
#  121|   				cm_log(1, "Error reading PIN.\n");
#  122|   			}
#  123|-> 			EVP_PKEY_free(pkey);
#  124|   		} else {
#  125|   			cm_log(1, "Internal error.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1028]
certmonger-0.79.21/src/submit-so.c:123:25: warning[-Wanalyzer-malloc-leak]: leak of ‘keyfp’
certmonger-0.79.21/src/submit-so.c:92:25: acquire_memory: allocated here
certmonger-0.79.21/src/submit-so.c:105:12: branch_true: following ‘true’ branch (when ‘keyfp’ is non-NULL)...
certmonger-0.79.21/src/submit-so.c:106:24: branch_true: ...to here
certmonger-0.79.21/src/submit-so.c:107:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-so.c:108:29: branch_true: ...to here
certmonger-0.79.21/src/submit-so.c:108:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-so.c:121:33: branch_false: ...to here
certmonger-0.79.21/src/submit-so.c:123:25: throw: if ‘EVP_PKEY_free’ throws an exception...
certmonger-0.79.21/src/submit-so.c:123:25: danger: ‘keyfp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/0)
#  121|   				cm_log(1, "Error reading PIN.\n");
#  122|   			}
#  123|-> 			EVP_PKEY_free(pkey);
#  124|   		} else {
#  125|   			cm_log(1, "Internal error.\n");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def1029]
certmonger-0.79.21/src/submit-so.c:125:25: warning[-Wanalyzer-file-leak]: leak of FILE ‘keyfp’
certmonger-0.79.21/src/submit-so.c:92:25: acquire_resource: opened here
certmonger-0.79.21/src/submit-so.c:105:12: branch_true: following ‘true’ branch (when ‘keyfp’ is non-NULL)...
certmonger-0.79.21/src/submit-so.c:106:24: branch_true: ...to here
certmonger-0.79.21/src/submit-so.c:107:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-so.c:125:25: branch_false: ...to here
certmonger-0.79.21/src/submit-so.c:125:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/submit-so.c:125:25: danger: ‘keyfp’ leaks here; was opened at [(1)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/0)
#  123|   			EVP_PKEY_free(pkey);
#  124|   		} else {
#  125|-> 			cm_log(1, "Internal error.\n");
#  126|   		}
#  127|   		fclose(keyfp);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1030]
certmonger-0.79.21/src/submit-so.c:125:25: warning[-Wanalyzer-malloc-leak]: leak of ‘keyfp’
certmonger-0.79.21/src/submit-so.c:92:25: acquire_memory: allocated here
certmonger-0.79.21/src/submit-so.c:105:12: branch_true: following ‘true’ branch (when ‘keyfp’ is non-NULL)...
certmonger-0.79.21/src/submit-so.c:106:24: branch_true: ...to here
certmonger-0.79.21/src/submit-so.c:107:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-so.c:125:25: branch_false: ...to here
certmonger-0.79.21/src/submit-so.c:125:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/submit-so.c:125:25: danger: ‘keyfp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/0)
#  123|   			EVP_PKEY_free(pkey);
#  124|   		} else {
#  125|-> 			cm_log(1, "Internal error.\n");
#  126|   		}
#  127|   		fclose(keyfp);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1031]
certmonger-0.79.21/src/submit-so.c:135:29: warning[-Wanalyzer-malloc-leak]: leak of ‘pem’
certmonger-0.79.21/src/submit-so.c:105:12: branch_true: following ‘true’ branch (when ‘keyfp’ is non-NULL)...
certmonger-0.79.21/src/submit-so.c:106:24: branch_true: ...to here
certmonger-0.79.21/src/submit-so.c:107:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-so.c:108:29: branch_true: ...to here
certmonger-0.79.21/src/submit-so.c:108:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-so.c:109:40: branch_true: ...to here
certmonger-0.79.21/src/submit-so.c:110:36: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-so.c:113:67: branch_true: ...to here
certmonger-0.79.21/src/submit-so.c:132:12: branch_true: following ‘true’ branch (when ‘status == 0’)...
certmonger-0.79.21/src/submit-so.c:133:23: branch_true: ...to here
certmonger-0.79.21/src/submit-so.c:133:23: acquire_memory: allocated here
certmonger-0.79.21/src/submit-so.c:134:20: branch_true: following ‘true’ branch (when ‘pem’ is non-NULL)...
certmonger-0.79.21/src/submit-so.c:135:29: branch_true: ...to here
certmonger-0.79.21/src/submit-so.c:135:29: throw: if ‘PEM_write_X509’ throws an exception...
certmonger-0.79.21/src/submit-so.c:135:29: danger: ‘pem’ leaks here; was allocated at [(11)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/10)
#  133|   		pem = fdopen(fd, "w");
#  134|   		if (pem != NULL) {
#  135|-> 			if (PEM_write_X509(pem, cert) == 0) {
#  136|   				cm_log(1, "Error serializing certificate.\n");
#  137|   				status = -1;

Error: COMPILER_WARNING (CWE-563): [#def1032]
certmonger-0.79.21/src/submit-so.c: scope_hint: In function ‘cm_submit_so_need_scep_messages’
certmonger-0.79.21/src/submit-so.c:208:57: warning[-Wunused-parameter]: unused parameter ‘state’
#  208 | cm_submit_so_need_scep_messages(struct cm_submit_state *state)
#      |                                 ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~
#  206|   /* Check if we need SCEP messages. */
#  207|   static int
#  208|-> cm_submit_so_need_scep_messages(struct cm_submit_state *state)
#  209|   {
#  210|   	return -1; /* nope */

Error: COMPILER_WARNING (CWE-563): [#def1033]
certmonger-0.79.21/src/submit-so.c: scope_hint: In function ‘cm_submit_so_need_rekey’
certmonger-0.79.21/src/submit-so.c:215:49: warning[-Wunused-parameter]: unused parameter ‘state’
#  215 | cm_submit_so_need_rekey(struct cm_submit_state *state)
#      |                         ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~
#  213|   /* Check if we need to use a different key. */
#  214|   static int
#  215|-> cm_submit_so_need_rekey(struct cm_submit_state *state)
#  216|   {
#  217|   	return -1; /* nope */

Error: COMPILER_WARNING (CWE-563): [#def1034]
certmonger-0.79.21/src/submit-so.c: scope_hint: In function ‘cm_submit_so_unreachable’
certmonger-0.79.21/src/submit-so.c:222:50: warning[-Wunused-parameter]: unused parameter ‘state’
#  222 | cm_submit_so_unreachable(struct cm_submit_state *state)
#      |                          ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~
#  220|   /* Check if the CA was unreachable. */
#  221|   static int
#  222|-> cm_submit_so_unreachable(struct cm_submit_state *state)
#  223|   {
#  224|   	return -1; /* uh, we're the CA */

Error: COMPILER_WARNING (CWE-563): [#def1035]
certmonger-0.79.21/src/submit-so.c: scope_hint: In function ‘cm_submit_so_unconfigured’
certmonger-0.79.21/src/submit-so.c:229:51: warning[-Wunused-parameter]: unused parameter ‘state’
#  229 | cm_submit_so_unconfigured(struct cm_submit_state *state)
#      |                           ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~
#  227|   /* Check if the CA was unconfigured. */
#  228|   static int
#  229|-> cm_submit_so_unconfigured(struct cm_submit_state *state)
#  230|   {
#  231|   	return -1; /* uh, we're the CA */

Error: COMPILER_WARNING (CWE-563): [#def1036]
certmonger-0.79.21/src/submit-so.c: scope_hint: In function ‘cm_submit_so_unsupported’
certmonger-0.79.21/src/submit-so.c:236:50: warning[-Wunused-parameter]: unused parameter ‘state’
#  236 | cm_submit_so_unsupported(struct cm_submit_state *state)
#      |                          ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~
#  234|   /* Check if the CA is something we can ask for certificates. */
#  235|   static int
#  236|-> cm_submit_so_unsupported(struct cm_submit_state *state)
#  237|   {
#  238|   	return -1; /* uh, we're the CA */

Error: GCC_ANALYZER_WARNING (CWE-775): [#def1037]
certmonger-0.79.21/src/submit-u.c:102:23: warning[-Wanalyzer-file-leak]: leak of FILE ‘fp’
certmonger-0.79.21/src/submit-u.c:64:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-u.c:67:22: acquire_resource: opened here
certmonger-0.79.21/src/submit-u.c:68:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-u.c:75:15: branch_false: ...to here
certmonger-0.79.21/src/submit-u.c:75:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-u.c:98:13: branch_false: ...to here
certmonger-0.79.21/src/submit-u.c:98:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-u.c:101:12: branch_false: ...to here
certmonger-0.79.21/src/submit-u.c:101:12: branch_true: following ‘true’ branch (when ‘csr’ is NULL)...
certmonger-0.79.21/src/submit-u.c:102:23: branch_true: ...to here
certmonger-0.79.21/src/submit-u.c:102:23: danger: ‘fp’ leaks here; was opened at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#  100|   	}
#  101|   	if (csr == NULL) {
#  102|-> 		csr = strdup("");
#  103|   	} else {
#  104|   		int length = strlen(csr);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1038]
certmonger-0.79.21/src/submit-u.c:102:23: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/submit-u.c:64:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-u.c:67:22: acquire_memory: allocated here
certmonger-0.79.21/src/submit-u.c:68:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-u.c:75:15: branch_false: ...to here
certmonger-0.79.21/src/submit-u.c:75:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-u.c:98:13: branch_false: ...to here
certmonger-0.79.21/src/submit-u.c:98:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-u.c:101:12: branch_false: ...to here
certmonger-0.79.21/src/submit-u.c:101:12: branch_true: following ‘true’ branch (when ‘csr’ is NULL)...
certmonger-0.79.21/src/submit-u.c:102:23: branch_true: ...to here
certmonger-0.79.21/src/submit-u.c:102:23: danger: ‘fp’ leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#  100|   	}
#  101|   	if (csr == NULL) {
#  102|-> 		csr = strdup("");
#  103|   	} else {
#  104|   		int length = strlen(csr);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def1039]
certmonger-0.79.21/src/submit-u.c:116:1: warning[-Wanalyzer-file-leak]: leak of FILE ‘fp’
certmonger-0.79.21/src/submit-u.c:64:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-u.c:67:22: acquire_resource: opened here
certmonger-0.79.21/src/submit-u.c:68:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-u.c:75:15: branch_false: ...to here
certmonger-0.79.21/src/submit-u.c:75:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-u.c:76:20: branch_true: ...to here
certmonger-0.79.21/src/submit-u.c:76:20: branch_true: following ‘true’ branch (when ‘csr’ is NULL)...
certmonger-0.79.21/src/submit-u.c:77:31: branch_true: ...to here
certmonger-0.79.21/src/submit-u.c:79:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-u.c:71:32: branch_false: ...to here
certmonger-0.79.21/src/submit-u.c:116:1: danger: ‘fp’ leaks here; was opened at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#  114|   	}
#  115|   	return csr;
#  116|-> }
#  117|   
#  118|   /* Read a CSR from a file and return it as a single base64 blob. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1040]
certmonger-0.79.21/src/submit-u.c:116:1: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
certmonger-0.79.21/src/submit-u.c:64:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-u.c:67:22: acquire_memory: allocated here
certmonger-0.79.21/src/submit-u.c:68:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-u.c:75:15: branch_false: ...to here
certmonger-0.79.21/src/submit-u.c:75:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-u.c:76:20: branch_true: ...to here
certmonger-0.79.21/src/submit-u.c:76:20: branch_true: following ‘true’ branch (when ‘csr’ is NULL)...
certmonger-0.79.21/src/submit-u.c:77:31: branch_true: ...to here
certmonger-0.79.21/src/submit-u.c:79:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-u.c:71:32: branch_false: ...to here
certmonger-0.79.21/src/submit-u.c:116:1: danger: ‘fp’ leaks here; was allocated at [(3)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/2)
#  114|   	}
#  115|   	return csr;
#  116|-> }
#  117|   
#  118|   /* Read a CSR from a file and return it as a single base64 blob. */

Error: GCC_ANALYZER_WARNING (CWE-476): [#def1041]
certmonger-0.79.21/src/submit-u.c:143:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘q’
certmonger-0.79.21/src/submit-u.c:120:1: enter_function: entry to ‘cm_submit_u_from_file_single’
certmonger-0.79.21/src/submit-u.c:130:15: call_function: calling ‘cm_submit_u_from_file’ from ‘cm_submit_u_from_file_single’
certmonger-0.79.21/src/submit-u.c:130:15: return_function: returning to ‘cm_submit_u_from_file_single’ from ‘cm_submit_u_from_file’
certmonger-0.79.21/src/submit-u.c:131:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-u.c:131:12: branch_false: ...to here
certmonger-0.79.21/src/submit-u.c:134:21: branch_true: following ‘true’ branch (when ‘i != 4’)...
certmonger-0.79.21/src/submit-u.c:134:21: branch_true: ...to here
certmonger-0.79.21/src/submit-u.c:135:24: branch_false: following ‘false’ branch (when ‘p’ is NULL)...
certmonger-0.79.21/src/submit-u.c:134:59: branch_false: ...to here
certmonger-0.79.21/src/submit-u.c:135:24: branch_false: following ‘false’ branch (when ‘p’ is NULL)...
certmonger-0.79.21/src/submit-u.c:134:59: branch_false: ...to here
certmonger-0.79.21/src/submit-u.c:140:13: acquire_memory: this call could return NULL
certmonger-0.79.21/src/submit-u.c:141:30: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-u.c:142:21: branch_true: ...to here
certmonger-0.79.21/src/submit-u.c:142:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/submit-u.c:143:27: branch_true: ...to here
certmonger-0.79.21/src/submit-u.c:143:25: danger: ‘q + (sizetype)i’ could be NULL: unchecked value from [(41)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/40)
#  141|   	for (p = csr, i = 0; *p != '\0'; p++) {
#  142|   		if (strchr("\r\n\t ", *p) == NULL) {
#  143|-> 			q[i++] = *p;
#  144|   		}
#  145|   	}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def1042]
certmonger-0.79.21/src/submit-u.c:146:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘q’
certmonger-0.79.21/src/submit-u.c:120:1: enter_function: entry to ‘cm_submit_u_from_file_single’
certmonger-0.79.21/src/submit-u.c:130:15: call_function: calling ‘cm_submit_u_from_file’ from ‘cm_submit_u_from_file_single’
certmonger-0.79.21/src/submit-u.c:130:15: return_function: returning to ‘cm_submit_u_from_file_single’ from ‘cm_submit_u_from_file’
certmonger-0.79.21/src/submit-u.c:131:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/submit-u.c:131:12: branch_false: ...to here
certmonger-0.79.21/src/submit-u.c:134:21: branch_true: following ‘true’ branch (when ‘i != 4’)...
certmonger-0.79.21/src/submit-u.c:134:21: branch_true: ...to here
certmonger-0.79.21/src/submit-u.c:135:24: branch_false: following ‘false’ branch (when ‘p’ is NULL)...
certmonger-0.79.21/src/submit-u.c:134:59: branch_false: ...to here
certmonger-0.79.21/src/submit-u.c:135:24: branch_false: following ‘false’ branch (when ‘p’ is NULL)...
certmonger-0.79.21/src/submit-u.c:134:59: branch_false: ...to here
certmonger-0.79.21/src/submit-u.c:140:13: acquire_memory: this call could return NULL
certmonger-0.79.21/src/submit-u.c:146:9: danger: ‘q + (sizetype)i’ could be NULL: unchecked value from [(41)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/40)
#  144|   		}
#  145|   	}
#  146|-> 	q[i] = '\0';
#  147|   	free(csr);
#  148|   	return q;

Error: COMPILER_WARNING (CWE-563): [#def1043]
certmonger-0.79.21/src/submit-u.c: scope_hint: In function ‘cm_submit_princ_realm_data’
certmonger-0.79.21/src/submit-u.c:244:41: warning[-Wunused-parameter]: unused parameter ‘ctx’
#  244 | cm_submit_princ_realm_data(krb5_context ctx, krb5_principal princ)
#      |                            ~~~~~~~~~~~~~^~~
#  242|   
#  243|   char *
#  244|-> cm_submit_princ_realm_data(krb5_context ctx, krb5_principal princ)
#  245|   {
#  246|   #if HAVE_DECL_KRB5_PRINC_COMPONENT

Error: COMPILER_WARNING (CWE-563): [#def1044]
certmonger-0.79.21/src/submit-u.c: scope_hint: In function ‘cm_submit_princ_realm_len’
certmonger-0.79.21/src/submit-u.c:254:40: warning[-Wunused-parameter]: unused parameter ‘ctx’
#  254 | cm_submit_princ_realm_len(krb5_context ctx, krb5_principal princ)
#      |                           ~~~~~~~~~~~~~^~~
#  252|   
#  253|   int
#  254|-> cm_submit_princ_realm_len(krb5_context ctx, krb5_principal princ)
#  255|   {
#  256|   #if HAVE_DECL_KRB5_PRINC_COMPONENT

Error: GCC_ANALYZER_WARNING (CWE-775): [#def1045]
certmonger-0.79.21/src/subproc.c:122:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[0]’
certmonger-0.79.21/src/subproc.c:116:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/subproc.c:117:17: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:121:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/subproc.c:122:25: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:122:25: throw: if ‘fflush’ throws an exception...
certmonger-0.79.21/src/subproc.c:122:25: danger: ‘fds[0]’ leaks here
#  120|   		state->status = -1;
#  121|   		if (pipe(fds) != -1) {
#  122|-> 			fflush(NULL);
#  123|   			state->pid = fork();
#  124|   			switch (state->pid) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def1046]
certmonger-0.79.21/src/subproc.c:122:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[1]’
certmonger-0.79.21/src/subproc.c:116:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/subproc.c:117:17: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:121:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/subproc.c:122:25: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:122:25: throw: if ‘fflush’ throws an exception...
certmonger-0.79.21/src/subproc.c:122:25: danger: ‘fds[1]’ leaks here
#  120|   		state->status = -1;
#  121|   		if (pipe(fds) != -1) {
#  122|-> 			fflush(NULL);
#  123|   			state->pid = fork();
#  124|   			switch (state->pid) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1047]
certmonger-0.79.21/src/subproc.c:141:43: warning[-Wanalyzer-malloc-leak]: leak of ‘configdir’
certmonger-0.79.21/src/subproc.c:116:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/subproc.c:117:17: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:121:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/subproc.c:122:25: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:138:45: branch_true: following ‘true’ branch (when ‘tmp’ is non-NULL)...
certmonger-0.79.21/src/subproc.c:138:61: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:138:61: acquire_memory: allocated here
certmonger-0.79.21/src/subproc.c:140:42: branch_false: following ‘false’ branch (when ‘tmp’ is NULL)...
certmonger-0.79.21/src/subproc.c:141:43: branch_false: ...to here
certmonger-0.79.21/src/subproc.c:141:43: throw: if ‘cm_env_home_dir’ throws an exception...
certmonger-0.79.21/src/subproc.c:141:43: danger: ‘configdir’ leaks here; was allocated at [(10)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/9)
#  139|   				tmp = getenv("TMPDIR");
#  140|   				tmpdir = (tmp != NULL) ? strdup(tmp) : NULL;
#  141|-> 				homedir = cm_env_home_dir();
#  142|   				local = cm_env_local_ca_dir();
#  143|   				local = local ? strdup(local) : NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1048]
certmonger-0.79.21/src/subproc.c:141:43: warning[-Wanalyzer-malloc-leak]: leak of ‘tmpdir’
certmonger-0.79.21/src/subproc.c:116:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/subproc.c:117:17: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:121:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/subproc.c:122:25: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:138:45: branch_false: following ‘false’ branch (when ‘tmp’ is NULL)...
certmonger-0.79.21/src/subproc.c:139:39: branch_false: ...to here
certmonger-0.79.21/src/subproc.c:140:42: branch_true: following ‘true’ branch (when ‘tmp’ is non-NULL)...
certmonger-0.79.21/src/subproc.c:140:58: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:140:58: acquire_memory: allocated here
certmonger-0.79.21/src/subproc.c:141:43: throw: if ‘cm_env_home_dir’ throws an exception...
certmonger-0.79.21/src/subproc.c:141:43: danger: ‘tmpdir’ leaks here; was allocated at [(12)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/11)
#  139|   				tmp = getenv("TMPDIR");
#  140|   				tmpdir = (tmp != NULL) ? strdup(tmp) : NULL;
#  141|-> 				homedir = cm_env_home_dir();
#  142|   				local = cm_env_local_ca_dir();
#  143|   				local = local ? strdup(local) : NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1049]
certmonger-0.79.21/src/subproc.c:142:41: warning[-Wanalyzer-malloc-leak]: leak of ‘configdir’
certmonger-0.79.21/src/subproc.c:116:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/subproc.c:117:17: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:121:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/subproc.c:122:25: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:138:45: branch_true: following ‘true’ branch (when ‘tmp’ is non-NULL)...
certmonger-0.79.21/src/subproc.c:138:61: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:138:61: acquire_memory: allocated here
certmonger-0.79.21/src/subproc.c:140:42: branch_false: following ‘false’ branch (when ‘tmp’ is NULL)...
certmonger-0.79.21/src/subproc.c:141:43: branch_false: ...to here
certmonger-0.79.21/src/subproc.c:142:41: throw: if ‘cm_env_local_ca_dir’ throws an exception...
certmonger-0.79.21/src/subproc.c:142:41: danger: ‘configdir’ leaks here; was allocated at [(10)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/9)
#  140|   				tmpdir = (tmp != NULL) ? strdup(tmp) : NULL;
#  141|   				homedir = cm_env_home_dir();
#  142|-> 				local = cm_env_local_ca_dir();
#  143|   				local = local ? strdup(local) : NULL;
#  144|   				childenvs = 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1050]
certmonger-0.79.21/src/subproc.c:142:41: warning[-Wanalyzer-malloc-leak]: leak of ‘tmpdir’
certmonger-0.79.21/src/subproc.c:116:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/subproc.c:117:17: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:121:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/subproc.c:122:25: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:138:45: branch_false: following ‘false’ branch (when ‘tmp’ is NULL)...
certmonger-0.79.21/src/subproc.c:139:39: branch_false: ...to here
certmonger-0.79.21/src/subproc.c:140:42: branch_true: following ‘true’ branch (when ‘tmp’ is non-NULL)...
certmonger-0.79.21/src/subproc.c:140:58: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:140:58: acquire_memory: allocated here
certmonger-0.79.21/src/subproc.c:142:41: throw: if ‘cm_env_local_ca_dir’ throws an exception...
certmonger-0.79.21/src/subproc.c:142:41: danger: ‘tmpdir’ leaks here; was allocated at [(12)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/11)
#  140|   				tmpdir = (tmp != NULL) ? strdup(tmp) : NULL;
#  141|   				homedir = cm_env_home_dir();
#  142|-> 				local = cm_env_local_ca_dir();
#  143|   				local = local ? strdup(local) : NULL;
#  144|   				childenvs = 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1051]
certmonger-0.79.21/src/subproc.c:190:33: warning[-Wanalyzer-malloc-leak]: leak of ‘local’
certmonger-0.79.21/src/subproc.c:99:1: enter_function: entry to ‘cm_subproc_start’
certmonger-0.79.21/src/subproc.c:116:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/subproc.c:117:17: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:121:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/subproc.c:122:25: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:138:45: branch_true: following ‘true’ branch (when ‘tmp’ is non-NULL)...
certmonger-0.79.21/src/subproc.c:138:61: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:140:42: branch_true: following ‘true’ branch (when ‘tmp’ is non-NULL)...
certmonger-0.79.21/src/subproc.c:140:58: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:143:41: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/subproc.c:143:49: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:143:49: acquire_memory: allocated here
certmonger-0.79.21/src/subproc.c:145:45: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/subproc.c:150:36: branch_false: ...to here
certmonger-0.79.21/src/subproc.c:150:36: branch_false: following ‘false’ branch (when ‘childenvs == 0’)...
certmonger-0.79.21/src/subproc.c:164:33: call_function: inlined call to ‘clear_environment’ from ‘cm_subproc_start’
certmonger-0.79.21/src/subproc.c:171:36: branch_false: following ‘false’ branch (when ‘configdir’ is NULL)...
certmonger-0.79.21/src/subproc.c:175:36: branch_false: ...to here
certmonger-0.79.21/src/subproc.c:175:36: branch_false: following ‘false’ branch (when ‘tmpdir’ is NULL)...
certmonger-0.79.21/src/subproc.c:178:36: branch_false: ...to here
certmonger-0.79.21/src/subproc.c:178:36: branch_true: following ‘true’ branch (when ‘local’ is non-NULL)...
certmonger-0.79.21/src/subproc.c:179:41: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:182:45: branch_false: following ‘false’ branch (when ‘childenv’ is NULL)...
certmonger-0.79.21/src/subproc.c:190:33: branch_false: ...to here
certmonger-0.79.21/src/subproc.c:190:33: throw: if the called function throws an exception...
certmonger-0.79.21/src/subproc.c:190:33: danger: ‘local’ leaks here; was allocated at [(15)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/14)
#  188|   				}
#  189|   
#  190|-> 				_exit((*cb)(fds[1], ca, entry, data));
#  191|   				break;
#  192|   			default:

Error: GCC_ANALYZER_WARNING (CWE-775): [#def1052]
certmonger-0.79.21/src/subproc.c:473:28: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/dev/null", 0)’
certmonger-0.79.21/src/subproc.c:468:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/subproc.c:468:13: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:468:13: branch_true: following ‘true’ branch (when ‘fd3 != 0’)...
certmonger-0.79.21/src/subproc.c:471:21: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:471:21: acquire_resource: opened here
certmonger-0.79.21/src/subproc.c:472:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/subproc.c:473:28: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:473:28: danger: ‘open("/dev/null", 0)’ leaks here; was opened at [(5)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/4)
#  471|   		i = open("/dev/null", O_RDONLY);
#  472|   		if (i != -1) {
#  473|-> 			if (i != STDIN_FILENO) {
#  474|   				dup2(i, STDIN_FILENO);
#  475|   				close(i);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def1053]
certmonger-0.79.21/src/subproc.c:475:33: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/dev/null", 0)’
certmonger-0.79.21/src/subproc.c:468:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/subproc.c:468:13: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:468:13: branch_true: following ‘true’ branch (when ‘fd3 != 0’)...
certmonger-0.79.21/src/subproc.c:471:21: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:471:21: acquire_resource: opened here
certmonger-0.79.21/src/subproc.c:472:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/subproc.c:473:28: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:473:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/subproc.c:474:33: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:475:33: danger: ‘open("/dev/null", 0)’ leaks here; was opened at [(5)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/4)
#  473|   			if (i != STDIN_FILENO) {
#  474|   				dup2(i, STDIN_FILENO);
#  475|-> 				close(i);
#  476|   			}
#  477|   		} else {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def1054]
certmonger-0.79.21/src/subproc.c:486:28: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/dev/null", 1)’
certmonger-0.79.21/src/subproc.c:481:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/subproc.c:481:13: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:481:13: branch_true: following ‘true’ branch (when ‘fd3 != 1’)...
certmonger-0.79.21/src/subproc.c:484:21: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:484:21: acquire_resource: opened here
certmonger-0.79.21/src/subproc.c:485:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/subproc.c:486:28: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:486:28: danger: ‘open("/dev/null", 1)’ leaks here; was opened at [(5)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/4)
#  484|   		i = open("/dev/null", O_WRONLY);
#  485|   		if (i != -1) {
#  486|-> 			if (i != STDOUT_FILENO) {
#  487|   				dup2(i, STDOUT_FILENO);
#  488|   				close(i);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def1055]
certmonger-0.79.21/src/subproc.c:488:33: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/dev/null", 1)’
certmonger-0.79.21/src/subproc.c:481:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/subproc.c:481:13: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:481:13: branch_true: following ‘true’ branch (when ‘fd3 != 1’)...
certmonger-0.79.21/src/subproc.c:484:21: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:484:21: acquire_resource: opened here
certmonger-0.79.21/src/subproc.c:485:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/subproc.c:486:28: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:486:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/subproc.c:487:33: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:488:33: danger: ‘open("/dev/null", 1)’ leaks here; was opened at [(5)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/4)
#  486|   			if (i != STDOUT_FILENO) {
#  487|   				dup2(i, STDOUT_FILENO);
#  488|-> 				close(i);
#  489|   			}
#  490|   		} else {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def1056]
certmonger-0.79.21/src/subproc.c:499:28: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/dev/null", 1)’
certmonger-0.79.21/src/subproc.c:494:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/subproc.c:494:13: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:494:13: branch_true: following ‘true’ branch (when ‘fd3 != 2’)...
certmonger-0.79.21/src/subproc.c:497:21: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:497:21: acquire_resource: opened here
certmonger-0.79.21/src/subproc.c:498:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/subproc.c:499:28: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:499:28: danger: ‘open("/dev/null", 1)’ leaks here; was opened at [(5)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/4)
#  497|   		i = open("/dev/null", O_WRONLY);
#  498|   		if (i != -1) {
#  499|-> 			if (i != STDERR_FILENO) {
#  500|   				dup2(i, STDERR_FILENO);
#  501|   				close(i);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def1057]
certmonger-0.79.21/src/subproc.c:501:33: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/dev/null", 1)’
certmonger-0.79.21/src/subproc.c:494:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/subproc.c:494:13: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:494:13: branch_true: following ‘true’ branch (when ‘fd3 != 2’)...
certmonger-0.79.21/src/subproc.c:497:21: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:497:21: acquire_resource: opened here
certmonger-0.79.21/src/subproc.c:498:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/subproc.c:499:28: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:499:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/subproc.c:500:33: branch_true: ...to here
certmonger-0.79.21/src/subproc.c:501:33: danger: ‘open("/dev/null", 1)’ leaks here; was opened at [(5)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/4)
#  499|   			if (i != STDERR_FILENO) {
#  500|   				dup2(i, STDERR_FILENO);
#  501|-> 				close(i);
#  502|   			}
#  503|   		} else {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1058]
certmonger-0.79.21/src/subproc.c:524:30: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir("/proc/self/fd")’
certmonger-0.79.21/src/subproc.c:507:15: acquire_memory: allocated here
certmonger-0.79.21/src/subproc.c:508:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/subproc.c:508:12: branch_false: ...to here
certmonger-0.79.21/src/subproc.c:524:30: throw: if ‘readdir’ throws an exception...
certmonger-0.79.21/src/subproc.c:524:30: danger: ‘opendir("/proc/self/fd")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/0)
#  522|   		}
#  523|   	} else {
#  524|-> 		while ((de = readdir(dir)) != NULL) {
#  525|   			int i = -1;
#  526|   

Error: COMPILER_WARNING (CWE-563): [#def1059]
certmonger-0.79.21/src/tdbus.c: scope_hint: In function ‘cm_tdbus_dispatch_status’
certmonger-0.79.21/src/tdbus.c:81:32: warning[-Wunused-parameter]: unused parameter ‘data’
#   81 |                          void *data)
#      |                          ~~~~~~^~~~
#   79|   static void
#   80|   cm_tdbus_dispatch_status(DBusConnection *conn, DBusDispatchStatus new_status,
#   81|-> 			 void *data)
#   82|   {
#   83|   	while (new_status == DBUS_DISPATCH_DATA_REMAINS) {

Error: COMPILER_WARNING (CWE-563): [#def1060]
certmonger-0.79.21/src/tdbus.c: scope_hint: In function ‘cm_tdbus_handle_timer’
certmonger-0.79.21/src/tdbus.c:230:71: warning[-Wunused-parameter]: unused parameter ‘timer’
#  230 | cm_tdbus_handle_timer(struct tevent_context *ec, struct tevent_timer *timer,
#      |                                                  ~~~~~~~~~~~~~~~~~~~~~^~~~~
#  228|   
#  229|   static void
#  230|-> cm_tdbus_handle_timer(struct tevent_context *ec, struct tevent_timer *timer,
#  231|   		      struct timeval current_time, void *pvt)
#  232|   {

Error: COMPILER_WARNING (CWE-563): [#def1061]
certmonger-0.79.21/src/tdbus.c:231:38: warning[-Wunused-parameter]: unused parameter ‘current_time’
#  231 |                       struct timeval current_time, void *pvt)
#      |                       ~~~~~~~~~~~~~~~^~~~~~~~~~~~
#  229|   static void
#  230|   cm_tdbus_handle_timer(struct tevent_context *ec, struct tevent_timer *timer,
#  231|-> 		      struct timeval current_time, void *pvt)
#  232|   {
#  233|   	struct tdbus_timer *tdb_timer;

Error: COMPILER_WARNING (CWE-563): [#def1062]
certmonger-0.79.21/src/tdbus.c: scope_hint: In function ‘cm_tdbus_reconnect’
certmonger-0.79.21/src/tdbus.c:526:35: warning[-Wunused-parameter]: unused parameter ‘current_time’
#  526 |                    struct timeval current_time, void *pvt)
#      |                    ~~~~~~~~~~~~~~~^~~~~~~~~~~~
#  524|   static void
#  525|   cm_tdbus_reconnect(struct tevent_context *ec, struct tevent_timer *timer,
#  526|-> 		   struct timeval current_time, void *pvt)
#  527|   {
#  528|   	const char *bus_desc;

Error: COMPILER_WARNING (CWE-563): [#def1063]
certmonger-0.79.21/src/tdbus.c: scope_hint: In function ‘cm_tdbus_new_private_client’
certmonger-0.79.21/src/tdbus.c:804:41: warning[-Wunused-parameter]: unused parameter ‘server’
#  804 | cm_tdbus_new_private_client(DBusServer *server, DBusConnection *new_conn,
#      |                             ~~~~~~~~~~~~^~~~~~
#  802|   
#  803|   static void
#  804|-> cm_tdbus_new_private_client(DBusServer *server, DBusConnection *new_conn,
#  805|   			    void *data)
#  806|   {

Error: COMPILER_WARNING (CWE-563): [#def1064]
certmonger-0.79.21/src/tdbus.c: scope_hint: In function ‘cm_tdbus_lost_private_client’
certmonger-0.79.21/src/tdbus.c:830:36: warning[-Wunused-parameter]: unused parameter ‘data’
#  830 | cm_tdbus_lost_private_client(void *data)
#      |                              ~~~~~~^~~~
#  828|   
#  829|   static void
#  830|-> cm_tdbus_lost_private_client(void *data)
#  831|   {
#  832|   	cm_log(3, "Lost private connection.\n");

Error: COMPILER_WARNING (CWE-563): [#def1065]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘base_add_known_ca’
certmonger-0.79.21/src/tdbush.c:320:42: warning[-Wunused-parameter]: unused parameter ‘ci’
#  320 |                   struct cm_client_info *ci, struct cm_context *ctx)
#      |                   ~~~~~~~~~~~~~~~~~~~~~~~^~
#  318|   static DBusHandlerResult
#  319|   base_add_known_ca(DBusConnection *conn, DBusMessage *msg,
#  320|-> 		  struct cm_client_info *ci, struct cm_context *ctx)
#  321|   {
#  322|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1066]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘base_find_request_by_nickname’
certmonger-0.79.21/src/tdbush.c:1671:54: warning[-Wunused-parameter]: unused parameter ‘ci’
# 1671 |                               struct cm_client_info *ci, struct cm_context *ctx)
#      |                               ~~~~~~~~~~~~~~~~~~~~~~~^~
# 1669|   static DBusHandlerResult
# 1670|   base_find_request_by_nickname(DBusConnection *conn, DBusMessage *msg,
# 1671|-> 			      struct cm_client_info *ci, struct cm_context *ctx)
# 1672|   {
# 1673|   	struct cm_store_entry *entry;

Error: COMPILER_WARNING (CWE-563): [#def1067]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘base_find_ca_by_nickname’
certmonger-0.79.21/src/tdbush.c:1715:49: warning[-Wunused-parameter]: unused parameter ‘ci’
# 1715 |                          struct cm_client_info *ci, struct cm_context *ctx)
#      |                          ~~~~~~~~~~~~~~~~~~~~~~~^~
# 1713|   static DBusHandlerResult
# 1714|   base_find_ca_by_nickname(DBusConnection *conn, DBusMessage *msg,
# 1715|-> 			 struct cm_client_info *ci, struct cm_context *ctx)
# 1716|   {
# 1717|   	struct cm_store_ca *ca;

Error: COMPILER_WARNING (CWE-563): [#def1068]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘base_get_known_cas’
certmonger-0.79.21/src/tdbush.c:1759:43: warning[-Wunused-parameter]: unused parameter ‘ci’
# 1759 |                    struct cm_client_info *ci, struct cm_context *ctx)
#      |                    ~~~~~~~~~~~~~~~~~~~~~~~^~
# 1757|   static DBusHandlerResult
# 1758|   base_get_known_cas(DBusConnection *conn, DBusMessage *msg,
# 1759|-> 		   struct cm_client_info *ci, struct cm_context *ctx)
# 1760|   {
# 1761|   	int i, n_cas;

Error: COMPILER_WARNING (CWE-563): [#def1069]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘base_get_requests’
certmonger-0.79.21/src/tdbush.c:1795:42: warning[-Wunused-parameter]: unused parameter ‘ci’
# 1795 |                   struct cm_client_info *ci, struct cm_context *ctx)
#      |                   ~~~~~~~~~~~~~~~~~~~~~~~^~
# 1793|   static DBusHandlerResult
# 1794|   base_get_requests(DBusConnection *conn, DBusMessage *msg,
# 1795|-> 		  struct cm_client_info *ci, struct cm_context *ctx)
# 1796|   {
# 1797|   	int i, n_entries;

Error: COMPILER_WARNING (CWE-563): [#def1070]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘base_get_supported_key_types’
certmonger-0.79.21/src/tdbush.c:1831:53: warning[-Wunused-parameter]: unused parameter ‘ci’
# 1831 |                              struct cm_client_info *ci, struct cm_context *ctx)
#      |                              ~~~~~~~~~~~~~~~~~~~~~~~^~
# 1829|   static DBusHandlerResult
# 1830|   base_get_supported_key_types(DBusConnection *conn, DBusMessage *msg,
# 1831|-> 			     struct cm_client_info *ci, struct cm_context *ctx)
# 1832|   {
# 1833|   	const char *key_types[] = {

Error: COMPILER_WARNING (CWE-563): [#def1071]
certmonger-0.79.21/src/tdbush.c:1831:76: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 1831 |                              struct cm_client_info *ci, struct cm_context *ctx)
#      |                                                         ~~~~~~~~~~~~~~~~~~~^~~
# 1829|   static DBusHandlerResult
# 1830|   base_get_supported_key_types(DBusConnection *conn, DBusMessage *msg,
# 1831|-> 			     struct cm_client_info *ci, struct cm_context *ctx)
# 1832|   {
# 1833|   	const char *key_types[] = {

Error: COMPILER_WARNING (CWE-563): [#def1072]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘base_get_supported_key_and_cert_storage’
certmonger-0.79.21/src/tdbush.c:1857:64: warning[-Wunused-parameter]: unused parameter ‘ci’
# 1857 |                                         struct cm_client_info *ci, struct cm_context *ctx)
#      |                                         ~~~~~~~~~~~~~~~~~~~~~~~^~
# 1855|   static DBusHandlerResult
# 1856|   base_get_supported_key_and_cert_storage(DBusConnection *conn, DBusMessage *msg,
# 1857|-> 					struct cm_client_info *ci, struct cm_context *ctx)
# 1858|   {
# 1859|   #ifdef HAVE_OPENSSL

Error: COMPILER_WARNING (CWE-563): [#def1073]
certmonger-0.79.21/src/tdbush.c:1857:87: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 1857 |                                         struct cm_client_info *ci, struct cm_context *ctx)
#      |                                                                    ~~~~~~~~~~~~~~~~~~~^~~
# 1855|   static DBusHandlerResult
# 1856|   base_get_supported_key_and_cert_storage(DBusConnection *conn, DBusMessage *msg,
# 1857|-> 					struct cm_client_info *ci, struct cm_context *ctx)
# 1858|   {
# 1859|   #ifdef HAVE_OPENSSL

Error: COMPILER_WARNING (CWE-563): [#def1074]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘base_remove_known_ca’
certmonger-0.79.21/src/tdbush.c:1896:45: warning[-Wunused-parameter]: unused parameter ‘ci’
# 1896 |                      struct cm_client_info *ci, struct cm_context *ctx)
#      |                      ~~~~~~~~~~~~~~~~~~~~~~~^~
# 1894|   static DBusHandlerResult
# 1895|   base_remove_known_ca(DBusConnection *conn, DBusMessage *msg,
# 1896|-> 		     struct cm_client_info *ci, struct cm_context *ctx)
# 1897|   {
# 1898|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1075]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘base_remove_request’
certmonger-0.79.21/src/tdbush.c:1934:44: warning[-Wunused-parameter]: unused parameter ‘ci’
# 1934 |                     struct cm_client_info *ci, struct cm_context *ctx)
#      |                     ~~~~~~~~~~~~~~~~~~~~~~~^~
# 1932|   static DBusHandlerResult
# 1933|   base_remove_request(DBusConnection *conn, DBusMessage *msg,
# 1934|-> 		    struct cm_client_info *ci, struct cm_context *ctx)
# 1935|   {
# 1936|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1076]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘ca_get_nickname’
certmonger-0.79.21/src/tdbush.c:1990:40: warning[-Wunused-parameter]: unused parameter ‘ci’
# 1990 |                 struct cm_client_info *ci, struct cm_context *ctx)
#      |                 ~~~~~~~~~~~~~~~~~~~~~~~^~
# 1988|   static DBusHandlerResult
# 1989|   ca_get_nickname(DBusConnection *conn, DBusMessage *msg,
# 1990|-> 		struct cm_client_info *ci, struct cm_context *ctx)
# 1991|   {
# 1992|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1077]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘ca_get_is_default’
certmonger-0.79.21/src/tdbush.c:2015:42: warning[-Wunused-parameter]: unused parameter ‘ci’
# 2015 |                   struct cm_client_info *ci, struct cm_context *ctx)
#      |                   ~~~~~~~~~~~~~~~~~~~~~~~^~
# 2013|   static DBusHandlerResult
# 2014|   ca_get_is_default(DBusConnection *conn, DBusMessage *msg,
# 2015|-> 		  struct cm_client_info *ci, struct cm_context *ctx)
# 2016|   {
# 2017|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1078]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘ca_get_issuer_names’
certmonger-0.79.21/src/tdbush.c:2037:44: warning[-Wunused-parameter]: unused parameter ‘ci’
# 2037 |                     struct cm_client_info *ci, struct cm_context *ctx)
#      |                     ~~~~~~~~~~~~~~~~~~~~~~~^~
# 2035|   static DBusHandlerResult
# 2036|   ca_get_issuer_names(DBusConnection *conn, DBusMessage *msg,
# 2037|-> 		    struct cm_client_info *ci, struct cm_context *ctx)
# 2038|   {
# 2039|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1079]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘ca_get_location’
certmonger-0.79.21/src/tdbush.c:2061:40: warning[-Wunused-parameter]: unused parameter ‘ci’
# 2061 |                 struct cm_client_info *ci, struct cm_context *ctx)
#      |                 ~~~~~~~~~~~~~~~~~~~~~~~^~
# 2059|   static DBusHandlerResult
# 2060|   ca_get_location(DBusConnection *conn, DBusMessage *msg,
# 2061|-> 		struct cm_client_info *ci, struct cm_context *ctx)
# 2062|   {
# 2063|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1080]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘ca_get_type’
certmonger-0.79.21/src/tdbush.c:2083:36: warning[-Wunused-parameter]: unused parameter ‘ci’
# 2083 |             struct cm_client_info *ci, struct cm_context *ctx)
#      |             ~~~~~~~~~~~~~~~~~~~~~~~^~
# 2081|   static DBusHandlerResult
# 2082|   ca_get_type(DBusConnection *conn, DBusMessage *msg,
# 2083|-> 	    struct cm_client_info *ci, struct cm_context *ctx)
# 2084|   {
# 2085|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1081]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘ca_get_serial’
certmonger-0.79.21/src/tdbush.c:2115:38: warning[-Wunused-parameter]: unused parameter ‘ci’
# 2115 |               struct cm_client_info *ci, struct cm_context *ctx)
#      |               ~~~~~~~~~~~~~~~~~~~~~~~^~
# 2113|   static DBusHandlerResult
# 2114|   ca_get_serial(DBusConnection *conn, DBusMessage *msg,
# 2115|-> 	      struct cm_client_info *ci, struct cm_context *ctx)
# 2116|   {
# 2117|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1082]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘ca_get_config_file_path’
certmonger-0.79.21/src/tdbush.c:2145:40: warning[-Wunused-parameter]: unused parameter ‘ci’
# 2145 |                 struct cm_client_info *ci, struct cm_context *ctx)
#      |                 ~~~~~~~~~~~~~~~~~~~~~~~^~
# 2143|   static DBusHandlerResult
# 2144|   ca_get_config_file_path(DBusConnection *conn, DBusMessage *msg,
# 2145|-> 		struct cm_client_info *ci, struct cm_context *ctx)
# 2146|   {
# 2147|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1083]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘ca_refresh’
certmonger-0.79.21/src/tdbush.c:2167:35: warning[-Wunused-parameter]: unused parameter ‘ci’
# 2167 |            struct cm_client_info *ci, struct cm_context *ctx)
#      |            ~~~~~~~~~~~~~~~~~~~~~~~^~
# 2165|   static DBusHandlerResult
# 2166|   ca_refresh(DBusConnection *conn, DBusMessage *msg,
# 2167|-> 	   struct cm_client_info *ci, struct cm_context *ctx)
# 2168|   {
# 2169|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1084]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘ca_prop_get_is_default’
certmonger-0.79.21/src/tdbush.c:2196:43: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 2196 | ca_prop_get_is_default(struct cm_context *ctx, void *parent,
#      |                        ~~~~~~~~~~~~~~~~~~~^~~
# 2194|   /* Custom property get/set logic for CA structures. */
# 2195|   static dbus_bool_t
# 2196|-> ca_prop_get_is_default(struct cm_context *ctx, void *parent,
# 2197|   		       void *record, const char *name)
# 2198|   {

Error: COMPILER_WARNING (CWE-563): [#def1085]
certmonger-0.79.21/src/tdbush.c:2196:54: warning[-Wunused-parameter]: unused parameter ‘parent’
# 2196 | ca_prop_get_is_default(struct cm_context *ctx, void *parent,
#      |                                                ~~~~~~^~~~~~
# 2194|   /* Custom property get/set logic for CA structures. */
# 2195|   static dbus_bool_t
# 2196|-> ca_prop_get_is_default(struct cm_context *ctx, void *parent,
# 2197|   		       void *record, const char *name)
# 2198|   {

Error: COMPILER_WARNING (CWE-563): [#def1086]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘ca_prop_get_external_helper’
certmonger-0.79.21/src/tdbush.c:2248:48: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 2248 | ca_prop_get_external_helper(struct cm_context *ctx, void *parent,
#      |                             ~~~~~~~~~~~~~~~~~~~^~~
# 2246|   
# 2247|   static const char *
# 2248|-> ca_prop_get_external_helper(struct cm_context *ctx, void *parent,
# 2249|   			    void *record, const char *name)
# 2250|   {

Error: COMPILER_WARNING (CWE-563): [#def1087]
certmonger-0.79.21/src/tdbush.c:2248:59: warning[-Wunused-parameter]: unused parameter ‘parent’
# 2248 | ca_prop_get_external_helper(struct cm_context *ctx, void *parent,
#      |                                                     ~~~~~~^~~~~~
# 2246|   
# 2247|   static const char *
# 2248|-> ca_prop_get_external_helper(struct cm_context *ctx, void *parent,
# 2249|   			    void *record, const char *name)
# 2250|   {

Error: COMPILER_WARNING (CWE-563): [#def1088]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘ca_prop_get_scep_cipher’
certmonger-0.79.21/src/tdbush.c:2298:44: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 2298 | ca_prop_get_scep_cipher(struct cm_context *ctx, void *parent,
#      |                         ~~~~~~~~~~~~~~~~~~~^~~
# 2296|   
# 2297|   static const char *
# 2298|-> ca_prop_get_scep_cipher(struct cm_context *ctx, void *parent,
# 2299|   			       void *record, const char *name)
# 2300|   {

Error: COMPILER_WARNING (CWE-563): [#def1089]
certmonger-0.79.21/src/tdbush.c:2298:55: warning[-Wunused-parameter]: unused parameter ‘parent’
# 2298 | ca_prop_get_scep_cipher(struct cm_context *ctx, void *parent,
#      |                                                 ~~~~~~^~~~~~
# 2296|   
# 2297|   static const char *
# 2298|-> ca_prop_get_scep_cipher(struct cm_context *ctx, void *parent,
# 2299|   			       void *record, const char *name)
# 2300|   {

Error: COMPILER_WARNING (CWE-563): [#def1090]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘ca_prop_get_scep_digest’
certmonger-0.79.21/src/tdbush.c:2348:44: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 2348 | ca_prop_get_scep_digest(struct cm_context *ctx, void *parent,
#      |                         ~~~~~~~~~~~~~~~~~~~^~~
# 2346|   
# 2347|   static const char *
# 2348|-> ca_prop_get_scep_digest(struct cm_context *ctx, void *parent,
# 2349|   			       void *record, const char *name)
# 2350|   {

Error: COMPILER_WARNING (CWE-563): [#def1091]
certmonger-0.79.21/src/tdbush.c:2348:55: warning[-Wunused-parameter]: unused parameter ‘parent’
# 2348 | ca_prop_get_scep_digest(struct cm_context *ctx, void *parent,
#      |                                                 ~~~~~~^~~~~~
# 2346|   
# 2347|   static const char *
# 2348|-> ca_prop_get_scep_digest(struct cm_context *ctx, void *parent,
# 2349|   			       void *record, const char *name)
# 2350|   {

Error: COMPILER_WARNING (CWE-563): [#def1092]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘ca_prop_get_scep_ca_identifier’
certmonger-0.79.21/src/tdbush.c:2398:51: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 2398 | ca_prop_get_scep_ca_identifier(struct cm_context *ctx, void *parent,
#      |                                ~~~~~~~~~~~~~~~~~~~^~~
# 2396|   
# 2397|   static const char *
# 2398|-> ca_prop_get_scep_ca_identifier(struct cm_context *ctx, void *parent,
# 2399|   			       void *record, const char *name)
# 2400|   {

Error: COMPILER_WARNING (CWE-563): [#def1093]
certmonger-0.79.21/src/tdbush.c:2398:62: warning[-Wunused-parameter]: unused parameter ‘parent’
# 2398 | ca_prop_get_scep_ca_identifier(struct cm_context *ctx, void *parent,
#      |                                                        ~~~~~~^~~~~~
# 2396|   
# 2397|   static const char *
# 2398|-> ca_prop_get_scep_ca_identifier(struct cm_context *ctx, void *parent,
# 2399|   			       void *record, const char *name)
# 2400|   {

Error: COMPILER_WARNING (CWE-563): [#def1094]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘ca_prop_read_nickcerts’
certmonger-0.79.21/src/tdbush.c:2448:43: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 2448 | ca_prop_read_nickcerts(struct cm_context *ctx, void *parent,
#      |                        ~~~~~~~~~~~~~~~~~~~^~~
# 2446|   
# 2447|   static const char **
# 2448|-> ca_prop_read_nickcerts(struct cm_context *ctx, void *parent,
# 2449|   		       struct cm_nickcert **nickcerts)
# 2450|   {

Error: COMPILER_WARNING (CWE-563): [#def1095]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_get_nickname’
certmonger-0.79.21/src/tdbush.c:2519:45: warning[-Wunused-parameter]: unused parameter ‘ci’
# 2519 |                      struct cm_client_info *ci, struct cm_context *ctx)
#      |                      ~~~~~~~~~~~~~~~~~~~~~~~^~
# 2517|   static DBusHandlerResult
# 2518|   request_get_nickname(DBusConnection *conn, DBusMessage *msg,
# 2519|-> 		     struct cm_client_info *ci, struct cm_context *ctx)
# 2520|   {
# 2521|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1096]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_get_key_pin’
certmonger-0.79.21/src/tdbush.c:2543:44: warning[-Wunused-parameter]: unused parameter ‘ci’
# 2543 |                     struct cm_client_info *ci, struct cm_context *ctx)
#      |                     ~~~~~~~~~~~~~~~~~~~~~~~^~
# 2541|   static DBusHandlerResult
# 2542|   request_get_key_pin(DBusConnection *conn, DBusMessage *msg,
# 2543|-> 		    struct cm_client_info *ci, struct cm_context *ctx)
# 2544|   {
# 2545|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1097]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_get_key_pin_file’
certmonger-0.79.21/src/tdbush.c:2565:49: warning[-Wunused-parameter]: unused parameter ‘ci’
# 2565 |                          struct cm_client_info *ci, struct cm_context *ctx)
#      |                          ~~~~~~~~~~~~~~~~~~~~~~~^~
# 2563|   static DBusHandlerResult
# 2564|   request_get_key_pin_file(DBusConnection *conn, DBusMessage *msg,
# 2565|-> 			 struct cm_client_info *ci, struct cm_context *ctx)
# 2566|   {
# 2567|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1098]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_get_autorenew’
certmonger-0.79.21/src/tdbush.c:2587:46: warning[-Wunused-parameter]: unused parameter ‘ci’
# 2587 |                       struct cm_client_info *ci, struct cm_context *ctx)
#      |                       ~~~~~~~~~~~~~~~~~~~~~~~^~
# 2585|   static DBusHandlerResult
# 2586|   request_get_autorenew(DBusConnection *conn, DBusMessage *msg,
# 2587|-> 		      struct cm_client_info *ci, struct cm_context *ctx)
# 2588|   {
# 2589|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1099]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_get_cert_data’
certmonger-0.79.21/src/tdbush.c:2609:46: warning[-Wunused-parameter]: unused parameter ‘ci’
# 2609 |                       struct cm_client_info *ci, struct cm_context *ctx)
#      |                       ~~~~~~~~~~~~~~~~~~~~~~~^~
# 2607|   static DBusHandlerResult
# 2608|   request_get_cert_data(DBusConnection *conn, DBusMessage *msg,
# 2609|-> 		      struct cm_client_info *ci, struct cm_context *ctx)
# 2610|   {
# 2611|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1100]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_get_cert_info’
certmonger-0.79.21/src/tdbush.c:2703:46: warning[-Wunused-parameter]: unused parameter ‘ci’
# 2703 |                       struct cm_client_info *ci, struct cm_context *ctx)
#      |                       ~~~~~~~~~~~~~~~~~~~~~~~^~
# 2701|   static DBusHandlerResult
# 2702|   request_get_cert_info(DBusConnection *conn, DBusMessage *msg,
# 2703|-> 		      struct cm_client_info *ci, struct cm_context *ctx)
# 2704|   {
# 2705|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1101]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_get_cert_last_checked’
certmonger-0.79.21/src/tdbush.c:2738:54: warning[-Wunused-parameter]: unused parameter ‘ci’
# 2738 |                               struct cm_client_info *ci, struct cm_context *ctx)
#      |                               ~~~~~~~~~~~~~~~~~~~~~~~^~
# 2736|   static DBusHandlerResult
# 2737|   request_get_cert_last_checked(DBusConnection *conn, DBusMessage *msg,
# 2738|-> 			      struct cm_client_info *ci, struct cm_context *ctx)
# 2739|   {
# 2740|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1102]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_get_cert_storage_info’
certmonger-0.79.21/src/tdbush.c:2762:54: warning[-Wunused-parameter]: unused parameter ‘ci’
# 2762 |                               struct cm_client_info *ci, struct cm_context *ctx)
#      |                               ~~~~~~~~~~~~~~~~~~~~~~~^~
# 2760|   static DBusHandlerResult
# 2761|   request_get_cert_storage_info(DBusConnection *conn, DBusMessage *msg,
# 2762|-> 			      struct cm_client_info *ci, struct cm_context *ctx)
# 2763|   {
# 2764|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1103]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_get_csr_data’
certmonger-0.79.21/src/tdbush.c:2808:45: warning[-Wunused-parameter]: unused parameter ‘ci’
# 2808 |                      struct cm_client_info *ci, struct cm_context *ctx)
#      |                      ~~~~~~~~~~~~~~~~~~~~~~~^~
# 2806|   static DBusHandlerResult
# 2807|   request_get_csr_data(DBusConnection *conn, DBusMessage *msg,
# 2808|-> 		     struct cm_client_info *ci, struct cm_context *ctx)
# 2809|   {
# 2810|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1104]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_get_csr_info’
certmonger-0.79.21/src/tdbush.c:2832:45: warning[-Wunused-parameter]: unused parameter ‘ci’
# 2832 |                      struct cm_client_info *ci, struct cm_context *ctx)
#      |                      ~~~~~~~~~~~~~~~~~~~~~~~^~
# 2830|   static DBusHandlerResult
# 2831|   request_get_csr_info(DBusConnection *conn, DBusMessage *msg,
# 2832|-> 		     struct cm_client_info *ci, struct cm_context *ctx)
# 2833|   {
# 2834|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1105]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_get_key_storage_info’
certmonger-0.79.21/src/tdbush.c:2865:53: warning[-Wunused-parameter]: unused parameter ‘ci’
# 2865 |                              struct cm_client_info *ci, struct cm_context *ctx)
#      |                              ~~~~~~~~~~~~~~~~~~~~~~~^~
# 2863|   static DBusHandlerResult
# 2864|   request_get_key_storage_info(DBusConnection *conn, DBusMessage *msg,
# 2865|-> 			     struct cm_client_info *ci, struct cm_context *ctx)
# 2866|   {
# 2867|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1106]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_get_key_type_and_size’
certmonger-0.79.21/src/tdbush.c:2916:54: warning[-Wunused-parameter]: unused parameter ‘ci’
# 2916 |                               struct cm_client_info *ci, struct cm_context *ctx)
#      |                               ~~~~~~~~~~~~~~~~~~~~~~~^~
# 2914|   static DBusHandlerResult
# 2915|   request_get_key_type_and_size(DBusConnection *conn, DBusMessage *msg,
# 2916|-> 			      struct cm_client_info *ci, struct cm_context *ctx)
# 2917|   {
# 2918|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1107]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_get_monitoring’
certmonger-0.79.21/src/tdbush.c:2962:47: warning[-Wunused-parameter]: unused parameter ‘ci’
# 2962 |                        struct cm_client_info *ci, struct cm_context *ctx)
#      |                        ~~~~~~~~~~~~~~~~~~~~~~~^~
# 2960|   static DBusHandlerResult
# 2961|   request_get_monitoring(DBusConnection *conn, DBusMessage *msg,
# 2962|-> 		       struct cm_client_info *ci, struct cm_context *ctx)
# 2963|   {
# 2964|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1108]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_get_notification_info’
certmonger-0.79.21/src/tdbush.c:2984:54: warning[-Wunused-parameter]: unused parameter ‘ci’
# 2984 |                               struct cm_client_info *ci, struct cm_context *ctx)
#      |                               ~~~~~~~~~~~~~~~~~~~~~~~^~
# 2982|   static DBusHandlerResult
# 2983|   request_get_notification_info(DBusConnection *conn, DBusMessage *msg,
# 2984|-> 			      struct cm_client_info *ci, struct cm_context *ctx)
# 2985|   {
# 2986|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1109]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_get_status’
certmonger-0.79.21/src/tdbush.c:3034:43: warning[-Wunused-parameter]: unused parameter ‘ci’
# 3034 |                    struct cm_client_info *ci, struct cm_context *ctx)
#      |                    ~~~~~~~~~~~~~~~~~~~~~~~^~
# 3032|   static DBusHandlerResult
# 3033|   request_get_status(DBusConnection *conn, DBusMessage *msg,
# 3034|-> 		   struct cm_client_info *ci, struct cm_context *ctx)
# 3035|   {
# 3036|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1110]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_get_ca’
certmonger-0.79.21/src/tdbush.c:3060:39: warning[-Wunused-parameter]: unused parameter ‘ci’
# 3060 |                struct cm_client_info *ci, struct cm_context *ctx)
#      |                ~~~~~~~~~~~~~~~~~~~~~~~^~
# 3058|   static DBusHandlerResult
# 3059|   request_get_ca(DBusConnection *conn, DBusMessage *msg,
# 3060|-> 	       struct cm_client_info *ci, struct cm_context *ctx)
# 3061|   {
# 3062|   	void *parent;

Error: COMPILER_WARNING (CWE-563): [#def1111]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_get_ca_error’
certmonger-0.79.21/src/tdbush.c:3098:45: warning[-Wunused-parameter]: unused parameter ‘ci’
# 3098 |                      struct cm_client_info *ci, struct cm_context *ctx)
#      |                      ~~~~~~~~~~~~~~~~~~~~~~~^~
# 3096|   static DBusHandlerResult
# 3097|   request_get_ca_error(DBusConnection *conn, DBusMessage *msg,
# 3098|-> 		     struct cm_client_info *ci, struct cm_context *ctx)
# 3099|   {
# 3100|   	void *parent;

Error: COMPILER_WARNING (CWE-563): [#def1112]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_get_submitted_cookie’
certmonger-0.79.21/src/tdbush.c:3126:53: warning[-Wunused-parameter]: unused parameter ‘ci’
# 3126 |                              struct cm_client_info *ci, struct cm_context *ctx)
#      |                              ~~~~~~~~~~~~~~~~~~~~~~~^~
# 3124|   static DBusHandlerResult
# 3125|   request_get_submitted_cookie(DBusConnection *conn, DBusMessage *msg,
# 3126|-> 			     struct cm_client_info *ci, struct cm_context *ctx)
# 3127|   {
# 3128|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1113]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_get_submitted_date’
certmonger-0.79.21/src/tdbush.c:3150:51: warning[-Wunused-parameter]: unused parameter ‘ci’
# 3150 |                            struct cm_client_info *ci, struct cm_context *ctx)
#      |                            ~~~~~~~~~~~~~~~~~~~~~~~^~
# 3148|   static DBusHandlerResult
# 3149|   request_get_submitted_date(DBusConnection *conn, DBusMessage *msg,
# 3150|-> 			   struct cm_client_info *ci, struct cm_context *ctx)
# 3151|   {
# 3152|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1114]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_resubmit’
certmonger-0.79.21/src/tdbush.c:3720:41: warning[-Wunused-parameter]: unused parameter ‘ci’
# 3720 |                  struct cm_client_info *ci, struct cm_context *ctx)
#      |                  ~~~~~~~~~~~~~~~~~~~~~~~^~
# 3718|   static DBusHandlerResult
# 3719|   request_resubmit(DBusConnection *conn, DBusMessage *msg,
# 3720|-> 		 struct cm_client_info *ci, struct cm_context *ctx)
# 3721|   {
# 3722|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1115]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_refresh’
certmonger-0.79.21/src/tdbush.c:3773:40: warning[-Wunused-parameter]: unused parameter ‘ci’
# 3773 |                 struct cm_client_info *ci, struct cm_context *ctx)
#      |                 ~~~~~~~~~~~~~~~~~~~~~~~^~
# 3771|   static DBusHandlerResult
# 3772|   request_refresh(DBusConnection *conn, DBusMessage *msg,
# 3773|-> 		struct cm_client_info *ci, struct cm_context *ctx)
# 3774|   {
# 3775|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1116]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_rekey’
certmonger-0.79.21/src/tdbush.c:3812:38: warning[-Wunused-parameter]: unused parameter ‘ci’
# 3812 |               struct cm_client_info *ci, struct cm_context *ctx)
#      |               ~~~~~~~~~~~~~~~~~~~~~~~^~
# 3810|   static DBusHandlerResult
# 3811|   request_rekey(DBusConnection *conn, DBusMessage *msg,
# 3812|-> 	      struct cm_client_info *ci, struct cm_context *ctx)
# 3813|   {
# 3814|   	DBusMessage *rep;

Error: COMPILER_WARNING (CWE-563): [#def1117]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_get_autorenew’
certmonger-0.79.21/src/tdbush.c:3856:47: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 3856 | request_prop_get_autorenew(struct cm_context *ctx, void *parent,
#      |                            ~~~~~~~~~~~~~~~~~~~^~~
# 3854|   /* Custom property get/set logic for request structures. */
# 3855|   static dbus_bool_t
# 3856|-> request_prop_get_autorenew(struct cm_context *ctx, void *parent,
# 3857|   			   void *record, const char *name)
# 3858|   {

Error: COMPILER_WARNING (CWE-563): [#def1118]
certmonger-0.79.21/src/tdbush.c:3856:58: warning[-Wunused-parameter]: unused parameter ‘parent’
# 3856 | request_prop_get_autorenew(struct cm_context *ctx, void *parent,
#      |                                                    ~~~~~~^~~~~~
# 3854|   /* Custom property get/set logic for request structures. */
# 3855|   static dbus_bool_t
# 3856|-> request_prop_get_autorenew(struct cm_context *ctx, void *parent,
# 3857|   			   void *record, const char *name)
# 3858|   {

Error: COMPILER_WARNING (CWE-563): [#def1119]
certmonger-0.79.21/src/tdbush.c:3857:54: warning[-Wunused-parameter]: unused parameter ‘name’
# 3857 |                            void *record, const char *name)
#      |                                          ~~~~~~~~~~~~^~~~
# 3855|   static dbus_bool_t
# 3856|   request_prop_get_autorenew(struct cm_context *ctx, void *parent,
# 3857|-> 			   void *record, const char *name)
# 3858|   {
# 3859|   	struct cm_store_entry *entry = record;

Error: COMPILER_WARNING (CWE-563): [#def1120]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_get_monitoring’
certmonger-0.79.21/src/tdbush.c:3864:48: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 3864 | request_prop_get_monitoring(struct cm_context *ctx, void *parent,
#      |                             ~~~~~~~~~~~~~~~~~~~^~~
# 3862|   
# 3863|   static dbus_bool_t
# 3864|-> request_prop_get_monitoring(struct cm_context *ctx, void *parent,
# 3865|   			    void *record, const char *name)
# 3866|   {

Error: COMPILER_WARNING (CWE-563): [#def1121]
certmonger-0.79.21/src/tdbush.c:3864:59: warning[-Wunused-parameter]: unused parameter ‘parent’
# 3864 | request_prop_get_monitoring(struct cm_context *ctx, void *parent,
#      |                                                     ~~~~~~^~~~~~
# 3862|   
# 3863|   static dbus_bool_t
# 3864|-> request_prop_get_monitoring(struct cm_context *ctx, void *parent,
# 3865|   			    void *record, const char *name)
# 3866|   {

Error: COMPILER_WARNING (CWE-563): [#def1122]
certmonger-0.79.21/src/tdbush.c:3865:55: warning[-Wunused-parameter]: unused parameter ‘name’
# 3865 |                             void *record, const char *name)
#      |                                           ~~~~~~~~~~~~^~~~
# 3863|   static dbus_bool_t
# 3864|   request_prop_get_monitoring(struct cm_context *ctx, void *parent,
# 3865|-> 			    void *record, const char *name)
# 3866|   {
# 3867|   	struct cm_store_entry *entry = record;

Error: COMPILER_WARNING (CWE-563): [#def1123]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_get_cert_location_type’
certmonger-0.79.21/src/tdbush.c:3872:56: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 3872 | request_prop_get_cert_location_type(struct cm_context *ctx, void *parent,
#      |                                     ~~~~~~~~~~~~~~~~~~~^~~
# 3870|   
# 3871|   static const char *
# 3872|-> request_prop_get_cert_location_type(struct cm_context *ctx, void *parent,
# 3873|   				    void *record, const char *name)
# 3874|   {

Error: COMPILER_WARNING (CWE-563): [#def1124]
certmonger-0.79.21/src/tdbush.c:3872:67: warning[-Wunused-parameter]: unused parameter ‘parent’
# 3872 | request_prop_get_cert_location_type(struct cm_context *ctx, void *parent,
#      |                                                             ~~~~~~^~~~~~
# 3870|   
# 3871|   static const char *
# 3872|-> request_prop_get_cert_location_type(struct cm_context *ctx, void *parent,
# 3873|   				    void *record, const char *name)
# 3874|   {

Error: COMPILER_WARNING (CWE-563): [#def1125]
certmonger-0.79.21/src/tdbush.c:3873:63: warning[-Wunused-parameter]: unused parameter ‘name’
# 3873 |                                     void *record, const char *name)
#      |                                                   ~~~~~~~~~~~~^~~~
# 3871|   static const char *
# 3872|   request_prop_get_cert_location_type(struct cm_context *ctx, void *parent,
# 3873|-> 				    void *record, const char *name)
# 3874|   {
# 3875|   	struct cm_store_entry *entry = record;

Error: COMPILER_WARNING (CWE-563): [#def1126]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_get_cert_location_file’
certmonger-0.79.21/src/tdbush.c:3888:56: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 3888 | request_prop_get_cert_location_file(struct cm_context *ctx, void *parent,
#      |                                     ~~~~~~~~~~~~~~~~~~~^~~
# 3886|   
# 3887|   static const char *
# 3888|-> request_prop_get_cert_location_file(struct cm_context *ctx, void *parent,
# 3889|   				    void *record, const char *name)
# 3890|   {

Error: COMPILER_WARNING (CWE-563): [#def1127]
certmonger-0.79.21/src/tdbush.c:3888:67: warning[-Wunused-parameter]: unused parameter ‘parent’
# 3888 | request_prop_get_cert_location_file(struct cm_context *ctx, void *parent,
#      |                                                             ~~~~~~^~~~~~
# 3886|   
# 3887|   static const char *
# 3888|-> request_prop_get_cert_location_file(struct cm_context *ctx, void *parent,
# 3889|   				    void *record, const char *name)
# 3890|   {

Error: COMPILER_WARNING (CWE-563): [#def1128]
certmonger-0.79.21/src/tdbush.c:3889:63: warning[-Wunused-parameter]: unused parameter ‘name’
# 3889 |                                     void *record, const char *name)
#      |                                                   ~~~~~~~~~~~~^~~~
# 3887|   static const char *
# 3888|   request_prop_get_cert_location_file(struct cm_context *ctx, void *parent,
# 3889|-> 				    void *record, const char *name)
# 3890|   {
# 3891|   	struct cm_store_entry *entry = record;

Error: COMPILER_WARNING (CWE-563): [#def1129]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_get_cert_location_database’
certmonger-0.79.21/src/tdbush.c:3903:60: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 3903 | request_prop_get_cert_location_database(struct cm_context *ctx, void *parent,
#      |                                         ~~~~~~~~~~~~~~~~~~~^~~
# 3901|   
# 3902|   static const char *
# 3903|-> request_prop_get_cert_location_database(struct cm_context *ctx, void *parent,
# 3904|   					void *record, const char *name)
# 3905|   {

Error: COMPILER_WARNING (CWE-563): [#def1130]
certmonger-0.79.21/src/tdbush.c:3903:71: warning[-Wunused-parameter]: unused parameter ‘parent’
# 3903 | request_prop_get_cert_location_database(struct cm_context *ctx, void *parent,
#      |                                                                 ~~~~~~^~~~~~
# 3901|   
# 3902|   static const char *
# 3903|-> request_prop_get_cert_location_database(struct cm_context *ctx, void *parent,
# 3904|   					void *record, const char *name)
# 3905|   {

Error: COMPILER_WARNING (CWE-563): [#def1131]
certmonger-0.79.21/src/tdbush.c:3904:67: warning[-Wunused-parameter]: unused parameter ‘name’
# 3904 |                                         void *record, const char *name)
#      |                                                       ~~~~~~~~~~~~^~~~
# 3902|   static const char *
# 3903|   request_prop_get_cert_location_database(struct cm_context *ctx, void *parent,
# 3904|-> 					void *record, const char *name)
# 3905|   {
# 3906|   	struct cm_store_entry *entry = record;

Error: COMPILER_WARNING (CWE-563): [#def1132]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_get_cert_location_nickname’
certmonger-0.79.21/src/tdbush.c:3918:60: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 3918 | request_prop_get_cert_location_nickname(struct cm_context *ctx, void *parent,
#      |                                         ~~~~~~~~~~~~~~~~~~~^~~
# 3916|   
# 3917|   static const char *
# 3918|-> request_prop_get_cert_location_nickname(struct cm_context *ctx, void *parent,
# 3919|   					void *record, const char *name)
# 3920|   {

Error: COMPILER_WARNING (CWE-563): [#def1133]
certmonger-0.79.21/src/tdbush.c:3918:71: warning[-Wunused-parameter]: unused parameter ‘parent’
# 3918 | request_prop_get_cert_location_nickname(struct cm_context *ctx, void *parent,
#      |                                                                 ~~~~~~^~~~~~
# 3916|   
# 3917|   static const char *
# 3918|-> request_prop_get_cert_location_nickname(struct cm_context *ctx, void *parent,
# 3919|   					void *record, const char *name)
# 3920|   {

Error: COMPILER_WARNING (CWE-563): [#def1134]
certmonger-0.79.21/src/tdbush.c:3919:67: warning[-Wunused-parameter]: unused parameter ‘name’
# 3919 |                                         void *record, const char *name)
#      |                                                       ~~~~~~~~~~~~^~~~
# 3917|   static const char *
# 3918|   request_prop_get_cert_location_nickname(struct cm_context *ctx, void *parent,
# 3919|-> 					void *record, const char *name)
# 3920|   {
# 3921|   	struct cm_store_entry *entry = record;

Error: COMPILER_WARNING (CWE-563): [#def1135]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_get_cert_location_token’
certmonger-0.79.21/src/tdbush.c:3933:57: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 3933 | request_prop_get_cert_location_token(struct cm_context *ctx, void *parent,
#      |                                      ~~~~~~~~~~~~~~~~~~~^~~
# 3931|   
# 3932|   static const char *
# 3933|-> request_prop_get_cert_location_token(struct cm_context *ctx, void *parent,
# 3934|   				     void *record, const char *name)
# 3935|   {

Error: COMPILER_WARNING (CWE-563): [#def1136]
certmonger-0.79.21/src/tdbush.c:3933:68: warning[-Wunused-parameter]: unused parameter ‘parent’
# 3933 | request_prop_get_cert_location_token(struct cm_context *ctx, void *parent,
#      |                                                              ~~~~~~^~~~~~
# 3931|   
# 3932|   static const char *
# 3933|-> request_prop_get_cert_location_token(struct cm_context *ctx, void *parent,
# 3934|   				     void *record, const char *name)
# 3935|   {

Error: COMPILER_WARNING (CWE-563): [#def1137]
certmonger-0.79.21/src/tdbush.c:3934:64: warning[-Wunused-parameter]: unused parameter ‘name’
# 3934 |                                      void *record, const char *name)
#      |                                                    ~~~~~~~~~~~~^~~~
# 3932|   static const char *
# 3933|   request_prop_get_cert_location_token(struct cm_context *ctx, void *parent,
# 3934|-> 				     void *record, const char *name)
# 3935|   {
# 3936|   	struct cm_store_entry *entry = record;

Error: COMPILER_WARNING (CWE-563): [#def1138]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_get_key_location_type’
certmonger-0.79.21/src/tdbush.c:3948:55: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 3948 | request_prop_get_key_location_type(struct cm_context *ctx, void *parent,
#      |                                    ~~~~~~~~~~~~~~~~~~~^~~
# 3946|   
# 3947|   static const char *
# 3948|-> request_prop_get_key_location_type(struct cm_context *ctx, void *parent,
# 3949|   				   void *record, const char *name)
# 3950|   {

Error: COMPILER_WARNING (CWE-563): [#def1139]
certmonger-0.79.21/src/tdbush.c:3948:66: warning[-Wunused-parameter]: unused parameter ‘parent’
# 3948 | request_prop_get_key_location_type(struct cm_context *ctx, void *parent,
#      |                                                            ~~~~~~^~~~~~
# 3946|   
# 3947|   static const char *
# 3948|-> request_prop_get_key_location_type(struct cm_context *ctx, void *parent,
# 3949|   				   void *record, const char *name)
# 3950|   {

Error: COMPILER_WARNING (CWE-563): [#def1140]
certmonger-0.79.21/src/tdbush.c:3949:62: warning[-Wunused-parameter]: unused parameter ‘name’
# 3949 |                                    void *record, const char *name)
#      |                                                  ~~~~~~~~~~~~^~~~
# 3947|   static const char *
# 3948|   request_prop_get_key_location_type(struct cm_context *ctx, void *parent,
# 3949|-> 				   void *record, const char *name)
# 3950|   {
# 3951|   	struct cm_store_entry *entry = record;

Error: COMPILER_WARNING (CWE-563): [#def1141]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_get_key_location_file’
certmonger-0.79.21/src/tdbush.c:3967:55: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 3967 | request_prop_get_key_location_file(struct cm_context *ctx, void *parent,
#      |                                    ~~~~~~~~~~~~~~~~~~~^~~
# 3965|   
# 3966|   static const char *
# 3967|-> request_prop_get_key_location_file(struct cm_context *ctx, void *parent,
# 3968|   				   void *record, const char *name)
# 3969|   {

Error: COMPILER_WARNING (CWE-563): [#def1142]
certmonger-0.79.21/src/tdbush.c:3967:66: warning[-Wunused-parameter]: unused parameter ‘parent’
# 3967 | request_prop_get_key_location_file(struct cm_context *ctx, void *parent,
#      |                                                            ~~~~~~^~~~~~
# 3965|   
# 3966|   static const char *
# 3967|-> request_prop_get_key_location_file(struct cm_context *ctx, void *parent,
# 3968|   				   void *record, const char *name)
# 3969|   {

Error: COMPILER_WARNING (CWE-563): [#def1143]
certmonger-0.79.21/src/tdbush.c:3968:62: warning[-Wunused-parameter]: unused parameter ‘name’
# 3968 |                                    void *record, const char *name)
#      |                                                  ~~~~~~~~~~~~^~~~
# 3966|   static const char *
# 3967|   request_prop_get_key_location_file(struct cm_context *ctx, void *parent,
# 3968|-> 				   void *record, const char *name)
# 3969|   {
# 3970|   	struct cm_store_entry *entry = record;

Error: COMPILER_WARNING (CWE-563): [#def1144]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_get_key_location_database’
certmonger-0.79.21/src/tdbush.c:3983:59: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 3983 | request_prop_get_key_location_database(struct cm_context *ctx, void *parent,
#      |                                        ~~~~~~~~~~~~~~~~~~~^~~
# 3981|   
# 3982|   static const char *
# 3983|-> request_prop_get_key_location_database(struct cm_context *ctx, void *parent,
# 3984|   				       void *record, const char *name)
# 3985|   {

Error: COMPILER_WARNING (CWE-563): [#def1145]
certmonger-0.79.21/src/tdbush.c:3983:70: warning[-Wunused-parameter]: unused parameter ‘parent’
# 3983 | request_prop_get_key_location_database(struct cm_context *ctx, void *parent,
#      |                                                                ~~~~~~^~~~~~
# 3981|   
# 3982|   static const char *
# 3983|-> request_prop_get_key_location_database(struct cm_context *ctx, void *parent,
# 3984|   				       void *record, const char *name)
# 3985|   {

Error: COMPILER_WARNING (CWE-563): [#def1146]
certmonger-0.79.21/src/tdbush.c:3984:66: warning[-Wunused-parameter]: unused parameter ‘name’
# 3984 |                                        void *record, const char *name)
#      |                                                      ~~~~~~~~~~~~^~~~
# 3982|   static const char *
# 3983|   request_prop_get_key_location_database(struct cm_context *ctx, void *parent,
# 3984|-> 				       void *record, const char *name)
# 3985|   {
# 3986|   	struct cm_store_entry *entry = record;

Error: COMPILER_WARNING (CWE-563): [#def1147]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_get_key_location_nickname’
certmonger-0.79.21/src/tdbush.c:3999:59: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 3999 | request_prop_get_key_location_nickname(struct cm_context *ctx, void *parent,
#      |                                        ~~~~~~~~~~~~~~~~~~~^~~
# 3997|   
# 3998|   static const char *
# 3999|-> request_prop_get_key_location_nickname(struct cm_context *ctx, void *parent,
# 4000|   				       void *record, const char *name)
# 4001|   {

Error: COMPILER_WARNING (CWE-563): [#def1148]
certmonger-0.79.21/src/tdbush.c:3999:70: warning[-Wunused-parameter]: unused parameter ‘parent’
# 3999 | request_prop_get_key_location_nickname(struct cm_context *ctx, void *parent,
#      |                                                                ~~~~~~^~~~~~
# 3997|   
# 3998|   static const char *
# 3999|-> request_prop_get_key_location_nickname(struct cm_context *ctx, void *parent,
# 4000|   				       void *record, const char *name)
# 4001|   {

Error: COMPILER_WARNING (CWE-563): [#def1149]
certmonger-0.79.21/src/tdbush.c:4000:66: warning[-Wunused-parameter]: unused parameter ‘name’
# 4000 |                                        void *record, const char *name)
#      |                                                      ~~~~~~~~~~~~^~~~
# 3998|   static const char *
# 3999|   request_prop_get_key_location_nickname(struct cm_context *ctx, void *parent,
# 4000|-> 				       void *record, const char *name)
# 4001|   {
# 4002|   	struct cm_store_entry *entry = record;

Error: COMPILER_WARNING (CWE-563): [#def1150]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_get_key_location_token’
certmonger-0.79.21/src/tdbush.c:4015:56: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 4015 | request_prop_get_key_location_token(struct cm_context *ctx, void *parent,
#      |                                     ~~~~~~~~~~~~~~~~~~~^~~
# 4013|   
# 4014|   static const char *
# 4015|-> request_prop_get_key_location_token(struct cm_context *ctx, void *parent,
# 4016|   				    void *record, const char *name)
# 4017|   {

Error: COMPILER_WARNING (CWE-563): [#def1151]
certmonger-0.79.21/src/tdbush.c:4015:67: warning[-Wunused-parameter]: unused parameter ‘parent’
# 4015 | request_prop_get_key_location_token(struct cm_context *ctx, void *parent,
#      |                                                             ~~~~~~^~~~~~
# 4013|   
# 4014|   static const char *
# 4015|-> request_prop_get_key_location_token(struct cm_context *ctx, void *parent,
# 4016|   				    void *record, const char *name)
# 4017|   {

Error: COMPILER_WARNING (CWE-563): [#def1152]
certmonger-0.79.21/src/tdbush.c:4016:63: warning[-Wunused-parameter]: unused parameter ‘name’
# 4016 |                                     void *record, const char *name)
#      |                                                   ~~~~~~~~~~~~^~~~
# 4014|   static const char *
# 4015|   request_prop_get_key_location_token(struct cm_context *ctx, void *parent,
# 4016|-> 				    void *record, const char *name)
# 4017|   {
# 4018|   	struct cm_store_entry *entry = record;

Error: COMPILER_WARNING (CWE-563): [#def1153]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_get_key_type’
certmonger-0.79.21/src/tdbush.c:4031:46: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 4031 | request_prop_get_key_type(struct cm_context *ctx, void *parent,
#      |                           ~~~~~~~~~~~~~~~~~~~^~~
# 4029|   
# 4030|   static const char *
# 4031|-> request_prop_get_key_type(struct cm_context *ctx, void *parent,
# 4032|   			  void *record, const char *name)
# 4033|   {

Error: COMPILER_WARNING (CWE-563): [#def1154]
certmonger-0.79.21/src/tdbush.c:4031:57: warning[-Wunused-parameter]: unused parameter ‘parent’
# 4031 | request_prop_get_key_type(struct cm_context *ctx, void *parent,
#      |                                                   ~~~~~~^~~~~~
# 4029|   
# 4030|   static const char *
# 4031|-> request_prop_get_key_type(struct cm_context *ctx, void *parent,
# 4032|   			  void *record, const char *name)
# 4033|   {

Error: COMPILER_WARNING (CWE-563): [#def1155]
certmonger-0.79.21/src/tdbush.c:4032:53: warning[-Wunused-parameter]: unused parameter ‘name’
# 4032 |                           void *record, const char *name)
#      |                                         ~~~~~~~~~~~~^~~~
# 4030|   static const char *
# 4031|   request_prop_get_key_type(struct cm_context *ctx, void *parent,
# 4032|-> 			  void *record, const char *name)
# 4033|   {
# 4034|   	struct cm_store_entry *entry = record;

Error: COMPILER_WARNING (CWE-563): [#def1156]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_get_key_size’
certmonger-0.79.21/src/tdbush.c:4057:46: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 4057 | request_prop_get_key_size(struct cm_context *ctx, void *parent,
#      |                           ~~~~~~~~~~~~~~~~~~~^~~
# 4055|   
# 4056|   static long
# 4057|-> request_prop_get_key_size(struct cm_context *ctx, void *parent,
# 4058|   			  void *record, const char *name)
# 4059|   {

Error: COMPILER_WARNING (CWE-563): [#def1157]
certmonger-0.79.21/src/tdbush.c:4057:57: warning[-Wunused-parameter]: unused parameter ‘parent’
# 4057 | request_prop_get_key_size(struct cm_context *ctx, void *parent,
#      |                                                   ~~~~~~^~~~~~
# 4055|   
# 4056|   static long
# 4057|-> request_prop_get_key_size(struct cm_context *ctx, void *parent,
# 4058|   			  void *record, const char *name)
# 4059|   {

Error: COMPILER_WARNING (CWE-563): [#def1158]
certmonger-0.79.21/src/tdbush.c:4058:53: warning[-Wunused-parameter]: unused parameter ‘name’
# 4058 |                           void *record, const char *name)
#      |                                         ~~~~~~~~~~~~^~~~
# 4056|   static long
# 4057|   request_prop_get_key_size(struct cm_context *ctx, void *parent,
# 4058|-> 			  void *record, const char *name)
# 4059|   {
# 4060|   	struct cm_store_entry *entry = record;

Error: COMPILER_WARNING (CWE-563): [#def1159]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_get_notification_type’
certmonger-0.79.21/src/tdbush.c:4081:55: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 4081 | request_prop_get_notification_type(struct cm_context *ctx, void *parent,
#      |                                    ~~~~~~~~~~~~~~~~~~~^~~
# 4079|   
# 4080|   static const char *
# 4081|-> request_prop_get_notification_type(struct cm_context *ctx, void *parent,
# 4082|   				   void *record, const char *name)
# 4083|   {

Error: COMPILER_WARNING (CWE-563): [#def1160]
certmonger-0.79.21/src/tdbush.c:4081:66: warning[-Wunused-parameter]: unused parameter ‘parent’
# 4081 | request_prop_get_notification_type(struct cm_context *ctx, void *parent,
#      |                                                            ~~~~~~^~~~~~
# 4079|   
# 4080|   static const char *
# 4081|-> request_prop_get_notification_type(struct cm_context *ctx, void *parent,
# 4082|   				   void *record, const char *name)
# 4083|   {

Error: COMPILER_WARNING (CWE-563): [#def1161]
certmonger-0.79.21/src/tdbush.c:4082:62: warning[-Wunused-parameter]: unused parameter ‘name’
# 4082 |                                    void *record, const char *name)
#      |                                                  ~~~~~~~~~~~~^~~~
# 4080|   static const char *
# 4081|   request_prop_get_notification_type(struct cm_context *ctx, void *parent,
# 4082|-> 				   void *record, const char *name)
# 4083|   {
# 4084|   	struct cm_store_entry *entry = record;

Error: COMPILER_WARNING (CWE-563): [#def1162]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_get_notification_syslog’
certmonger-0.79.21/src/tdbush.c:4107:57: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 4107 | request_prop_get_notification_syslog(struct cm_context *ctx, void *parent,
#      |                                      ~~~~~~~~~~~~~~~~~~~^~~
# 4105|   
# 4106|   static const char *
# 4107|-> request_prop_get_notification_syslog(struct cm_context *ctx, void *parent,
# 4108|   				     void *record, const char *name)
# 4109|   {

Error: COMPILER_WARNING (CWE-563): [#def1163]
certmonger-0.79.21/src/tdbush.c:4107:68: warning[-Wunused-parameter]: unused parameter ‘parent’
# 4107 | request_prop_get_notification_syslog(struct cm_context *ctx, void *parent,
#      |                                                              ~~~~~~^~~~~~
# 4105|   
# 4106|   static const char *
# 4107|-> request_prop_get_notification_syslog(struct cm_context *ctx, void *parent,
# 4108|   				     void *record, const char *name)
# 4109|   {

Error: COMPILER_WARNING (CWE-563): [#def1164]
certmonger-0.79.21/src/tdbush.c:4108:64: warning[-Wunused-parameter]: unused parameter ‘name’
# 4108 |                                      void *record, const char *name)
#      |                                                    ~~~~~~~~~~~~^~~~
# 4106|   static const char *
# 4107|   request_prop_get_notification_syslog(struct cm_context *ctx, void *parent,
# 4108|-> 				     void *record, const char *name)
# 4109|   {
# 4110|   	struct cm_store_entry *entry = record;

Error: COMPILER_WARNING (CWE-563): [#def1165]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_get_notification_email’
certmonger-0.79.21/src/tdbush.c:4127:56: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 4127 | request_prop_get_notification_email(struct cm_context *ctx, void *parent,
#      |                                     ~~~~~~~~~~~~~~~~~~~^~~
# 4125|   
# 4126|   static const char *
# 4127|-> request_prop_get_notification_email(struct cm_context *ctx, void *parent,
# 4128|   				    void *record, const char *name)
# 4129|   {

Error: COMPILER_WARNING (CWE-563): [#def1166]
certmonger-0.79.21/src/tdbush.c:4127:67: warning[-Wunused-parameter]: unused parameter ‘parent’
# 4127 | request_prop_get_notification_email(struct cm_context *ctx, void *parent,
#      |                                                             ~~~~~~^~~~~~
# 4125|   
# 4126|   static const char *
# 4127|-> request_prop_get_notification_email(struct cm_context *ctx, void *parent,
# 4128|   				    void *record, const char *name)
# 4129|   {

Error: COMPILER_WARNING (CWE-563): [#def1167]
certmonger-0.79.21/src/tdbush.c:4128:63: warning[-Wunused-parameter]: unused parameter ‘name’
# 4128 |                                     void *record, const char *name)
#      |                                                   ~~~~~~~~~~~~^~~~
# 4126|   static const char *
# 4127|   request_prop_get_notification_email(struct cm_context *ctx, void *parent,
# 4128|-> 				    void *record, const char *name)
# 4129|   {
# 4130|   	struct cm_store_entry *entry = record;

Error: COMPILER_WARNING (CWE-563): [#def1168]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_get_notification_command’
certmonger-0.79.21/src/tdbush.c:4147:58: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 4147 | request_prop_get_notification_command(struct cm_context *ctx, void *parent,
#      |                                       ~~~~~~~~~~~~~~~~~~~^~~
# 4145|   
# 4146|   static const char *
# 4147|-> request_prop_get_notification_command(struct cm_context *ctx, void *parent,
# 4148|   				      void *record, const char *name)
# 4149|   {

Error: COMPILER_WARNING (CWE-563): [#def1169]
certmonger-0.79.21/src/tdbush.c:4147:69: warning[-Wunused-parameter]: unused parameter ‘parent’
# 4147 | request_prop_get_notification_command(struct cm_context *ctx, void *parent,
#      |                                                               ~~~~~~^~~~~~
# 4145|   
# 4146|   static const char *
# 4147|-> request_prop_get_notification_command(struct cm_context *ctx, void *parent,
# 4148|   				      void *record, const char *name)
# 4149|   {

Error: COMPILER_WARNING (CWE-563): [#def1170]
certmonger-0.79.21/src/tdbush.c:4148:65: warning[-Wunused-parameter]: unused parameter ‘name’
# 4148 |                                       void *record, const char *name)
#      |                                                     ~~~~~~~~~~~~^~~~
# 4146|   static const char *
# 4147|   request_prop_get_notification_command(struct cm_context *ctx, void *parent,
# 4148|-> 				      void *record, const char *name)
# 4149|   {
# 4150|   	struct cm_store_entry *entry = record;

Error: COMPILER_WARNING (CWE-563): [#def1171]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_get_key_pin’
certmonger-0.79.21/src/tdbush.c:4167:45: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 4167 | request_prop_get_key_pin(struct cm_context *ctx, void *parent,
#      |                          ~~~~~~~~~~~~~~~~~~~^~~
# 4165|   
# 4166|   static const char *
# 4167|-> request_prop_get_key_pin(struct cm_context *ctx, void *parent,
# 4168|   			 void *record, const char *name)
# 4169|   {

Error: COMPILER_WARNING (CWE-563): [#def1172]
certmonger-0.79.21/src/tdbush.c:4167:56: warning[-Wunused-parameter]: unused parameter ‘parent’
# 4167 | request_prop_get_key_pin(struct cm_context *ctx, void *parent,
#      |                                                  ~~~~~~^~~~~~
# 4165|   
# 4166|   static const char *
# 4167|-> request_prop_get_key_pin(struct cm_context *ctx, void *parent,
# 4168|   			 void *record, const char *name)
# 4169|   {

Error: COMPILER_WARNING (CWE-563): [#def1173]
certmonger-0.79.21/src/tdbush.c:4168:52: warning[-Wunused-parameter]: unused parameter ‘name’
# 4168 |                          void *record, const char *name)
#      |                                        ~~~~~~~~~~~~^~~~
# 4166|   static const char *
# 4167|   request_prop_get_key_pin(struct cm_context *ctx, void *parent,
# 4168|-> 			 void *record, const char *name)
# 4169|   {
# 4170|   	struct cm_store_entry *entry = record;

Error: COMPILER_WARNING (CWE-563): [#def1174]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_set_key_pin’
certmonger-0.79.21/src/tdbush.c:4175:56: warning[-Wunused-parameter]: unused parameter ‘parent’
# 4175 | request_prop_set_key_pin(struct cm_context *ctx, void *parent,
#      |                                                  ~~~~~~^~~~~~
# 4173|   
# 4174|   static void
# 4175|-> request_prop_set_key_pin(struct cm_context *ctx, void *parent,
# 4176|   			 void *record, const char *name, const char *value)
# 4177|   {

Error: COMPILER_WARNING (CWE-563): [#def1175]
certmonger-0.79.21/src/tdbush.c:4176:52: warning[-Wunused-parameter]: unused parameter ‘name’
# 4176 |                          void *record, const char *name, const char *value)
#      |                                        ~~~~~~~~~~~~^~~~
# 4174|   static void
# 4175|   request_prop_set_key_pin(struct cm_context *ctx, void *parent,
# 4176|-> 			 void *record, const char *name, const char *value)
# 4177|   {
# 4178|   	struct cm_store_entry *entry = record;

Error: COMPILER_WARNING (CWE-563): [#def1176]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_get_key_pin_file’
certmonger-0.79.21/src/tdbush.c:4197:50: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 4197 | request_prop_get_key_pin_file(struct cm_context *ctx, void *parent,
#      |                               ~~~~~~~~~~~~~~~~~~~^~~
# 4195|   
# 4196|   static const char *
# 4197|-> request_prop_get_key_pin_file(struct cm_context *ctx, void *parent,
# 4198|   			      void *record, const char *name)
# 4199|   {

Error: COMPILER_WARNING (CWE-563): [#def1177]
certmonger-0.79.21/src/tdbush.c:4197:61: warning[-Wunused-parameter]: unused parameter ‘parent’
# 4197 | request_prop_get_key_pin_file(struct cm_context *ctx, void *parent,
#      |                                                       ~~~~~~^~~~~~
# 4195|   
# 4196|   static const char *
# 4197|-> request_prop_get_key_pin_file(struct cm_context *ctx, void *parent,
# 4198|   			      void *record, const char *name)
# 4199|   {

Error: COMPILER_WARNING (CWE-563): [#def1178]
certmonger-0.79.21/src/tdbush.c:4198:57: warning[-Wunused-parameter]: unused parameter ‘name’
# 4198 |                               void *record, const char *name)
#      |                                             ~~~~~~~~~~~~^~~~
# 4196|   static const char *
# 4197|   request_prop_get_key_pin_file(struct cm_context *ctx, void *parent,
# 4198|-> 			      void *record, const char *name)
# 4199|   {
# 4200|   	struct cm_store_entry *entry = record;

Error: COMPILER_WARNING (CWE-563): [#def1179]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_set_key_pin_file’
certmonger-0.79.21/src/tdbush.c:4205:61: warning[-Wunused-parameter]: unused parameter ‘parent’
# 4205 | request_prop_set_key_pin_file(struct cm_context *ctx, void *parent,
#      |                                                       ~~~~~~^~~~~~
# 4203|   
# 4204|   static void
# 4205|-> request_prop_set_key_pin_file(struct cm_context *ctx, void *parent,
# 4206|   			      void *record, const char *name, const char *value)
# 4207|   {

Error: COMPILER_WARNING (CWE-563): [#def1180]
certmonger-0.79.21/src/tdbush.c:4206:57: warning[-Wunused-parameter]: unused parameter ‘name’
# 4206 |                               void *record, const char *name, const char *value)
#      |                                             ~~~~~~~~~~~~^~~~
# 4204|   static void
# 4205|   request_prop_set_key_pin_file(struct cm_context *ctx, void *parent,
# 4206|-> 			      void *record, const char *name, const char *value)
# 4207|   {
# 4208|   	struct cm_store_entry *entry = record;

Error: COMPILER_WARNING (CWE-563): [#def1181]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_get_key_issued_count’
certmonger-0.79.21/src/tdbush.c:4227:54: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 4227 | request_prop_get_key_issued_count(struct cm_context *ctx, void *parent,
#      |                                   ~~~~~~~~~~~~~~~~~~~^~~
# 4225|   
# 4226|   static long
# 4227|-> request_prop_get_key_issued_count(struct cm_context *ctx, void *parent,
# 4228|   				  void *record, const char *name)
# 4229|   {

Error: COMPILER_WARNING (CWE-563): [#def1182]
certmonger-0.79.21/src/tdbush.c:4227:65: warning[-Wunused-parameter]: unused parameter ‘parent’
# 4227 | request_prop_get_key_issued_count(struct cm_context *ctx, void *parent,
#      |                                                           ~~~~~~^~~~~~
# 4225|   
# 4226|   static long
# 4227|-> request_prop_get_key_issued_count(struct cm_context *ctx, void *parent,
# 4228|   				  void *record, const char *name)
# 4229|   {

Error: COMPILER_WARNING (CWE-563): [#def1183]
certmonger-0.79.21/src/tdbush.c:4228:61: warning[-Wunused-parameter]: unused parameter ‘name’
# 4228 |                                   void *record, const char *name)
#      |                                                 ~~~~~~~~~~~~^~~~
# 4226|   static long
# 4227|   request_prop_get_key_issued_count(struct cm_context *ctx, void *parent,
# 4228|-> 				  void *record, const char *name)
# 4229|   {
# 4230|   	struct cm_store_entry *entry = record;

Error: COMPILER_WARNING (CWE-563): [#def1184]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_get_challenge_password’
certmonger-0.79.21/src/tdbush.c:4235:56: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 4235 | request_prop_get_challenge_password(struct cm_context *ctx, void *parent,
#      |                                     ~~~~~~~~~~~~~~~~~~~^~~
# 4233|   
# 4234|   static const char *
# 4235|-> request_prop_get_challenge_password(struct cm_context *ctx, void *parent,
# 4236|   				    void *record, const char *name)
# 4237|   {

Error: COMPILER_WARNING (CWE-563): [#def1185]
certmonger-0.79.21/src/tdbush.c:4235:67: warning[-Wunused-parameter]: unused parameter ‘parent’
# 4235 | request_prop_get_challenge_password(struct cm_context *ctx, void *parent,
#      |                                                             ~~~~~~^~~~~~
# 4233|   
# 4234|   static const char *
# 4235|-> request_prop_get_challenge_password(struct cm_context *ctx, void *parent,
# 4236|   				    void *record, const char *name)
# 4237|   {

Error: COMPILER_WARNING (CWE-563): [#def1186]
certmonger-0.79.21/src/tdbush.c:4236:63: warning[-Wunused-parameter]: unused parameter ‘name’
# 4236 |                                     void *record, const char *name)
#      |                                                   ~~~~~~~~~~~~^~~~
# 4234|   static const char *
# 4235|   request_prop_get_challenge_password(struct cm_context *ctx, void *parent,
# 4236|-> 				    void *record, const char *name)
# 4237|   {
# 4238|   	struct cm_store_entry *entry = record;

Error: COMPILER_WARNING (CWE-563): [#def1187]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_set_challenge_password’
certmonger-0.79.21/src/tdbush.c:4244:67: warning[-Wunused-parameter]: unused parameter ‘parent’
# 4244 | request_prop_set_challenge_password(struct cm_context *ctx, void *parent,
#      |                                                             ~~~~~~^~~~~~
# 4242|   
# 4243|   static void
# 4244|-> request_prop_set_challenge_password(struct cm_context *ctx, void *parent,
# 4245|   				    void *record, const char *name,
# 4246|   				    const char *value)

Error: COMPILER_WARNING (CWE-563): [#def1188]
certmonger-0.79.21/src/tdbush.c:4245:63: warning[-Wunused-parameter]: unused parameter ‘name’
# 4245 |                                     void *record, const char *name,
#      |                                                   ~~~~~~~~~~~~^~~~
# 4243|   static void
# 4244|   request_prop_set_challenge_password(struct cm_context *ctx, void *parent,
# 4245|-> 				    void *record, const char *name,
# 4246|   				    const char *value)
# 4247|   {

Error: COMPILER_WARNING (CWE-563): [#def1189]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_get_challenge_password_file’
certmonger-0.79.21/src/tdbush.c:4267:61: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 4267 | request_prop_get_challenge_password_file(struct cm_context *ctx,
#      |                                          ~~~~~~~~~~~~~~~~~~~^~~
# 4265|   
# 4266|   static const char *
# 4267|-> request_prop_get_challenge_password_file(struct cm_context *ctx,
# 4268|   					 void *parent,
# 4269|   					 void *record, const char *name)

Error: COMPILER_WARNING (CWE-563): [#def1190]
certmonger-0.79.21/src/tdbush.c:4268:48: warning[-Wunused-parameter]: unused parameter ‘parent’
# 4268 |                                          void *parent,
#      |                                          ~~~~~~^~~~~~
# 4266|   static const char *
# 4267|   request_prop_get_challenge_password_file(struct cm_context *ctx,
# 4268|-> 					 void *parent,
# 4269|   					 void *record, const char *name)
# 4270|   {

Error: COMPILER_WARNING (CWE-563): [#def1191]
certmonger-0.79.21/src/tdbush.c:4269:68: warning[-Wunused-parameter]: unused parameter ‘name’
# 4269 |                                          void *record, const char *name)
#      |                                                        ~~~~~~~~~~~~^~~~
# 4267|   request_prop_get_challenge_password_file(struct cm_context *ctx,
# 4268|   					 void *parent,
# 4269|-> 					 void *record, const char *name)
# 4270|   {
# 4271|   	struct cm_store_entry *entry = record;

Error: COMPILER_WARNING (CWE-563): [#def1192]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_set_challenge_password_file’
certmonger-0.79.21/src/tdbush.c:4278:48: warning[-Wunused-parameter]: unused parameter ‘parent’
# 4278 |                                          void *parent,
#      |                                          ~~~~~~^~~~~~
# 4276|   static void
# 4277|   request_prop_set_challenge_password_file(struct cm_context *ctx,
# 4278|-> 					 void *parent,
# 4279|   					 void *record, const char *name,
# 4280|   					 const char *value)

Error: COMPILER_WARNING (CWE-563): [#def1193]
certmonger-0.79.21/src/tdbush.c:4279:68: warning[-Wunused-parameter]: unused parameter ‘name’
# 4279 |                                          void *record, const char *name,
#      |                                                        ~~~~~~~~~~~~^~~~
# 4277|   request_prop_set_challenge_password_file(struct cm_context *ctx,
# 4278|   					 void *parent,
# 4279|-> 					 void *record, const char *name,
# 4280|   					 const char *value)
# 4281|   {

Error: COMPILER_WARNING (CWE-563): [#def1194]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_get_status’
certmonger-0.79.21/src/tdbush.c:4301:44: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 4301 | request_prop_get_status(struct cm_context *ctx, void *parent,
#      |                         ~~~~~~~~~~~~~~~~~~~^~~
# 4299|   
# 4300|   static const char *
# 4301|-> request_prop_get_status(struct cm_context *ctx, void *parent,
# 4302|   			void *record, const char *name)
# 4303|   {

Error: COMPILER_WARNING (CWE-563): [#def1195]
certmonger-0.79.21/src/tdbush.c:4301:55: warning[-Wunused-parameter]: unused parameter ‘parent’
# 4301 | request_prop_get_status(struct cm_context *ctx, void *parent,
#      |                                                 ~~~~~~^~~~~~
# 4299|   
# 4300|   static const char *
# 4301|-> request_prop_get_status(struct cm_context *ctx, void *parent,
# 4302|   			void *record, const char *name)
# 4303|   {

Error: COMPILER_WARNING (CWE-563): [#def1196]
certmonger-0.79.21/src/tdbush.c:4302:51: warning[-Wunused-parameter]: unused parameter ‘name’
# 4302 |                         void *record, const char *name)
#      |                                       ~~~~~~~~~~~~^~~~
# 4300|   static const char *
# 4301|   request_prop_get_status(struct cm_context *ctx, void *parent,
# 4302|-> 			void *record, const char *name)
# 4303|   {
# 4304|   	struct cm_store_entry *entry = record;

Error: COMPILER_WARNING (CWE-563): [#def1197]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_get_stuck’
certmonger-0.79.21/src/tdbush.c:4309:43: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 4309 | request_prop_get_stuck(struct cm_context *ctx, void *parent,
#      |                        ~~~~~~~~~~~~~~~~~~~^~~
# 4307|   
# 4308|   static dbus_bool_t
# 4309|-> request_prop_get_stuck(struct cm_context *ctx, void *parent,
# 4310|   		       void *record, const char *name)
# 4311|   {

Error: COMPILER_WARNING (CWE-563): [#def1198]
certmonger-0.79.21/src/tdbush.c:4309:54: warning[-Wunused-parameter]: unused parameter ‘parent’
# 4309 | request_prop_get_stuck(struct cm_context *ctx, void *parent,
#      |                                                ~~~~~~^~~~~~
# 4307|   
# 4308|   static dbus_bool_t
# 4309|-> request_prop_get_stuck(struct cm_context *ctx, void *parent,
# 4310|   		       void *record, const char *name)
# 4311|   {

Error: COMPILER_WARNING (CWE-563): [#def1199]
certmonger-0.79.21/src/tdbush.c:4310:50: warning[-Wunused-parameter]: unused parameter ‘name’
# 4310 |                        void *record, const char *name)
#      |                                      ~~~~~~~~~~~~^~~~
# 4308|   static dbus_bool_t
# 4309|   request_prop_get_stuck(struct cm_context *ctx, void *parent,
# 4310|-> 		       void *record, const char *name)
# 4311|   {
# 4312|   	struct cm_store_entry *entry = record;

Error: COMPILER_WARNING (CWE-563): [#def1200]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_get_ca’
certmonger-0.79.21/src/tdbush.c:4397:47: warning[-Wunused-parameter]: unused parameter ‘name’
# 4397 |                     void *record, const char *name)
#      |                                   ~~~~~~~~~~~~^~~~
# 4395|   static const char *
# 4396|   request_prop_get_ca(struct cm_context *ctx, void *parent,
# 4397|-> 		    void *record, const char *name)
# 4398|   {
# 4399|   	struct cm_store_entry *entry = record;

Error: COMPILER_WARNING (CWE-563): [#def1201]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_get_template_is_ca’
certmonger-0.79.21/src/tdbush.c:4413:52: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 4413 | request_prop_get_template_is_ca(struct cm_context *ctx, void *parent,
#      |                                 ~~~~~~~~~~~~~~~~~~~^~~
# 4411|   
# 4412|   static dbus_bool_t
# 4413|-> request_prop_get_template_is_ca(struct cm_context *ctx, void *parent,
# 4414|   				void *record, const char *name)
# 4415|   {

Error: COMPILER_WARNING (CWE-563): [#def1202]
certmonger-0.79.21/src/tdbush.c:4413:63: warning[-Wunused-parameter]: unused parameter ‘parent’
# 4413 | request_prop_get_template_is_ca(struct cm_context *ctx, void *parent,
#      |                                                         ~~~~~~^~~~~~
# 4411|   
# 4412|   static dbus_bool_t
# 4413|-> request_prop_get_template_is_ca(struct cm_context *ctx, void *parent,
# 4414|   				void *record, const char *name)
# 4415|   {

Error: COMPILER_WARNING (CWE-563): [#def1203]
certmonger-0.79.21/src/tdbush.c:4414:59: warning[-Wunused-parameter]: unused parameter ‘name’
# 4414 |                                 void *record, const char *name)
#      |                                               ~~~~~~~~~~~~^~~~
# 4412|   static dbus_bool_t
# 4413|   request_prop_get_template_is_ca(struct cm_context *ctx, void *parent,
# 4414|-> 				void *record, const char *name)
# 4415|   {
# 4416|   	struct cm_store_entry *entry = record;

Error: COMPILER_WARNING (CWE-563): [#def1204]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘request_prop_get_template_ca_path_length’
certmonger-0.79.21/src/tdbush.c:4421:61: warning[-Wunused-parameter]: unused parameter ‘ctx’
# 4421 | request_prop_get_template_ca_path_length(struct cm_context *ctx, void *parent,
#      |                                          ~~~~~~~~~~~~~~~~~~~^~~
# 4419|   
# 4420|   static long
# 4421|-> request_prop_get_template_ca_path_length(struct cm_context *ctx, void *parent,
# 4422|   					 void *record, const char *name)
# 4423|   {

Error: COMPILER_WARNING (CWE-563): [#def1205]
certmonger-0.79.21/src/tdbush.c:4421:72: warning[-Wunused-parameter]: unused parameter ‘parent’
# 4421 | request_prop_get_template_ca_path_length(struct cm_context *ctx, void *parent,
#      |                                                                  ~~~~~~^~~~~~
# 4419|   
# 4420|   static long
# 4421|-> request_prop_get_template_ca_path_length(struct cm_context *ctx, void *parent,
# 4422|   					 void *record, const char *name)
# 4423|   {

Error: COMPILER_WARNING (CWE-563): [#def1206]
certmonger-0.79.21/src/tdbush.c:4422:68: warning[-Wunused-parameter]: unused parameter ‘name’
# 4422 |                                          void *record, const char *name)
#      |                                                        ~~~~~~~~~~~~^~~~
# 4420|   static long
# 4421|   request_prop_get_template_ca_path_length(struct cm_context *ctx, void *parent,
# 4422|-> 					 void *record, const char *name)
# 4423|   {
# 4424|   	struct cm_store_entry *entry = record;

Error: COMPILER_WARNING (CWE-563): [#def1207]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘cm_tdbush_introspect’
certmonger-0.79.21/src/tdbush.c:5032:45: warning[-Wunused-parameter]: unused parameter ‘ci’
# 5032 |                      struct cm_client_info *ci,
#      |                      ~~~~~~~~~~~~~~~~~~~~~~~^~
# 5030|   cm_tdbush_introspect(DBusConnection *conn,
# 5031|   		     DBusMessage *msg,
# 5032|-> 		     struct cm_client_info *ci,
# 5033|   		     struct cm_context *ctx)
# 5034|   {

Error: COMPILER_WARNING (CWE-563): [#def1208]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘cm_tdbush_property_get’
certmonger-0.79.21/src/tdbush.c:5186:47: warning[-Wunused-parameter]: unused parameter ‘ci’
# 5186 |                        struct cm_client_info *ci,
#      |                        ~~~~~~~~~~~~~~~~~~~~~~~^~
# 5184|   cm_tdbush_property_get(DBusConnection *conn,
# 5185|   		       DBusMessage *msg,
# 5186|-> 		       struct cm_client_info *ci,
# 5187|   		       struct cm_context *ctx)
# 5188|   {

Error: COMPILER_WARNING (CWE-563): [#def1209]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘cm_tdbush_property_set’
certmonger-0.79.21/src/tdbush.c:5446:47: warning[-Wunused-parameter]: unused parameter ‘ci’
# 5446 |                        struct cm_client_info *ci,
#      |                        ~~~~~~~~~~~~~~~~~~~~~~~^~
# 5444|   cm_tdbush_property_set(DBusConnection *conn,
# 5445|   		       DBusMessage *msg,
# 5446|-> 		       struct cm_client_info *ci,
# 5447|   		       struct cm_context *ctx)
# 5448|   {

Error: COMPILER_WARNING (CWE-563): [#def1210]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘cm_tdbush_property_get_all’
certmonger-0.79.21/src/tdbush.c:6281:51: warning[-Wunused-parameter]: unused parameter ‘ci’
# 6281 |                            struct cm_client_info *ci,
#      |                            ~~~~~~~~~~~~~~~~~~~~~~~^~
# 6279|   cm_tdbush_property_get_all(DBusConnection *conn,
# 6280|   			   DBusMessage *msg,
# 6281|-> 			   struct cm_client_info *ci,
# 6282|   			   struct cm_context *ctx)
# 6283|   {

Error: COMPILER_WARNING (CWE-563): [#def1211]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘cm_tdbush_property_emit_entry_changes’
certmonger-0.79.21/src/tdbush.c:6314:62: warning[-Wunused-parameter]: unused parameter ‘new_entry’
# 6314 |                                       struct cm_store_entry *new_entry)
#      |                                       ~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~
# 6312|   cm_tdbush_property_emit_entry_changes(struct cm_context *ctx,
# 6313|   				      struct cm_store_entry *old_entry,
# 6314|-> 				      struct cm_store_entry *new_entry)
# 6315|   {
# 6316|   	char *path;

Error: COMPILER_WARNING (CWE-563): [#def1212]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘cm_tdbush_property_emit_ca_changes’
certmonger-0.79.21/src/tdbush.c:6366:56: warning[-Wunused-parameter]: unused parameter ‘new_ca’
# 6366 |                                    struct cm_store_ca *new_ca)
#      |                                    ~~~~~~~~~~~~~~~~~~~~^~~~~~
# 6364|   cm_tdbush_property_emit_ca_changes(struct cm_context *ctx,
# 6365|   				   struct cm_store_ca *old_ca,
# 6366|-> 				   struct cm_store_ca *new_ca)
# 6367|   {
# 6368|   	char *path;

Error: COMPILER_WARNING (CWE-563): [#def1213]
certmonger-0.79.21/src/tdbush.c: scope_hint: In function ‘cm_tdbush_handle_method_return’
certmonger-0.79.21/src/tdbush.c:8167:51: warning[-Wunused-parameter]: unused parameter ‘bus’
# 8167 |                                enum cm_tdbus_type bus, struct cm_context *ctx)
#      |                                ~~~~~~~~~~~~~~~~~~~^~~
# 8165|   DBusHandlerResult
# 8166|   cm_tdbush_handle_method_return(DBusConnection *conn, DBusMessage *msg,
# 8167|-> 			       enum cm_tdbus_type bus, struct cm_context *ctx)
# 8168|   {
# 8169|   	struct cm_tdbush_pending_call **p, *call = NULL, *next = NULL;

Error: COMPILER_WARNING (CWE-1164): [#def1214]
certmonger-0.79.21/src/tdbusm-check.c:542:1: warning[-Wunused-function]: ‘get_sssnasasasnasn’ defined but not used
#  542 | get_sssnasasasnasn(DBusMessage *rep, int msgid)
#      | ^~~~~~~~~~~~~~~~~~
#  540|   }
#  541|   static int
#  542|-> get_sssnasasasnasn(DBusMessage *rep, int msgid)
#  543|   {
#  544|   	int ret, i;

Error: COMPILER_WARNING (CWE-563): [#def1215]
certmonger-0.79.21/src/tdbusm.c: scope_hint: In function ‘cm_tdbusm_get_b’
certmonger-0.79.21/src/tdbusm.c:90:41: warning[-Wunused-parameter]: unused parameter ‘parent’
#   90 | cm_tdbusm_get_b(DBusMessage *msg, void *parent, dbus_bool_t *b)
#      |                                   ~~~~~~^~~~~~
#   88|   
#   89|   int
#   90|-> cm_tdbusm_get_b(DBusMessage *msg, void *parent, dbus_bool_t *b)
#   91|   {
#   92|   	DBusError err;

Error: COMPILER_WARNING (CWE-563): [#def1216]
certmonger-0.79.21/src/tdbusm.c: scope_hint: In function ‘cm_tdbusm_get_n’
certmonger-0.79.21/src/tdbusm.c:108:41: warning[-Wunused-parameter]: unused parameter ‘parent’
#  108 | cm_tdbusm_get_n(DBusMessage *msg, void *parent, long *n)
#      |                                   ~~~~~~^~~~~~
#  106|   
#  107|   int
#  108|-> cm_tdbusm_get_n(DBusMessage *msg, void *parent, long *n)
#  109|   {
#  110|   	DBusError err;

Error: COMPILER_WARNING (CWE-563): [#def1217]
certmonger-0.79.21/src/tdbusm.c: scope_hint: In function ‘cm_tdbusm_get_vn’
certmonger-0.79.21/src/tdbusm.c:222:42: warning[-Wunused-parameter]: unused parameter ‘parent’
#  222 | cm_tdbusm_get_vn(DBusMessage *msg, void *parent, long *n)
#      |                                    ~~~~~~^~~~~~
#  220|   
#  221|   int
#  222|-> cm_tdbusm_get_vn(DBusMessage *msg, void *parent, long *n)
#  223|   {
#  224|   	DBusError err;

Error: COMPILER_WARNING (CWE-563): [#def1218]
certmonger-0.79.21/src/tdbusm.c: scope_hint: In function ‘cm_tdbusm_get_d_value’
certmonger-0.79.21/src/tdbusm.c:1152:52: warning[-Wunused-parameter]: unused parameter ‘parent’
# 1152 | cm_tdbusm_get_d_value(DBusMessageIter *item, void *parent,
#      |                                              ~~~~~~^~~~~~
# 1150|   
# 1151|   static struct cm_tdbusm_dict *
# 1152|-> cm_tdbusm_get_d_value(DBusMessageIter *item, void *parent,
# 1153|   		      struct cm_tdbusm_dict *dict)
# 1154|   {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1219]
certmonger-0.79.21/src/tdbusm.c:2139:17: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/tdbusm.c:1769:1: enter_function: entry to ‘cm_tdbusm_set_ssvs’
certmonger-0.79.21/src/tdbusm.c:1780:13: acquire_memory: allocated here
certmonger-0.79.21/src/tdbusm.c:1783:9: call_function: calling ‘cm_tdbusm_append_d_value’ from ‘cm_tdbusm_set_ssvs’
# 2137|   		break;
# 2138|   	case cm_tdbusm_dict_s:
# 2139|-> 		dbus_message_iter_open_container(args,
# 2140|   						 DBUS_TYPE_VARIANT,
# 2141|   						 DBUS_TYPE_STRING_AS_STRING,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1220]
certmonger-0.79.21/src/tdbusm.c:2143:17: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/src/tdbusm.c:1769:1: enter_function: entry to ‘cm_tdbusm_set_ssvs’
certmonger-0.79.21/src/tdbusm.c:1780:13: acquire_memory: allocated here
certmonger-0.79.21/src/tdbusm.c:1783:9: call_function: calling ‘cm_tdbusm_append_d_value’ from ‘cm_tdbusm_set_ssvs’
# 2141|   						 DBUS_TYPE_STRING_AS_STRING,
# 2142|   						 &val);
# 2143|-> 		dbus_message_iter_append_basic(&val,
# 2144|   					       DBUS_TYPE_STRING,
# 2145|   					       &value->s);

Error: COMPILER_WARNING (CWE-563): [#def1221]
certmonger-0.79.21/src/tdbusm.c: scope_hint: In function ‘cm_tdbusm_hint’
certmonger-0.79.21/src/tdbusm.c:2337:22: warning[-Wunused-parameter]: unused parameter ‘parent’
# 2337 | cm_tdbusm_hint(void *parent, const char *error, const char *message)
#      |                ~~~~~~^~~~~~
# 2335|   
# 2336|   char *
# 2337|-> cm_tdbusm_hint(void *parent, const char *error, const char *message)
# 2338|   {
# 2339|   	char *text = NULL;

Error: COMPILER_WARNING (CWE-563): [#def1222]
certmonger-0.79.21/src/tdbusm.c:2337:61: warning[-Wunused-parameter]: unused parameter ‘message’
# 2337 | cm_tdbusm_hint(void *parent, const char *error, const char *message)
#      |                                                 ~~~~~~~~~~~~^~~~~~~
# 2335|   
# 2336|   char *
# 2337|-> cm_tdbusm_hint(void *parent, const char *error, const char *message)
# 2338|   {
# 2339|   	char *text = NULL;

Error: COMPILER_WARNING (CWE-563): [#def1223]
certmonger-0.79.21/src/util-ipa.c: scope_hint: In function ‘get_error_message’
certmonger-0.79.21/src/util-ipa.c:59:32: warning[-Wunused-parameter]: unused parameter ‘ctx’
#   59 | get_error_message(krb5_context ctx, krb5_error_code kcode)
#      |                   ~~~~~~~~~~~~~^~~
#   57|   
#   58|   const char *
#   59|-> get_error_message(krb5_context ctx, krb5_error_code kcode)
#   60|   {
#   61|   	const char *ret;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def1224]
certmonger-0.79.21/src/util-n.c:68:33: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen("/proc/sys/crypto/fips_enabled", "r")’
certmonger-0.79.21/src/util-n.c:62:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/util-n.c:64:22: branch_true: ...to here
certmonger-0.79.21/src/util-n.c:64:22: acquire_resource: opened here
certmonger-0.79.21/src/util-n.c:65:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/util-n.c:66:29: branch_true: ...to here
certmonger-0.79.21/src/util-n.c:66:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/util-n.c:67:37: branch_true: ...to here
certmonger-0.79.21/src/util-n.c:68:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/util-n.c:68:33: danger: ‘fopen("/proc/sys/crypto/fips_enabled", "r")’ leaks here; was opened at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   66|   			if (fgets(buf, sizeof(buf), fp) != NULL) {
#   67|   				buf[strcspn(buf, "\r\n")] = '\0';
#   68|-> 				cm_log(4, "Read value \"%s\" from \"%s\".\n",
#   69|   				       buf, NODE);
#   70|   				if (strlen(buf) > 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1225]
certmonger-0.79.21/src/util-n.c:68:33: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen("/proc/sys/crypto/fips_enabled", "r")’
certmonger-0.79.21/src/util-n.c:62:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/util-n.c:64:22: branch_true: ...to here
certmonger-0.79.21/src/util-n.c:64:22: acquire_memory: allocated here
certmonger-0.79.21/src/util-n.c:65:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/util-n.c:66:29: branch_true: ...to here
certmonger-0.79.21/src/util-n.c:66:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/util-n.c:67:37: branch_true: ...to here
certmonger-0.79.21/src/util-n.c:68:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/util-n.c:68:33: danger: ‘fopen("/proc/sys/crypto/fips_enabled", "r")’ leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#   66|   			if (fgets(buf, sizeof(buf), fp) != NULL) {
#   67|   				buf[strcspn(buf, "\r\n")] = '\0';
#   68|-> 				cm_log(4, "Read value \"%s\" from \"%s\".\n",
#   69|   				       buf, NODE);
#   70|   				if (strlen(buf) > 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1226]
certmonger-0.79.21/src/util-n.c:158:14: warning[-Wanalyzer-malloc-leak]: leak of ‘pathname’
certmonger-0.79.21/src/util-n.c:150:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:153:27: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:153:20: acquire_memory: allocated here
certmonger-0.79.21/src/util-n.c:154:12: branch_false: following ‘false’ branch (when ‘pathname’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:157:9: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:158:14: throw: if ‘open’ throws an exception...
certmonger-0.79.21/src/util-n.c:158:14: danger: ‘pathname’ leaks here; was allocated at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#  156|   	}
#  157|   	sprintf(pathname, "%s/%s", dbdir, filename);
#  158|-> 	fd = open(pathname, O_RDWR);
#  159|   	if (fd == -1) {
#  160|   		free(pathname);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def1227]
certmonger-0.79.21/src/util-n.c:164:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(pathname, 2)’
certmonger-0.79.21/src/util-n.c:150:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:153:27: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:154:12: branch_false: following ‘false’ branch (when ‘pathname’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:157:9: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:158:14: acquire_resource: opened here
certmonger-0.79.21/src/util-n.c:159:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:163:14: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:164:17: danger: ‘open(pathname, 2)’ leaks here; was opened at [(5)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/4)
#  162|   	}
#  163|   	if ((lstat(pathname, &before) == -1) || !S_ISREG(before.st_mode)) {
#  164|-> 		close(fd);
#  165|   		free(pathname);
#  166|   		return;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1228]
certmonger-0.79.21/src/util-n.c:164:17: warning[-Wanalyzer-malloc-leak]: leak of ‘pathname’
certmonger-0.79.21/src/util-n.c:150:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:153:27: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:153:20: acquire_memory: allocated here
certmonger-0.79.21/src/util-n.c:154:12: branch_false: following ‘false’ branch (when ‘pathname’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:157:9: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:159:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:163:14: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:164:17: throw: if ‘close’ throws an exception...
certmonger-0.79.21/src/util-n.c:164:17: danger: ‘pathname’ leaks here; was allocated at [(3)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/2)
#  162|   	}
#  163|   	if ((lstat(pathname, &before) == -1) || !S_ISREG(before.st_mode)) {
#  164|-> 		close(fd);
#  165|   		free(pathname);
#  166|   		return;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1229]
certmonger-0.79.21/src/util-n.c:169:17: warning[-Wanalyzer-malloc-leak]: leak of ‘pathname’
certmonger-0.79.21/src/util-n.c:150:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:153:27: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:153:20: acquire_memory: allocated here
certmonger-0.79.21/src/util-n.c:154:12: branch_false: following ‘false’ branch (when ‘pathname’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:157:9: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:159:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:163:14: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:163:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:169:17: throw: if ‘close’ throws an exception...
certmonger-0.79.21/src/util-n.c:169:17: danger: ‘pathname’ leaks here; was allocated at [(3)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/2)
#  167|   	}
#  168|   	if ((fstat(fd, &st) == -1) || !S_ISREG(st.st_mode)) {
#  169|-> 		close(fd);
#  170|   		free(pathname);
#  171|   		return;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1230]
certmonger-0.79.21/src/util-n.c:175:17: warning[-Wanalyzer-malloc-leak]: leak of ‘pathname’
certmonger-0.79.21/src/util-n.c:150:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:153:27: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:153:20: acquire_memory: allocated here
certmonger-0.79.21/src/util-n.c:154:12: branch_false: following ‘false’ branch (when ‘pathname’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:157:9: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:159:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:163:14: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:163:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:168:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:175:17: throw: if ‘close’ throws an exception...
certmonger-0.79.21/src/util-n.c:175:17: danger: ‘pathname’ leaks here; was allocated at [(3)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/2)
#  173|   	if ((st.st_dev != before.st_dev) ||
#  174|   	    (st.st_ino != before.st_ino)) {
#  175|-> 		close(fd);
#  176|   		free(pathname);
#  177|   		return;

Error: CPPCHECK_WARNING (CWE-476): [#def1231]
certmonger-0.79.21/src/util-n.c:181: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: user
#  179|   	if (owner != NULL) {
#  180|   		user = strdup(owner);
#  181|-> 		group = strchr(user, ':');
#  182|   		if (group != NULL) {
#  183|   			*group++ = '\0';

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1232]
certmonger-0.79.21/src/util-n.c:188:23: warning[-Wanalyzer-malloc-leak]: leak of ‘pathname’
certmonger-0.79.21/src/util-n.c:150:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:153:27: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:153:20: acquire_memory: allocated here
certmonger-0.79.21/src/util-n.c:154:12: branch_false: following ‘false’ branch (when ‘pathname’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:157:9: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:159:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:163:14: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:163:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:168:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:173:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:174:14: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:173:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:179:12: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:179:12: branch_true: following ‘true’ branch (when ‘owner’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:180:24: branch_true: ...to here
certmonger-0.79.21/src/util-n.c:182:20: branch_false: following ‘false’ branch (when ‘group’ is NULL)...
certmonger-0.79.21/src/util-n.c:182:20: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:188:23: throw: if ‘getpwnam’ throws an exception...
certmonger-0.79.21/src/util-n.c:188:23: danger: ‘pathname’ leaks here; was allocated at [(3)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/2)
#  186|   			}
#  187|   		}
#  188|-> 		pwd = getpwnam(user);
#  189|   		if (pwd == NULL) {
#  190|   			cm_log(1, "Error looking up user \"%s\", "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1233]
certmonger-0.79.21/src/util-n.c:188:23: warning[-Wanalyzer-malloc-leak]: leak of ‘user’
certmonger-0.79.21/src/util-n.c:150:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:153:27: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:154:12: branch_false: following ‘false’ branch (when ‘pathname’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:157:9: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:159:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:163:14: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:163:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:168:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:173:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:174:14: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:173:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:179:12: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:179:12: branch_true: following ‘true’ branch (when ‘owner’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:180:24: branch_true: ...to here
certmonger-0.79.21/src/util-n.c:180:24: acquire_memory: allocated here
certmonger-0.79.21/src/util-n.c:182:20: branch_false: following ‘false’ branch (when ‘group’ is NULL)...
certmonger-0.79.21/src/util-n.c:182:20: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:188:23: throw: if ‘getpwnam’ throws an exception...
certmonger-0.79.21/src/util-n.c:188:23: danger: ‘user’ leaks here; was allocated at [(17)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/16)
#  186|   			}
#  187|   		}
#  188|-> 		pwd = getpwnam(user);
#  189|   		if (pwd == NULL) {
#  190|   			cm_log(1, "Error looking up user \"%s\", "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1234]
certmonger-0.79.21/src/util-n.c:190:25: warning[-Wanalyzer-malloc-leak]: leak of ‘pathname’
certmonger-0.79.21/src/util-n.c:150:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:153:27: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:153:20: acquire_memory: allocated here
certmonger-0.79.21/src/util-n.c:154:12: branch_false: following ‘false’ branch (when ‘pathname’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:157:9: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:159:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:163:14: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:163:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:168:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:173:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:174:14: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:173:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:179:12: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:179:12: branch_true: following ‘true’ branch (when ‘owner’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:180:24: branch_true: ...to here
certmonger-0.79.21/src/util-n.c:182:20: branch_false: following ‘false’ branch (when ‘group’ is NULL)...
certmonger-0.79.21/src/util-n.c:182:20: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:189:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/util-n.c:190:25: branch_true: ...to here
certmonger-0.79.21/src/util-n.c:190:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/util-n.c:190:25: danger: ‘pathname’ leaks here; was allocated at [(3)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/2)
#  188|   		pwd = getpwnam(user);
#  189|   		if (pwd == NULL) {
#  190|-> 			cm_log(1, "Error looking up user \"%s\", "
#  191|   			       "not setting ownership of \"%s\".\n",
#  192|   			       user, pathname);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1235]
certmonger-0.79.21/src/util-n.c:190:25: warning[-Wanalyzer-malloc-leak]: leak of ‘user’
certmonger-0.79.21/src/util-n.c:150:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:153:27: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:154:12: branch_false: following ‘false’ branch (when ‘pathname’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:157:9: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:159:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:163:14: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:163:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:168:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:173:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:174:14: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:173:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:179:12: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:179:12: branch_true: following ‘true’ branch (when ‘owner’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:180:24: branch_true: ...to here
certmonger-0.79.21/src/util-n.c:180:24: acquire_memory: allocated here
certmonger-0.79.21/src/util-n.c:182:20: branch_false: following ‘false’ branch (when ‘group’ is NULL)...
certmonger-0.79.21/src/util-n.c:182:20: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:189:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/util-n.c:190:25: branch_true: ...to here
certmonger-0.79.21/src/util-n.c:190:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/util-n.c:190:25: danger: ‘user’ leaks here; was allocated at [(17)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/16)
#  188|   		pwd = getpwnam(user);
#  189|   		if (pwd == NULL) {
#  190|-> 			cm_log(1, "Error looking up user \"%s\", "
#  191|   			       "not setting ownership of \"%s\".\n",
#  192|   			       user, pathname);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1236]
certmonger-0.79.21/src/util-n.c:197:39: warning[-Wanalyzer-malloc-leak]: leak of ‘pathname’
certmonger-0.79.21/src/util-n.c:150:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:153:27: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:153:20: acquire_memory: allocated here
certmonger-0.79.21/src/util-n.c:154:12: branch_false: following ‘false’ branch (when ‘pathname’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:157:9: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:159:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:163:14: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:163:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:168:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:173:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:174:14: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:173:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:179:12: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:179:12: branch_true: following ‘true’ branch (when ‘owner’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:180:24: branch_true: ...to here
certmonger-0.79.21/src/util-n.c:182:20: branch_true: following ‘true’ branch (when ‘group’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:183:26: branch_true: ...to here
certmonger-0.79.21/src/util-n.c:184:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:188:23: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:189:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:194:25: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:196:28: branch_true: following ‘true’ branch (when ‘group’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:197:39: branch_true: ...to here
certmonger-0.79.21/src/util-n.c:197:39: throw: if ‘getgrnam’ throws an exception...
certmonger-0.79.21/src/util-n.c:197:39: danger: ‘pathname’ leaks here; was allocated at [(3)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/2)
#  195|   			gid = pwd->pw_gid;
#  196|   			if (group != NULL) {
#  197|-> 				grp = getgrnam(group);
#  198|   				if (grp != NULL) {
#  199|   					gid = grp->gr_gid;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1237]
certmonger-0.79.21/src/util-n.c:197:39: warning[-Wanalyzer-malloc-leak]: leak of ‘user’
certmonger-0.79.21/src/util-n.c:150:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:153:27: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:154:12: branch_false: following ‘false’ branch (when ‘pathname’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:157:9: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:159:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:163:14: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:163:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:168:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:173:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:174:14: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:173:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:179:12: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:179:12: branch_true: following ‘true’ branch (when ‘owner’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:180:24: branch_true: ...to here
certmonger-0.79.21/src/util-n.c:180:24: acquire_memory: allocated here
certmonger-0.79.21/src/util-n.c:182:20: branch_true: following ‘true’ branch (when ‘group’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:183:26: branch_true: ...to here
certmonger-0.79.21/src/util-n.c:184:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:188:23: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:189:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:194:25: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:196:28: branch_true: following ‘true’ branch (when ‘group’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:197:39: branch_true: ...to here
certmonger-0.79.21/src/util-n.c:197:39: throw: if ‘getgrnam’ throws an exception...
certmonger-0.79.21/src/util-n.c:197:39: danger: ‘user’ leaks here; was allocated at [(17)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/16)
#  195|   			gid = pwd->pw_gid;
#  196|   			if (group != NULL) {
#  197|-> 				grp = getgrnam(group);
#  198|   				if (grp != NULL) {
#  199|   					gid = grp->gr_gid;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1238]
certmonger-0.79.21/src/util-n.c:201:41: warning[-Wanalyzer-malloc-leak]: leak of ‘pathname’
certmonger-0.79.21/src/util-n.c:150:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:153:27: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:153:20: acquire_memory: allocated here
certmonger-0.79.21/src/util-n.c:154:12: branch_false: following ‘false’ branch (when ‘pathname’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:157:9: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:159:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:163:14: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:163:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:168:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:173:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:174:14: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:173:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:179:12: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:179:12: branch_true: following ‘true’ branch (when ‘owner’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:180:24: branch_true: ...to here
certmonger-0.79.21/src/util-n.c:182:20: branch_true: following ‘true’ branch (when ‘group’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:183:26: branch_true: ...to here
certmonger-0.79.21/src/util-n.c:184:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:188:23: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:189:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:194:25: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:196:28: branch_true: following ‘true’ branch (when ‘group’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:197:39: branch_true: ...to here
certmonger-0.79.21/src/util-n.c:198:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:201:41: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:201:41: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/util-n.c:201:41: danger: ‘pathname’ leaks here; was allocated at [(3)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/2)
#  199|   					gid = grp->gr_gid;
#  200|   				} else {
#  201|-> 					cm_log(1, "Error looking up group "
#  202|   					       "\"%s\", setting group of \"%s\""
#  203|   					       " to primary group of \"%s\".\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1239]
certmonger-0.79.21/src/util-n.c:201:41: warning[-Wanalyzer-malloc-leak]: leak of ‘user’
certmonger-0.79.21/src/util-n.c:150:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:153:27: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:154:12: branch_false: following ‘false’ branch (when ‘pathname’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:157:9: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:159:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:163:14: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:163:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:168:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:173:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:174:14: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:173:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:179:12: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:179:12: branch_true: following ‘true’ branch (when ‘owner’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:180:24: branch_true: ...to here
certmonger-0.79.21/src/util-n.c:180:24: acquire_memory: allocated here
certmonger-0.79.21/src/util-n.c:182:20: branch_true: following ‘true’ branch (when ‘group’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:183:26: branch_true: ...to here
certmonger-0.79.21/src/util-n.c:184:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:188:23: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:189:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:194:25: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:196:28: branch_true: following ‘true’ branch (when ‘group’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:197:39: branch_true: ...to here
certmonger-0.79.21/src/util-n.c:198:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:201:41: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:201:41: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/util-n.c:201:41: danger: ‘user’ leaks here; was allocated at [(17)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/16)
#  199|   					gid = grp->gr_gid;
#  200|   				} else {
#  201|-> 					cm_log(1, "Error looking up group "
#  202|   					       "\"%s\", setting group of \"%s\""
#  203|   					       " to primary group of \"%s\".\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1240]
certmonger-0.79.21/src/util-n.c:208:33: warning[-Wanalyzer-malloc-leak]: leak of ‘pathname’
certmonger-0.79.21/src/util-n.c:150:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:153:27: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:153:20: acquire_memory: allocated here
certmonger-0.79.21/src/util-n.c:154:12: branch_false: following ‘false’ branch (when ‘pathname’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:157:9: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:159:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:163:14: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:163:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:168:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:173:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:174:14: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:173:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:179:12: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:179:12: branch_true: following ‘true’ branch (when ‘owner’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:180:24: branch_true: ...to here
certmonger-0.79.21/src/util-n.c:182:20: branch_false: following ‘false’ branch (when ‘group’ is NULL)...
certmonger-0.79.21/src/util-n.c:182:20: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:189:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:194:25: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:196:28: branch_false: following ‘false’ branch (when ‘group’ is NULL)...
certmonger-0.79.21/src/util-n.c:207:29: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:207:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/util-n.c:210:59: branch_true: ...to here
certmonger-0.79.21/src/util-n.c:208:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/util-n.c:208:33: danger: ‘pathname’ leaks here; was allocated at [(3)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/2)
#  206|   			}
#  207|   			if (fchown(fd, uid, gid) == -1) {
#  208|-> 				cm_log(1, "Error setting ownership on "
#  209|   				       "file \"%s\": %s.  Continuing\n",
#  210|   				       pathname, strerror(errno));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1241]
certmonger-0.79.21/src/util-n.c:208:33: warning[-Wanalyzer-malloc-leak]: leak of ‘user’
certmonger-0.79.21/src/util-n.c:150:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:153:27: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:154:12: branch_false: following ‘false’ branch (when ‘pathname’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:157:9: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:159:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:163:14: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:163:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:168:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:173:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:174:14: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:173:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:179:12: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:179:12: branch_true: following ‘true’ branch (when ‘owner’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:180:24: branch_true: ...to here
certmonger-0.79.21/src/util-n.c:180:24: acquire_memory: allocated here
certmonger-0.79.21/src/util-n.c:182:20: branch_false: following ‘false’ branch (when ‘group’ is NULL)...
certmonger-0.79.21/src/util-n.c:182:20: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:189:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:194:25: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:196:28: branch_false: following ‘false’ branch (when ‘group’ is NULL)...
certmonger-0.79.21/src/util-n.c:207:29: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:207:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/util-n.c:210:59: branch_true: ...to here
certmonger-0.79.21/src/util-n.c:208:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/util-n.c:208:33: danger: ‘user’ leaks here; was allocated at [(17)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/16)
#  206|   			}
#  207|   			if (fchown(fd, uid, gid) == -1) {
#  208|-> 				cm_log(1, "Error setting ownership on "
#  209|   				       "file \"%s\": %s.  Continuing\n",
#  210|   				       pathname, strerror(errno));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1242]
certmonger-0.79.21/src/util-n.c:217:25: warning[-Wanalyzer-malloc-leak]: leak of ‘pathname’
certmonger-0.79.21/src/util-n.c:150:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:153:27: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:153:20: acquire_memory: allocated here
certmonger-0.79.21/src/util-n.c:154:12: branch_false: following ‘false’ branch (when ‘pathname’ is non-NULL)...
certmonger-0.79.21/src/util-n.c:157:9: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:159:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:163:14: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:163:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:168:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:173:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:174:14: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:173:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-n.c:179:12: branch_false: ...to here
certmonger-0.79.21/src/util-n.c:215:12: branch_true: following ‘true’ branch (when ‘perms != 0’)...
certmonger-0.79.21/src/util-n.c:216:21: branch_true: ...to here
certmonger-0.79.21/src/util-n.c:216:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/util-n.c:219:51: branch_true: ...to here
certmonger-0.79.21/src/util-n.c:217:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/util-n.c:217:25: danger: ‘pathname’ leaks here; was allocated at [(3)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/2)
#  215|   	if (perms != 0) {
#  216|   		if (fchmod(fd, perms) == -1) {
#  217|-> 			cm_log(1, "Error setting permissions on "
#  218|   			       "file \"%s\": %s.  Continuing\n",
#  219|   			       pathname, strerror(errno));

Error: CPPCHECK_WARNING (CWE-476): [#def1243]
certmonger-0.79.21/src/util-o.c:103: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: user
#  101|   	if (owner != NULL) {
#  102|   		user = strdup(owner);
#  103|-> 		group = strchr(user, ':');
#  104|   		if (group != NULL) {
#  105|   			*group++ = '\0';

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1244]
certmonger-0.79.21/src/util-o.c:110:23: warning[-Wanalyzer-malloc-leak]: leak of ‘user’
certmonger-0.79.21/src/util-o.c:98:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:101:12: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:101:12: branch_true: following ‘true’ branch (when ‘owner’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:102:24: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:102:24: acquire_memory: allocated here
certmonger-0.79.21/src/util-o.c:104:20: branch_false: following ‘false’ branch (when ‘group’ is NULL)...
certmonger-0.79.21/src/util-o.c:104:20: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:110:23: throw: if ‘getpwnam’ throws an exception...
certmonger-0.79.21/src/util-o.c:110:23: danger: ‘user’ leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  108|   			}
#  109|   		}
#  110|-> 		pwd = getpwnam(user);
#  111|   		if (pwd == NULL) {
#  112|   			cm_log(1, "Error looking up user \"%s\", "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1245]
certmonger-0.79.21/src/util-o.c:112:25: warning[-Wanalyzer-malloc-leak]: leak of ‘user’
certmonger-0.79.21/src/util-o.c:98:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:101:12: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:101:12: branch_true: following ‘true’ branch (when ‘owner’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:102:24: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:102:24: acquire_memory: allocated here
certmonger-0.79.21/src/util-o.c:104:20: branch_false: following ‘false’ branch (when ‘group’ is NULL)...
certmonger-0.79.21/src/util-o.c:104:20: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:111:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/util-o.c:112:25: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:112:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/util-o.c:112:25: danger: ‘user’ leaks here; was allocated at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
#  110|   		pwd = getpwnam(user);
#  111|   		if (pwd == NULL) {
#  112|-> 			cm_log(1, "Error looking up user \"%s\", "
#  113|   			       "not setting ownership of \"%s\".\n",
#  114|   			       user, filename);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1246]
certmonger-0.79.21/src/util-o.c:119:39: warning[-Wanalyzer-malloc-leak]: leak of ‘user’
certmonger-0.79.21/src/util-o.c:98:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:101:12: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:101:12: branch_true: following ‘true’ branch (when ‘owner’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:102:24: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:102:24: acquire_memory: allocated here
certmonger-0.79.21/src/util-o.c:104:20: branch_true: following ‘true’ branch (when ‘group’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:105:26: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:106:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-o.c:110:23: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:111:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-o.c:116:25: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:118:28: branch_true: following ‘true’ branch (when ‘group’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:119:39: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:119:39: throw: if ‘getgrnam’ throws an exception...
certmonger-0.79.21/src/util-o.c:119:39: danger: ‘user’ leaks here; was allocated at [(5)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/4)
#  117|   			gid = pwd->pw_gid;
#  118|   			if (group != NULL) {
#  119|-> 				grp = getgrnam(group);
#  120|   				if (grp != NULL) {
#  121|   					gid = grp->gr_gid;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1247]
certmonger-0.79.21/src/util-o.c:123:41: warning[-Wanalyzer-malloc-leak]: leak of ‘user’
certmonger-0.79.21/src/util-o.c:98:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:101:12: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:101:12: branch_true: following ‘true’ branch (when ‘owner’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:102:24: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:102:24: acquire_memory: allocated here
certmonger-0.79.21/src/util-o.c:104:20: branch_true: following ‘true’ branch (when ‘group’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:105:26: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:106:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-o.c:110:23: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:111:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-o.c:116:25: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:118:28: branch_true: following ‘true’ branch (when ‘group’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:119:39: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:120:36: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-o.c:123:41: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:123:41: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/util-o.c:123:41: danger: ‘user’ leaks here; was allocated at [(5)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/4)
#  121|   					gid = grp->gr_gid;
#  122|   				} else {
#  123|-> 					cm_log(1, "Error looking up group "
#  124|   					       "\"%s\", setting group of \"%s\""
#  125|   					       " to primary group of \"%s\".\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1248]
certmonger-0.79.21/src/util-o.c:130:33: warning[-Wanalyzer-malloc-leak]: leak of ‘user’
certmonger-0.79.21/src/util-o.c:98:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:101:12: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:101:12: branch_true: following ‘true’ branch (when ‘owner’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:102:24: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:102:24: acquire_memory: allocated here
certmonger-0.79.21/src/util-o.c:104:20: branch_false: following ‘false’ branch (when ‘group’ is NULL)...
certmonger-0.79.21/src/util-o.c:104:20: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:111:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-o.c:116:25: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:118:28: branch_false: following ‘false’ branch (when ‘group’ is NULL)...
certmonger-0.79.21/src/util-o.c:129:29: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:129:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/util-o.c:132:59: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:130:33: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/util-o.c:130:33: danger: ‘user’ leaks here; was allocated at [(5)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/4)
#  128|   			}
#  129|   			if (fchown(fd, uid, gid) == -1) {
#  130|-> 				cm_log(1, "Error setting ownership on "
#  131|   				       "file \"%s\": %s.  Continuing\n",
#  132|   				       filename, strerror(errno));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1249]
certmonger-0.79.21/src/util-o.c:294:21: warning[-Wanalyzer-malloc-leak]: leak of ‘pp’
certmonger-0.79.21/src/util-o.c:291:13: acquire_memory: allocated here
certmonger-0.79.21/src/util-o.c:292:12: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:293:17: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:294:21: throw: if ‘i2d_ASN1_TIME’ throws an exception...
certmonger-0.79.21/src/util-o.c:294:21: danger: ‘pp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/0)
#  292|   	if (p != NULL) {
#  293|   		pp = p;
#  294|-> 		if (i2d_ASN1_TIME(t, &pp) < 0) {
#  295|   			free(p);
#  296|   			return NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1250]
certmonger-0.79.21/src/util-o.c:572:15: warning[-Wanalyzer-malloc-leak]: leak of ‘q’
certmonger-0.79.21/src/util-o.c:563:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-o.c:567:17: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:567:17: acquire_memory: allocated here
certmonger-0.79.21/src/util-o.c:568:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-o.c:572:15: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:572:15: throw: if the called function throws an exception...
certmonger-0.79.21/src/util-o.c:572:15: danger: ‘q’ leaks here; was allocated at [(3)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/2)
#  570|   		return NULL;
#  571|   	}
#  572|-> 	len = i2d(pkey, &q);
#  573|   	if (len != l) {
#  574|   		cm_log(1, "Unexpected error copying key.");

Error: CPPCHECK_WARNING (CWE-562): [#def1251]
certmonger-0.79.21/src/util-o.c:587: error[returnDanglingLifetime]: Returning pointer to local variable 'd' that will be invalid when returning.
#  585|   		return NULL;
#  586|   	}
#  587|-> 	return k;
#  588|   }
#  589|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1252]
certmonger-0.79.21/src/util-o.c:610:22: warning[-Wanalyzer-malloc-leak]: leak of ‘buffer’
certmonger-0.79.21/src/util-o.c:632:1: enter_function: entry to ‘validate_pem’
certmonger-0.79.21/src/util-o.c:646:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-o.c:651:13: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:651:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-o.c:657:13: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:657:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-o.c:663:25: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:663:18: acquire_memory: allocated here
certmonger-0.79.21/src/util-o.c:664:12: branch_false: following ‘false’ branch (when ‘buffer’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:664:12: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:686:12: branch_false: following ‘false’ branch (when ‘s’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:691:9: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:696:16: branch_true: following ‘true’ branch (when ‘sp’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:697:22: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:698:20: branch_true: following ‘true’ branch (when ‘sq’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:699:25: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:706:28: branch_false: following ‘false’ branch (when ‘p’ is NULL)...
certmonger-0.79.21/src/util-o.c:713:29: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:714:28: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:715:33: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:717:32: branch_false: following ‘false’ branch (when ‘p’ is NULL)...
certmonger-0.79.21/src/util-o.c:717:32: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:720:32: branch_false: following ‘false’ branch (when ‘p’ is NULL)...
certmonger-0.79.21/src/util-o.c:723:25: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:724:32: call_function: calling ‘decode_base64’ from ‘validate_pem’
#  608|   	expected_len = 3 * length / 4;
#  609|   	output = calloc(expected_len + 1, 1);
#  610|-> 	output_len = EVP_DecodeBlock(output, input, length);
#  611|   
#  612|   	if (output_len < 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1253]
certmonger-0.79.21/src/util-o.c:610:22: warning[-Wanalyzer-malloc-leak]: leak of ‘output’
certmonger-0.79.21/src/util-o.c:609:18: acquire_memory: allocated here
certmonger-0.79.21/src/util-o.c:610:22: throw: if ‘EVP_DecodeBlock’ throws an exception...
certmonger-0.79.21/src/util-o.c:610:22: danger: ‘output’ leaks here; was allocated at [(1)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/0)
#  608|   	expected_len = 3 * length / 4;
#  609|   	output = calloc(expected_len + 1, 1);
#  610|-> 	output_len = EVP_DecodeBlock(output, input, length);
#  611|   
#  612|   	if (output_len < 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1254]
certmonger-0.79.21/src/util-o.c:610:22: warning[-Wanalyzer-malloc-leak]: leak of ‘sp’
certmonger-0.79.21/src/util-o.c:632:1: enter_function: entry to ‘validate_pem’
certmonger-0.79.21/src/util-o.c:646:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-o.c:651:13: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:651:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-o.c:657:13: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:657:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-o.c:663:25: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:664:12: branch_false: following ‘false’ branch (when ‘buffer’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:664:12: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:685:13: acquire_memory: allocated here
certmonger-0.79.21/src/util-o.c:686:12: branch_false: following ‘false’ branch (when ‘s’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:691:9: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:696:16: branch_true: following ‘true’ branch (when ‘sp’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:697:22: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:698:20: branch_true: following ‘true’ branch (when ‘sq’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:699:25: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:706:28: branch_false: following ‘false’ branch (when ‘p’ is NULL)...
certmonger-0.79.21/src/util-o.c:713:29: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:714:28: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:715:33: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:717:32: branch_false: following ‘false’ branch (when ‘p’ is NULL)...
certmonger-0.79.21/src/util-o.c:717:32: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:720:32: branch_false: following ‘false’ branch (when ‘p’ is NULL)...
certmonger-0.79.21/src/util-o.c:723:25: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:724:32: call_function: calling ‘decode_base64’ from ‘validate_pem’
#  608|   	expected_len = 3 * length / 4;
#  609|   	output = calloc(expected_len + 1, 1);
#  610|-> 	output_len = EVP_DecodeBlock(output, input, length);
#  611|   
#  612|   	if (output_len < 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1255]
certmonger-0.79.21/src/util-o.c:610:22: warning[-Wanalyzer-malloc-leak]: leak of ‘s’
certmonger-0.79.21/src/util-o.c:632:1: enter_function: entry to ‘validate_pem’
certmonger-0.79.21/src/util-o.c:646:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-o.c:651:13: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:651:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-o.c:657:13: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:657:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-o.c:663:25: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:664:12: branch_false: following ‘false’ branch (when ‘buffer’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:664:12: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:685:13: acquire_memory: allocated here
certmonger-0.79.21/src/util-o.c:686:12: branch_false: following ‘false’ branch (when ‘s’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:691:9: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:696:16: branch_true: following ‘true’ branch (when ‘sp’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:697:22: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:698:20: branch_true: following ‘true’ branch (when ‘sq’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:699:25: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:706:28: branch_false: following ‘false’ branch (when ‘p’ is NULL)...
certmonger-0.79.21/src/util-o.c:713:29: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:714:28: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:715:33: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:717:32: branch_false: following ‘false’ branch (when ‘p’ is NULL)...
certmonger-0.79.21/src/util-o.c:717:32: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:720:32: branch_false: following ‘false’ branch (when ‘p’ is NULL)...
certmonger-0.79.21/src/util-o.c:723:25: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:724:32: call_function: calling ‘decode_base64’ from ‘validate_pem’
certmonger-0.79.21/src/util-o.c:724:32: return_function: returning to ‘validate_pem’ from ‘decode_base64’
certmonger-0.79.21/src/util-o.c:725:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-o.c:725:28: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:696:16: branch_true: following ‘true’ branch (when ‘sp’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:697:22: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:698:20: branch_true: following ‘true’ branch (when ‘sq’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:699:25: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:706:28: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:707:38: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:714:28: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:715:33: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:717:32: branch_false: following ‘false’ branch (when ‘p’ is NULL)...
certmonger-0.79.21/src/util-o.c:717:32: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:720:32: branch_false: following ‘false’ branch (when ‘p’ is NULL)...
certmonger-0.79.21/src/util-o.c:723:25: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:724:32: call_function: calling ‘decode_base64’ from ‘validate_pem’
#  608|   	expected_len = 3 * length / 4;
#  609|   	output = calloc(expected_len + 1, 1);
#  610|-> 	output_len = EVP_DecodeBlock(output, input, length);
#  611|   
#  612|   	if (output_len < 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1256]
certmonger-0.79.21/src/util-o.c:610:22: warning[-Wanalyzer-malloc-leak]: leak of ‘tmp1’
certmonger-0.79.21/src/util-o.c:632:1: enter_function: entry to ‘validate_pem’
certmonger-0.79.21/src/util-o.c:646:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-o.c:651:13: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:651:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-o.c:657:13: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:657:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-o.c:663:25: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:664:12: branch_false: following ‘false’ branch (when ‘buffer’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:664:12: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:686:12: branch_false: following ‘false’ branch (when ‘s’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:691:9: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:696:16: branch_true: following ‘true’ branch (when ‘sp’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:697:22: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:698:20: branch_true: following ‘true’ branch (when ‘sq’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:699:25: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:704:32: acquire_memory: allocated here
certmonger-0.79.21/src/util-o.c:706:28: branch_false: following ‘false’ branch (when ‘p’ is NULL)...
certmonger-0.79.21/src/util-o.c:713:29: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:714:28: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:715:33: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:717:32: branch_false: following ‘false’ branch (when ‘p’ is NULL)...
certmonger-0.79.21/src/util-o.c:717:32: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:720:32: branch_false: following ‘false’ branch (when ‘p’ is NULL)...
certmonger-0.79.21/src/util-o.c:723:25: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:724:32: call_function: calling ‘decode_base64’ from ‘validate_pem’
#  608|   	expected_len = 3 * length / 4;
#  609|   	output = calloc(expected_len + 1, 1);
#  610|-> 	output_len = EVP_DecodeBlock(output, input, length);
#  611|   
#  612|   	if (output_len < 0) {

Error: COMPILER_WARNING (CWE-563): [#def1257]
certmonger-0.79.21/src/util-o.c: scope_hint: In function ‘validate_pem’
certmonger-0.79.21/src/util-o.c:632:20: warning[-Wunused-parameter]: unused parameter ‘parent’
#  632 | validate_pem(void *parent, const char *path)
#      |              ~~~~~~^~~~~~
#  630|   
#  631|   int
#  632|-> validate_pem(void *parent, const char *path)
#  633|   {
#  634|   	char *p;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1258]
certmonger-0.79.21/src/util-o.c:725:28: warning[-Wanalyzer-malloc-leak]: leak of ‘tmp1’
certmonger-0.79.21/src/util-o.c:632:1: enter_function: entry to ‘validate_pem’
certmonger-0.79.21/src/util-o.c:646:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-o.c:651:13: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:651:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-o.c:657:13: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:657:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-o.c:663:25: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:664:12: branch_false: following ‘false’ branch (when ‘buffer’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:664:12: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:686:12: branch_false: following ‘false’ branch (when ‘s’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:691:9: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:696:16: branch_true: following ‘true’ branch (when ‘sp’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:697:22: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:698:20: branch_true: following ‘true’ branch (when ‘sq’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:699:25: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:704:32: acquire_memory: allocated here
certmonger-0.79.21/src/util-o.c:706:28: branch_false: following ‘false’ branch (when ‘p’ is NULL)...
certmonger-0.79.21/src/util-o.c:713:29: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:714:28: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:715:33: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:717:32: branch_false: following ‘false’ branch (when ‘p’ is NULL)...
certmonger-0.79.21/src/util-o.c:717:32: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:720:32: branch_false: following ‘false’ branch (when ‘p’ is NULL)...
certmonger-0.79.21/src/util-o.c:723:25: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:724:32: call_function: calling ‘decode_base64’ from ‘validate_pem’
certmonger-0.79.21/src/util-o.c:724:32: return_function: returning to ‘validate_pem’ from ‘decode_base64’
certmonger-0.79.21/src/util-o.c:725:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-o.c:725:28: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:696:16: branch_true: following ‘true’ branch (when ‘sp’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:697:22: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:698:20: branch_true: following ‘true’ branch (when ‘sq’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:699:25: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:706:28: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:707:38: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:714:28: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/util-o.c:715:33: branch_true: ...to here
certmonger-0.79.21/src/util-o.c:717:32: branch_false: following ‘false’ branch (when ‘p’ is NULL)...
certmonger-0.79.21/src/util-o.c:717:32: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:720:32: branch_false: following ‘false’ branch (when ‘p’ is NULL)...
certmonger-0.79.21/src/util-o.c:723:25: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:724:32: call_function: calling ‘decode_base64’ from ‘validate_pem’
certmonger-0.79.21/src/util-o.c:724:32: return_function: returning to ‘validate_pem’ from ‘decode_base64’
certmonger-0.79.21/src/util-o.c:725:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util-o.c:725:28: branch_false: ...to here
certmonger-0.79.21/src/util-o.c:725:28: danger: ‘tmp1’ leaks here; was allocated at [(18)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/17)
#  723|   			length = 0;
#  724|   			tmp2 = decode_base64((unsigned char *)tmp1, strlen(tmp1), &length);
#  725|-> 			if (length < 0) {
#  726|   				ret = -1;
#  727|   				goto done;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1259]
certmonger-0.79.21/src/util.c:85:13: warning[-Wanalyzer-malloc-leak]: leak of ‘data’
certmonger-0.79.21/src/util.c:55:8: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util.c:63:9: branch_false: ...to here
certmonger-0.79.21/src/util.c:63:8: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util.c:69:12: branch_false: ...to here
certmonger-0.79.21/src/util.c:70:12: acquire_memory: allocated here
certmonger-0.79.21/src/util.c:71:8: branch_false: following ‘false’ branch (when ‘data’ is non-NULL)...
certmonger-0.79.21/src/util.c:71:8: branch_false: ...to here
certmonger-0.79.21/src/util.c:78:12: branch_true: following ‘true’ branch (when ‘left != 0’)...
certmonger-0.79.21/src/util.c:81:15: branch_true: ...to here
certmonger-0.79.21/src/util.c:82:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util.c:84:12: branch_false: ...to here
certmonger-0.79.21/src/util.c:84:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util.c:91:14: branch_false: ...to here
certmonger-0.79.21/src/util.c:78:12: branch_true: following ‘true’ branch (when ‘left != 0’)...
certmonger-0.79.21/src/util.c:81:15: branch_true: ...to here
certmonger-0.79.21/src/util.c:82:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util.c:84:12: branch_false: ...to here
certmonger-0.79.21/src/util.c:85:13: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/util.c:85:13: danger: ‘data’ leaks here; was allocated at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
#   83|               break;
#   84|           if (res < 0) {
#   85|->             cm_log(1, "Read error reading \"%s\": %s\n", filename,
#   86|   	           strerror(errno));
#   87|               close(fd);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1260]
certmonger-0.79.21/src/util.c:85:13: warning[-Wanalyzer-malloc-leak]: leak of ‘dest’
certmonger-0.79.21/src/util.c:55:8: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util.c:63:9: branch_false: ...to here
certmonger-0.79.21/src/util.c:63:8: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util.c:69:12: branch_false: ...to here
certmonger-0.79.21/src/util.c:70:12: acquire_memory: allocated here
certmonger-0.79.21/src/util.c:71:8: branch_false: following ‘false’ branch (when ‘data’ is non-NULL)...
certmonger-0.79.21/src/util.c:71:8: branch_false: ...to here
certmonger-0.79.21/src/util.c:78:12: branch_true: following ‘true’ branch (when ‘left != 0’)...
certmonger-0.79.21/src/util.c:81:15: branch_true: ...to here
certmonger-0.79.21/src/util.c:82:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util.c:84:12: branch_false: ...to here
certmonger-0.79.21/src/util.c:84:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/util.c:86:29: branch_true: ...to here
certmonger-0.79.21/src/util.c:85:13: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/src/util.c:85:13: danger: ‘dest’ leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#   83|               break;
#   84|           if (res < 0) {
#   85|->             cm_log(1, "Read error reading \"%s\": %s\n", filename,
#   86|   	           strerror(errno));
#   87|               close(fd);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1261]
certmonger-0.79.21/src/util.c:87:13: warning[-Wanalyzer-malloc-leak]: leak of ‘data’
certmonger-0.79.21/src/util.c:55:8: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util.c:63:9: branch_false: ...to here
certmonger-0.79.21/src/util.c:63:8: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util.c:69:12: branch_false: ...to here
certmonger-0.79.21/src/util.c:70:12: acquire_memory: allocated here
certmonger-0.79.21/src/util.c:71:8: branch_false: following ‘false’ branch (when ‘data’ is non-NULL)...
certmonger-0.79.21/src/util.c:71:8: branch_false: ...to here
certmonger-0.79.21/src/util.c:78:12: branch_true: following ‘true’ branch (when ‘left != 0’)...
certmonger-0.79.21/src/util.c:81:15: branch_true: ...to here
certmonger-0.79.21/src/util.c:82:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util.c:84:12: branch_false: ...to here
certmonger-0.79.21/src/util.c:84:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util.c:91:14: branch_false: ...to here
certmonger-0.79.21/src/util.c:78:12: branch_true: following ‘true’ branch (when ‘left != 0’)...
certmonger-0.79.21/src/util.c:81:15: branch_true: ...to here
certmonger-0.79.21/src/util.c:82:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util.c:84:12: branch_false: ...to here
certmonger-0.79.21/src/util.c:87:13: throw: if ‘close’ throws an exception...
certmonger-0.79.21/src/util.c:87:13: danger: ‘data’ leaks here; was allocated at [(5)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/4)
#   85|               cm_log(1, "Read error reading \"%s\": %s\n", filename,
#   86|   	           strerror(errno));
#   87|->             close(fd);
#   88|               free(dest);
#   89|               return NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1262]
certmonger-0.79.21/src/util.c:87:13: warning[-Wanalyzer-malloc-leak]: leak of ‘dest’
certmonger-0.79.21/src/util.c:55:8: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util.c:63:9: branch_false: ...to here
certmonger-0.79.21/src/util.c:63:8: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util.c:69:12: branch_false: ...to here
certmonger-0.79.21/src/util.c:70:12: acquire_memory: allocated here
certmonger-0.79.21/src/util.c:71:8: branch_false: following ‘false’ branch (when ‘data’ is non-NULL)...
certmonger-0.79.21/src/util.c:71:8: branch_false: ...to here
certmonger-0.79.21/src/util.c:78:12: branch_true: following ‘true’ branch (when ‘left != 0’)...
certmonger-0.79.21/src/util.c:81:15: branch_true: ...to here
certmonger-0.79.21/src/util.c:82:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util.c:84:12: branch_false: ...to here
certmonger-0.79.21/src/util.c:84:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/util.c:86:29: branch_true: ...to here
certmonger-0.79.21/src/util.c:87:13: throw: if ‘close’ throws an exception...
certmonger-0.79.21/src/util.c:87:13: danger: ‘dest’ leaks here; was allocated at [(5)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/4)
#   85|               cm_log(1, "Read error reading \"%s\": %s\n", filename,
#   86|   	           strerror(errno));
#   87|->             close(fd);
#   88|               free(dest);
#   89|               return NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1263]
certmonger-0.79.21/src/util.c:94:5: warning[-Wanalyzer-malloc-leak]: leak of ‘data’
certmonger-0.79.21/src/util.c:55:8: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util.c:63:9: branch_false: ...to here
certmonger-0.79.21/src/util.c:63:8: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util.c:69:12: branch_false: ...to here
certmonger-0.79.21/src/util.c:70:12: acquire_memory: allocated here
certmonger-0.79.21/src/util.c:71:8: branch_false: following ‘false’ branch (when ‘data’ is non-NULL)...
certmonger-0.79.21/src/util.c:71:8: branch_false: ...to here
certmonger-0.79.21/src/util.c:78:12: branch_true: following ‘true’ branch (when ‘left != 0’)...
certmonger-0.79.21/src/util.c:81:15: branch_true: ...to here
certmonger-0.79.21/src/util.c:82:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util.c:84:12: branch_false: ...to here
certmonger-0.79.21/src/util.c:84:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util.c:91:14: branch_false: ...to here
certmonger-0.79.21/src/util.c:94:5: throw: if ‘close’ throws an exception...
certmonger-0.79.21/src/util.c:94:5: danger: ‘data’ leaks here; was allocated at [(5)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/4)
#   92|           left -= res;
#   93|       }
#   94|->     close(fd);
#   95|       *dest = '\0';
#   96|       return data;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1264]
certmonger-0.79.21/src/util.c:94:5: warning[-Wanalyzer-malloc-leak]: leak of ‘dest’
certmonger-0.79.21/src/util.c:55:8: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util.c:63:9: branch_false: ...to here
certmonger-0.79.21/src/util.c:63:8: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util.c:69:12: branch_false: ...to here
certmonger-0.79.21/src/util.c:70:12: acquire_memory: allocated here
certmonger-0.79.21/src/util.c:71:8: branch_false: following ‘false’ branch (when ‘data’ is non-NULL)...
certmonger-0.79.21/src/util.c:71:8: branch_false: ...to here
certmonger-0.79.21/src/util.c:94:5: throw: if ‘close’ throws an exception...
certmonger-0.79.21/src/util.c:94:5: danger: ‘dest’ leaks here; was allocated at [(5)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/4)
#   92|           left -= res;
#   93|       }
#   94|->     close(fd);
#   95|       *dest = '\0';
#   96|       return data;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1265]
certmonger-0.79.21/src/util.c:97:1: warning[-Wanalyzer-malloc-leak]: leak of ‘data’
certmonger-0.79.21/src/util.c:55:8: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util.c:63:9: branch_false: ...to here
certmonger-0.79.21/src/util.c:63:8: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util.c:69:12: branch_false: ...to here
certmonger-0.79.21/src/util.c:70:12: acquire_memory: allocated here
certmonger-0.79.21/src/util.c:71:8: branch_false: following ‘false’ branch (when ‘data’ is non-NULL)...
certmonger-0.79.21/src/util.c:71:8: branch_false: ...to here
certmonger-0.79.21/src/util.c:78:12: branch_true: following ‘true’ branch (when ‘left != 0’)...
certmonger-0.79.21/src/util.c:81:15: branch_true: ...to here
certmonger-0.79.21/src/util.c:82:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util.c:84:12: branch_false: ...to here
certmonger-0.79.21/src/util.c:84:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util.c:91:14: branch_false: ...to here
certmonger-0.79.21/src/util.c:78:12: branch_true: following ‘true’ branch (when ‘left != 0’)...
certmonger-0.79.21/src/util.c:81:15: branch_true: ...to here
certmonger-0.79.21/src/util.c:82:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util.c:84:12: branch_false: ...to here
certmonger-0.79.21/src/util.c:97:1: danger: ‘data’ leaks here; was allocated at [(5)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/4)
#   95|       *dest = '\0';
#   96|       return data;
#   97|-> }
#   98|   
#   99|   char *

Error: GCC_ANALYZER_WARNING (CWE-688): [#def1266]
certmonger-0.79.21/src/util.c:131:21: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘tmp’ where non-null expected
certmonger-0.79.21/src/util.c:107:45: branch_true: following ‘true’ branch (when ‘line’ is non-NULL)...
certmonger-0.79.21/src/util.c:107:45: branch_true: ...to here
certmonger-0.79.21/src/util.c:114:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util.c:120:12: branch_false: ...to here
certmonger-0.79.21/src/util.c:120:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/util.c:121:13: branch_true: ...to here
certmonger-0.79.21/src/util.c:123:16: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
certmonger-0.79.21/src/util.c:124:37: branch_true: ...to here
certmonger-0.79.21/src/util.c:124:23: acquire_memory: this call could return NULL
certmonger-0.79.21/src/util.c:125:20: branch_false: following ‘false’ branch (when ‘in_section == 0’)...
certmonger-0.79.21/src/util.c:131:21: branch_false: ...to here
certmonger-0.79.21/src/util.c:131:21: danger: argument 2 (‘tmp’) from [(10)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/9) could be NULL where non-null expected
#  129|                       return NULL;
#  130|                   }
#  131|->                 if (strcmp(section, tmp) == 0) {
#  132|                       free(tmp);
#  133|                       tmp = NULL;

Error: GCC_ANALYZER_WARNING (CWE-688): [#def1267]
certmonger-0.79.21/src/util.c:150:17: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘tmp’ where non-null expected
certmonger-0.79.21/src/util.c:107:45: branch_true: following ‘true’ branch (when ‘line’ is non-NULL)...
certmonger-0.79.21/src/util.c:107:45: branch_true: ...to here
certmonger-0.79.21/src/util.c:143:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/src/util.c:108:17: branch_false: ...to here
certmonger-0.79.21/src/util.c:107:45: branch_true: following ‘true’ branch (when ‘line’ is non-NULL)...
certmonger-0.79.21/src/util.c:107:45: branch_true: ...to here
certmonger-0.79.21/src/util.c:110:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/src/util.c:110:16: branch_true: ...to here
certmonger-0.79.21/src/util.c:149:19: acquire_memory: this call could return NULL
certmonger-0.79.21/src/util.c:150:17: danger: argument 2 (‘tmp’) from [(11)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/10) could be NULL where non-null expected
#  148|               /* Save the key. */
#  149|               tmp = strndup(line, p - line);
#  150|->             if (strcmp(key, tmp) != 0) {
#  151|                   free(tmp);
#  152|   				tmp = NULL;

Error: COMPILER_WARNING (CWE-563): [#def1268]
certmonger-0.79.21/tests/tools/addcinfo.c: scope_hint: In function ‘main’
certmonger-0.79.21/tests/tools/addcinfo.c:64:10: warning[-Wunused-parameter]: unused parameter ‘argc’
#   64 | main(int argc, char **argv)
#      |      ~~~~^~~~
#   62|   
#   63|   int
#   64|-> main(int argc, char **argv)
#   65|   {
#   66|   	unsigned char *buffer = NULL, buf[BUFSIZ];

Error: COMPILER_WARNING (CWE-563): [#def1269]
certmonger-0.79.21/tests/tools/addcinfo.c:64:23: warning[-Wunused-parameter]: unused parameter ‘argv’
#   64 | main(int argc, char **argv)
#      |                ~~~~~~~^~~~
#   62|   
#   63|   int
#   64|-> main(int argc, char **argv)
#   65|   {
#   66|   	unsigned char *buffer = NULL, buf[BUFSIZ];

Error: CPPCHECK_WARNING (CWE-401): [#def1270]
certmonger-0.79.21/tests/tools/addcinfo.c:76: error[memleakOnRealloc]: Common realloc mistake: 'buffer' nulled but not freed upon failure
#   74|   	cm_log_set_level(3);
#   75|   	while ((i = read(STDIN_FILENO, buf, sizeof(buf))) > 0) {
#   76|-> 		buffer = realloc(buffer, n + i);
#   77|   		if (buffer == NULL) {
#   78|   			cm_log(0, "Out of memory.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1271]
certmonger-0.79.21/tests/tools/addcinfo.c:78:25: warning[-Wanalyzer-malloc-leak]: leak of ‘buffer’
certmonger-0.79.21/tests/tools/addcinfo.c:75:16: branch_true: following ‘true’ branch (when ‘i > 0’)...
certmonger-0.79.21/tests/tools/addcinfo.c:76:42: branch_true: ...to here
certmonger-0.79.21/tests/tools/addcinfo.c:77:20: branch_false: following ‘false’ branch (when ‘buffer’ is non-NULL)...
certmonger-0.79.21/tests/tools/addcinfo.c:81:17: branch_false: ...to here
certmonger-0.79.21/tests/tools/addcinfo.c:75:16: branch_true: following ‘true’ branch (when ‘i > 0’)...
certmonger-0.79.21/tests/tools/addcinfo.c:76:42: branch_true: ...to here
certmonger-0.79.21/tests/tools/addcinfo.c:77:20: branch_true: following ‘true’ branch (when ‘buffer’ is NULL)...
certmonger-0.79.21/tests/tools/addcinfo.c:78:25: branch_true: ...to here
certmonger-0.79.21/tests/tools/addcinfo.c:78:25: throw: if ‘cm_log’ throws an exception...
certmonger-0.79.21/tests/tools/addcinfo.c:78:25: danger: ‘buffer’ leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   76|   		buffer = realloc(buffer, n + i);
#   77|   		if (buffer == NULL) {
#   78|-> 			cm_log(0, "Out of memory.\n");
#   79|   			return 1;
#   80|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1272]
certmonger-0.79.21/tests/tools/addcinfo.c:85:21: warning[-Wanalyzer-malloc-leak]: leak of ‘buffer’
certmonger-0.79.21/tests/tools/addcinfo.c:75:16: branch_true: following ‘true’ branch (when ‘i > 0’)...
certmonger-0.79.21/tests/tools/addcinfo.c:76:42: branch_true: ...to here
certmonger-0.79.21/tests/tools/addcinfo.c:77:20: branch_false: following ‘false’ branch (when ‘buffer’ is non-NULL)...
certmonger-0.79.21/tests/tools/addcinfo.c:81:17: branch_false: ...to here
certmonger-0.79.21/tests/tools/addcinfo.c:75:16: branch_false: following ‘false’ branch (when ‘i <= 0’)...
certmonger-0.79.21/tests/tools/addcinfo.c:84:9: branch_false: ...to here
certmonger-0.79.21/tests/tools/addcinfo.c:85:21: throw: if ‘SECOID_FindOIDByTag’ throws an exception...
certmonger-0.79.21/tests/tools/addcinfo.c:85:21: danger: ‘buffer’ leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#   83|   	}
#   84|   	memset(&ci, 0, sizeof(ci));
#   85|-> 	enveloped = SECOID_FindOIDByTag(SEC_OID_PKCS7_ENVELOPED_DATA);
#   86|   	if (enveloped == NULL) {
#   87|   		cm_log(0, "Internal error: %s.\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1273]
certmonger-0.79.21/tests/tools/addcinfo.c:87:17: warning[-Wanalyzer-malloc-leak]: leak of ‘buffer’
certmonger-0.79.21/tests/tools/addcinfo.c:75:16: branch_true: following ‘true’ branch (when ‘i > 0’)...
certmonger-0.79.21/tests/tools/addcinfo.c:76:42: branch_true: ...to here
certmonger-0.79.21/tests/tools/addcinfo.c:77:20: branch_false: following ‘false’ branch (when ‘buffer’ is non-NULL)...
certmonger-0.79.21/tests/tools/addcinfo.c:81:17: branch_false: ...to here
certmonger-0.79.21/tests/tools/addcinfo.c:75:16: branch_false: following ‘false’ branch (when ‘i <= 0’)...
certmonger-0.79.21/tests/tools/addcinfo.c:84:9: branch_false: ...to here
certmonger-0.79.21/tests/tools/addcinfo.c:86:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/tests/tools/addcinfo.c:88:39: branch_true: ...to here
certmonger-0.79.21/tests/tools/addcinfo.c:87:17: throw: if ‘PR_ErrorToName’ throws an exception...
certmonger-0.79.21/tests/tools/addcinfo.c:87:17: danger: ‘buffer’ leaks here; was allocated at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#   85|   	enveloped = SECOID_FindOIDByTag(SEC_OID_PKCS7_ENVELOPED_DATA);
#   86|   	if (enveloped == NULL) {
#   87|-> 		cm_log(0, "Internal error: %s.\n",
#   88|   		       PR_ErrorToName(PORT_GetError()));
#   89|   		free(buffer);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1274]
certmonger-0.79.21/tests/tools/addcinfo.c:88:39: warning[-Wanalyzer-malloc-leak]: leak of ‘buffer’
certmonger-0.79.21/tests/tools/addcinfo.c:75:16: branch_true: following ‘true’ branch (when ‘i > 0’)...
certmonger-0.79.21/tests/tools/addcinfo.c:76:42: branch_true: ...to here
certmonger-0.79.21/tests/tools/addcinfo.c:77:20: branch_false: following ‘false’ branch (when ‘buffer’ is non-NULL)...
certmonger-0.79.21/tests/tools/addcinfo.c:81:17: branch_false: ...to here
certmonger-0.79.21/tests/tools/addcinfo.c:75:16: branch_false: following ‘false’ branch (when ‘i <= 0’)...
certmonger-0.79.21/tests/tools/addcinfo.c:84:9: branch_false: ...to here
certmonger-0.79.21/tests/tools/addcinfo.c:86:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/tests/tools/addcinfo.c:88:39: branch_true: ...to here
certmonger-0.79.21/tests/tools/addcinfo.c:88:39: throw: if ‘PORT_GetError’ throws an exception...
certmonger-0.79.21/tests/tools/addcinfo.c:88:39: danger: ‘buffer’ leaks here; was allocated at [(3)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/2)
#   86|   	if (enveloped == NULL) {
#   87|   		cm_log(0, "Internal error: %s.\n",
#   88|-> 		       PR_ErrorToName(PORT_GetError()));
#   89|   		free(buffer);
#   90|   		return 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1275]
certmonger-0.79.21/tests/tools/addcinfo.c:96:13: warning[-Wanalyzer-malloc-leak]: leak of ‘buffer’
certmonger-0.79.21/tests/tools/addcinfo.c:75:16: branch_true: following ‘true’ branch (when ‘i > 0’)...
certmonger-0.79.21/tests/tools/addcinfo.c:76:42: branch_true: ...to here
certmonger-0.79.21/tests/tools/addcinfo.c:77:20: branch_false: following ‘false’ branch (when ‘buffer’ is non-NULL)...
certmonger-0.79.21/tests/tools/addcinfo.c:81:17: branch_false: ...to here
certmonger-0.79.21/tests/tools/addcinfo.c:75:16: branch_false: following ‘false’ branch (when ‘i <= 0’)...
certmonger-0.79.21/tests/tools/addcinfo.c:84:9: branch_false: ...to here
certmonger-0.79.21/tests/tools/addcinfo.c:86:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/addcinfo.c:92:9: branch_false: ...to here
certmonger-0.79.21/tests/tools/addcinfo.c:96:13: throw: if ‘SEC_ASN1EncodeItem’ throws an exception...
certmonger-0.79.21/tests/tools/addcinfo.c:96:13: danger: ‘buffer’ leaks here; was allocated at [(3)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/2)
#   94|   	ci.content.len = n;
#   95|   	memset(&encoded, 0, sizeof(encoded));
#   96|-> 	if (SEC_ASN1EncodeItem(NULL, &encoded, &ci,
#   97|   			       content_info_template) != &encoded) {
#   98|   		cm_log(0, "Encoding error: %s.\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1276]
certmonger-0.79.21/tests/tools/base2pem.c:78:9: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/tests/tools/base2pem.c:49:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/base2pem.c:49:12: branch_false: ...to here
certmonger-0.79.21/tests/tools/base2pem.c:62:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/base2pem.c:62:12: branch_false: ...to here
certmonger-0.79.21/tests/tools/base2pem.c:66:16: branch_true: following ‘true’ branch...
certmonger-0.79.21/tests/tools/base2pem.c:67:20: branch_true: ...to here
certmonger-0.79.21/tests/tools/base2pem.c:67:20: branch_true: following ‘true’ branch (when ‘p’ is NULL)...
certmonger-0.79.21/tests/tools/base2pem.c:68:29: branch_true: ...to here
certmonger-0.79.21/tests/tools/base2pem.c:68:29: acquire_memory: allocated here
certmonger-0.79.21/tests/tools/base2pem.c:66:16: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/base2pem.c:78:9: branch_false: ...to here
certmonger-0.79.21/tests/tools/base2pem.c:78:9: throw: if ‘cm_submit_u_pem_from_base64’ throws an exception...
certmonger-0.79.21/tests/tools/base2pem.c:78:9: danger: ‘p’ leaks here; was allocated at [(9)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/8)
#   76|   		}
#   77|   	}
#   78|-> 	printf("%s", cm_submit_u_pem_from_base64(type, dos, p));
#   79|   	free(p);
#   80|   	return 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1277]
certmonger-0.79.21/tests/tools/base64.c:70:25: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/tests/tools/base64.c:52:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/base64.c:52:12: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:58:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/base64.c:62:14: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:62:35: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/base64.c:62:35: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:67:16: branch_true: following ‘true’ branch (when ‘l > 0’)...
certmonger-0.79.21/tests/tools/base64.c:68:32: branch_true: ...to here
certmonger-0.79.21/tests/tools/base64.c:69:20: branch_false: following ‘false’ branch (when ‘q’ is non-NULL)...
certmonger-0.79.21/tests/tools/base64.c:74:17: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:67:16: branch_true: following ‘true’ branch (when ‘l > 0’)...
certmonger-0.79.21/tests/tools/base64.c:68:32: branch_true: ...to here
certmonger-0.79.21/tests/tools/base64.c:69:20: branch_true: following ‘true’ branch (when ‘q’ is NULL)...
certmonger-0.79.21/tests/tools/base64.c:70:25: branch_true: ...to here
certmonger-0.79.21/tests/tools/base64.c:70:25: throw: if ‘perror’ throws an exception...
certmonger-0.79.21/tests/tools/base64.c:70:25: danger: ‘p’ leaks here; was allocated at [(9)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/8)
#   68|   		q = realloc(p, length + l + 1);
#   69|   		if (q == NULL) {
#   70|-> 			perror("realloc");
#   71|   			free(p);
#   72|   			return 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1278]
certmonger-0.79.21/tests/tools/base64.c:82:21: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/tests/tools/base64.c:52:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/base64.c:52:12: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:58:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/base64.c:62:14: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:62:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/base64.c:62:13: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:67:16: branch_true: following ‘true’ branch (when ‘l > 0’)...
certmonger-0.79.21/tests/tools/base64.c:68:32: branch_true: ...to here
certmonger-0.79.21/tests/tools/base64.c:69:20: branch_false: following ‘false’ branch (when ‘q’ is non-NULL)...
certmonger-0.79.21/tests/tools/base64.c:74:17: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:67:16: branch_false: following ‘false’ branch (when ‘l <= 0’)...
certmonger-0.79.21/tests/tools/base64.c:79:13: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:79:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/tests/tools/base64.c:80:25: branch_true: ...to here
certmonger-0.79.21/tests/tools/base64.c:82:21: throw: if ‘cm_store_base64_to_bin’ throws an exception...
certmonger-0.79.21/tests/tools/base64.c:82:21: danger: ‘p’ leaks here; was allocated at [(9)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/8)
#   80|   		j = 3 * howmany(length, 4) + 1;
#   81|   		q = malloc(j);
#   82|-> 		i = cm_store_base64_to_bin((const char *) p, -1, q, j);
#   83|   		if (hex) {
#   84|   			s = cm_store_hex_from_bin(NULL, q, i);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1279]
certmonger-0.79.21/tests/tools/base64.c:82:21: warning[-Wanalyzer-malloc-leak]: leak of ‘q’
certmonger-0.79.21/tests/tools/base64.c:52:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/base64.c:52:12: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:58:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/base64.c:62:14: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:62:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/base64.c:62:13: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:67:16: branch_false: following ‘false’ branch (when ‘l <= 0’)...
certmonger-0.79.21/tests/tools/base64.c:79:13: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:79:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/tests/tools/base64.c:80:25: branch_true: ...to here
certmonger-0.79.21/tests/tools/base64.c:81:21: acquire_memory: allocated here
certmonger-0.79.21/tests/tools/base64.c:82:21: throw: if ‘cm_store_base64_to_bin’ throws an exception...
certmonger-0.79.21/tests/tools/base64.c:82:21: danger: ‘q’ leaks here; was allocated at [(11)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/10)
#   80|   		j = 3 * howmany(length, 4) + 1;
#   81|   		q = malloc(j);
#   82|-> 		i = cm_store_base64_to_bin((const char *) p, -1, q, j);
#   83|   		if (hex) {
#   84|   			s = cm_store_hex_from_bin(NULL, q, i);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1280]
certmonger-0.79.21/tests/tools/base64.c:84:29: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/tests/tools/base64.c:52:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/base64.c:52:12: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:58:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/base64.c:62:14: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:62:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/base64.c:62:13: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:67:16: branch_true: following ‘true’ branch (when ‘l > 0’)...
certmonger-0.79.21/tests/tools/base64.c:68:32: branch_true: ...to here
certmonger-0.79.21/tests/tools/base64.c:69:20: branch_false: following ‘false’ branch (when ‘q’ is non-NULL)...
certmonger-0.79.21/tests/tools/base64.c:74:17: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:67:16: branch_false: following ‘false’ branch (when ‘l <= 0’)...
certmonger-0.79.21/tests/tools/base64.c:79:13: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:79:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/tests/tools/base64.c:80:25: branch_true: ...to here
certmonger-0.79.21/tests/tools/base64.c:83:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/tests/tools/base64.c:84:29: branch_true: ...to here
certmonger-0.79.21/tests/tools/base64.c:84:29: throw: if ‘cm_store_hex_from_bin’ throws an exception...
certmonger-0.79.21/tests/tools/base64.c:84:29: danger: ‘p’ leaks here; was allocated at [(9)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/8)
#   82|   		i = cm_store_base64_to_bin((const char *) p, -1, q, j);
#   83|   		if (hex) {
#   84|-> 			s = cm_store_hex_from_bin(NULL, q, i);
#   85|   			printf("%s\n", s);
#   86|   		} else {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1281]
certmonger-0.79.21/tests/tools/base64.c:90:37: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/tests/tools/base64.c:52:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/base64.c:52:12: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:58:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/base64.c:62:14: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:62:13: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/base64.c:62:13: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:67:16: branch_true: following ‘true’ branch (when ‘l > 0’)...
certmonger-0.79.21/tests/tools/base64.c:68:32: branch_true: ...to here
certmonger-0.79.21/tests/tools/base64.c:69:20: branch_false: following ‘false’ branch (when ‘q’ is non-NULL)...
certmonger-0.79.21/tests/tools/base64.c:74:17: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:67:16: branch_false: following ‘false’ branch (when ‘l <= 0’)...
certmonger-0.79.21/tests/tools/base64.c:79:13: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:79:12: branch_true: following ‘true’ branch...
certmonger-0.79.21/tests/tools/base64.c:80:25: branch_true: ...to here
certmonger-0.79.21/tests/tools/base64.c:83:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/base64.c:83:20: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:89:32: branch_true: following ‘true’ branch (when ‘i < i’)...
certmonger-0.79.21/tests/tools/base64.c:90:65: branch_true: ...to here
certmonger-0.79.21/tests/tools/base64.c:90:37: throw: if ‘write’ throws an exception...
certmonger-0.79.21/tests/tools/base64.c:90:37: danger: ‘p’ leaks here; was allocated at [(9)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/8)
#   88|   			i = 0;
#   89|   			while (i < length) {
#   90|-> 				j = write(STDOUT_FILENO, q + i, length - i);
#   91|   				if (j <= 0) {
#   92|   					break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1282]
certmonger-0.79.21/tests/tools/base64.c:100:37: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/tests/tools/base64.c:52:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/base64.c:52:12: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:58:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/base64.c:62:14: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:62:35: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/base64.c:62:35: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:67:16: branch_true: following ‘true’ branch (when ‘l > 0’)...
certmonger-0.79.21/tests/tools/base64.c:68:32: branch_true: ...to here
certmonger-0.79.21/tests/tools/base64.c:69:20: branch_false: following ‘false’ branch (when ‘q’ is non-NULL)...
certmonger-0.79.21/tests/tools/base64.c:74:17: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:67:16: branch_false: following ‘false’ branch (when ‘l <= 0’)...
certmonger-0.79.21/tests/tools/base64.c:79:13: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:79:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/base64.c:98:21: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:98:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/tests/tools/base64.c:99:29: branch_true: ...to here
certmonger-0.79.21/tests/tools/base64.c:99:28: branch_true: following ‘true’ branch...
certmonger-0.79.21/tests/tools/base64.c:100:37: branch_true: ...to here
certmonger-0.79.21/tests/tools/base64.c:100:37: throw: if ‘cm_store_base64_from_hex’ throws an exception...
certmonger-0.79.21/tests/tools/base64.c:100:37: danger: ‘p’ leaks here; was allocated at [(9)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/8)
#   98|   		if (encode) {
#   99|   			if (hex) {
#  100|-> 				s = cm_store_base64_from_hex(NULL, (const char *) p);
#  101|   				printf("%s\n", s);
#  102|   			} else {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1283]
certmonger-0.79.21/tests/tools/base64.c:103:37: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/tests/tools/base64.c:52:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/base64.c:52:12: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:58:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/base64.c:62:14: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:62:35: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/base64.c:62:35: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:67:16: branch_true: following ‘true’ branch (when ‘l > 0’)...
certmonger-0.79.21/tests/tools/base64.c:68:32: branch_true: ...to here
certmonger-0.79.21/tests/tools/base64.c:69:20: branch_false: following ‘false’ branch (when ‘q’ is non-NULL)...
certmonger-0.79.21/tests/tools/base64.c:74:17: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:67:16: branch_false: following ‘false’ branch (when ‘l <= 0’)...
certmonger-0.79.21/tests/tools/base64.c:79:13: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:79:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/base64.c:98:21: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:98:20: branch_true: following ‘true’ branch...
certmonger-0.79.21/tests/tools/base64.c:99:29: branch_true: ...to here
certmonger-0.79.21/tests/tools/base64.c:99:28: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/base64.c:103:37: branch_false: ...to here
certmonger-0.79.21/tests/tools/base64.c:103:37: throw: if ‘cm_store_base64_from_bin’ throws an exception...
certmonger-0.79.21/tests/tools/base64.c:103:37: danger: ‘p’ leaks here; was allocated at [(9)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/8)
#  101|   				printf("%s\n", s);
#  102|   			} else {
#  103|-> 				s = cm_store_base64_from_bin(NULL, p, length);
#  104|   				printf("%s\n", s);
#  105|   			}

Error: COMPILER_WARNING (CWE-563): [#def1284]
certmonger-0.79.21/tests/tools/checksig.c: scope_hint: In function ‘main’
certmonger-0.79.21/tests/tools/checksig.c:46:10: warning[-Wunused-parameter]: unused parameter ‘argc’
#   46 | main(int argc, char **argv)
#      |      ~~~~^~~~
#   44|   
#   45|   int
#   46|-> main(int argc, char **argv)
#   47|   {
#   48|   	int i;

Error: COMPILER_WARNING (CWE-563): [#def1285]
certmonger-0.79.21/tests/tools/checksig.c:46:23: warning[-Wunused-parameter]: unused parameter ‘argv’
#   46 | main(int argc, char **argv)
#      |                ~~~~~~~^~~~
#   44|   
#   45|   int
#   46|-> main(int argc, char **argv)
#   47|   {
#   48|   	int i;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1286]
certmonger-0.79.21/tests/tools/checksig.c:70:25: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/tests/tools/checksig.c:61:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/checksig.c:61:12: branch_false: ...to here
certmonger-0.79.21/tests/tools/checksig.c:67:16: branch_true: following ‘true’ branch (when ‘i > 0’)...
certmonger-0.79.21/tests/tools/checksig.c:68:32: branch_true: ...to here
certmonger-0.79.21/tests/tools/checksig.c:69:20: branch_false: following ‘false’ branch (when ‘q’ is non-NULL)...
certmonger-0.79.21/tests/tools/checksig.c:75:17: branch_false: ...to here
certmonger-0.79.21/tests/tools/checksig.c:67:16: branch_true: following ‘true’ branch (when ‘i > 0’)...
certmonger-0.79.21/tests/tools/checksig.c:68:32: branch_true: ...to here
certmonger-0.79.21/tests/tools/checksig.c:69:20: branch_true: following ‘true’ branch (when ‘q’ is NULL)...
certmonger-0.79.21/tests/tools/checksig.c:70:25: branch_true: ...to here
certmonger-0.79.21/tests/tools/checksig.c:70:25: throw: if ‘perror’ throws an exception...
certmonger-0.79.21/tests/tools/checksig.c:70:25: danger: ‘p’ leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#   68|   		q = realloc(p, len + i);
#   69|   		if (q == NULL) {
#   70|-> 			perror("malloc");
#   71|   			free(p);
#   72|   			return 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1287]
certmonger-0.79.21/tests/tools/checksig.c:82:13: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/tests/tools/checksig.c:61:12: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/checksig.c:61:12: branch_false: ...to here
certmonger-0.79.21/tests/tools/checksig.c:67:16: branch_true: following ‘true’ branch (when ‘i > 0’)...
certmonger-0.79.21/tests/tools/checksig.c:68:32: branch_true: ...to here
certmonger-0.79.21/tests/tools/checksig.c:69:20: branch_false: following ‘false’ branch (when ‘q’ is non-NULL)...
certmonger-0.79.21/tests/tools/checksig.c:75:17: branch_false: ...to here
certmonger-0.79.21/tests/tools/checksig.c:67:16: branch_false: following ‘false’ branch (when ‘i <= 0’)...
certmonger-0.79.21/tests/tools/checksig.c:78:9: branch_false: ...to here
certmonger-0.79.21/tests/tools/checksig.c:82:13: throw: if ‘SEC_ASN1DecodeItem’ throws an exception...
certmonger-0.79.21/tests/tools/checksig.c:82:13: danger: ‘p’ leaks here; was allocated at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
#   80|   	encoded.len = len;
#   81|   	memset(&signed_data, 0, sizeof(signed_data));
#   82|-> 	if (SEC_ASN1DecodeItem(NULL, &signed_data,
#   83|   			       CERT_SignedDataTemplate,
#   84|   			       &encoded) != SECSuccess) {

Error: GCC_ANALYZER_WARNING (CWE-127): [#def1288]
certmonger-0.79.21/tests/tools/fromfile.c:43:26: warning[-Wanalyzer-out-of-bounds]: heap-based buffer under-read
certmonger-0.79.21/tests/tools/fromfile.c:31:1: enter_function: entry to ‘main’
certmonger-0.79.21/tests/tools/fromfile.c:36:21: branch_true: following ‘true’ branch (when ‘i < argc’)...
certmonger-0.79.21/tests/tools/fromfile.c:37:38: branch_true: ...to here
certmonger-0.79.21/tests/tools/fromfile.c:38:24: call_function: calling ‘cm_submit_u_from_file’ from ‘main’
certmonger-0.79.21/tests/tools/fromfile.c:38:24: return_function: returning to ‘main’ from ‘cm_submit_u_from_file’
certmonger-0.79.21/tests/tools/fromfile.c:39:20: branch_false: following ‘false’ branch...
certmonger-0.79.21/tests/tools/fromfile.c:43:31: branch_false: ...to here
certmonger-0.79.21/tests/tools/fromfile.c:43:26: danger: out-of-bounds read at byte -1 but region starts at byte 0
#   41|   			result = 1;
#   42|   		}
#   43|-> 		else if (cert[strlen(cert) - 1] != '\n') {
#   44|   			printf("Missing trailing newline\n");
#   45|   			result = 1;

Error: COMPILER_WARNING (CWE-563): [#def1289]
certmonger-0.79.21/tests/tools/hooks.c: scope_hint: In function ‘get_n_cas’
certmonger-0.79.21/tests/tools/hooks.c:57:30: warning[-Wunused-parameter]: unused parameter ‘ctx’
#   57 | get_n_cas(struct cm_context *ctx)
#      |           ~~~~~~~~~~~~~~~~~~~^~~
#   55|   
#   56|   static int
#   57|-> get_n_cas(struct cm_context *ctx)
#   58|   {
#   59|   	return n_cas;

Error: COMPILER_WARNING (CWE-563): [#def1290]
certmonger-0.79.21/tests/tools/hooks.c: scope_hint: In function ‘get_ca_by_index’
certmonger-0.79.21/tests/tools/hooks.c:62:36: warning[-Wunused-parameter]: unused parameter ‘ctx’
#   62 | get_ca_by_index(struct cm_context *ctx, int n)
#      |                 ~~~~~~~~~~~~~~~~~~~^~~
#   60|   }
#   61|   static struct cm_store_ca *
#   62|-> get_ca_by_index(struct cm_context *ctx, int n)
#   63|   {
#   64|   	return ca[n];

Error: COMPILER_WARNING (CWE-563): [#def1291]
certmonger-0.79.21/tests/tools/hooks.c: scope_hint: In function ‘get_n_entries’
certmonger-0.79.21/tests/tools/hooks.c:67:34: warning[-Wunused-parameter]: unused parameter ‘ctx’
#   67 | get_n_entries(struct cm_context *ctx)
#      |               ~~~~~~~~~~~~~~~~~~~^~~
#   65|   }
#   66|   static int
#   67|-> get_n_entries(struct cm_context *ctx)
#   68|   {
#   69|   	return n_entries;

Error: COMPILER_WARNING (CWE-563): [#def1292]
certmonger-0.79.21/tests/tools/hooks.c: scope_hint: In function ‘get_entry_by_index’
certmonger-0.79.21/tests/tools/hooks.c:72:39: warning[-Wunused-parameter]: unused parameter ‘ctx’
#   72 | get_entry_by_index(struct cm_context *ctx, int n)
#      |                    ~~~~~~~~~~~~~~~~~~~^~~
#   70|   }
#   71|   static struct cm_store_entry *
#   72|-> get_entry_by_index(struct cm_context *ctx, int n)
#   73|   {
#   74|   	return entry[n];

Error: COMPILER_WARNING (CWE-563): [#def1293]
certmonger-0.79.21/tests/tools/json-utf8.c: scope_hint: In function ‘main’
certmonger-0.79.21/tests/tools/json-utf8.c:35:10: warning[-Wunused-parameter]: unused parameter ‘argc’
#   35 | main(int argc, char **argv)
#      |      ~~~~^~~~
#   33|   
#   34|   int
#   35|-> main(int argc, char **argv)
#   36|   {
#   37|   	uint32_t point, point2;

Error: COMPILER_WARNING (CWE-563): [#def1294]
certmonger-0.79.21/tests/tools/json-utf8.c:35:23: warning[-Wunused-parameter]: unused parameter ‘argv’
#   35 | main(int argc, char **argv)
#      |                ~~~~~~~^~~~
#   33|   
#   34|   int
#   35|-> main(int argc, char **argv)
#   36|   {
#   37|   	uint32_t point, point2;

Error: COMPILER_WARNING (CWE-563): [#def1295]
certmonger-0.79.21/tests/tools/libexecdir.c: scope_hint: In function ‘main’
certmonger-0.79.21/tests/tools/libexecdir.c:22:10: warning[-Wunused-parameter]: unused parameter ‘argc’
#   22 | main(int argc, char **argv)
#      |      ~~~~^~~~
#   20|   
#   21|   int
#   22|-> main(int argc, char **argv)
#   23|   {
#   24|   	printf("%s\n", CM_DEFAULT_HELPER_PATH);

Error: COMPILER_WARNING (CWE-563): [#def1296]
certmonger-0.79.21/tests/tools/libexecdir.c:22:23: warning[-Wunused-parameter]: unused parameter ‘argv’
#   22 | main(int argc, char **argv)
#      |                ~~~~~~~^~~~
#   20|   
#   21|   int
#   22|-> main(int argc, char **argv)
#   23|   {
#   24|   	printf("%s\n", CM_DEFAULT_HELPER_PATH);

Error: COMPILER_WARNING (CWE-563): [#def1297]
certmonger-0.79.21/tests/tools/payload.c: scope_hint: In function ‘main’
certmonger-0.79.21/tests/tools/payload.c:41:10: warning[-Wunused-parameter]: unused parameter ‘argc’
#   41 | main(int argc, char **argv)
#      |      ~~~~^~~~
#   39|   
#   40|   int
#   41|-> main(int argc, char **argv)
#   42|   {
#   43|   	int i;

Error: COMPILER_WARNING (CWE-563): [#def1298]
certmonger-0.79.21/tests/tools/payload.c:41:23: warning[-Wunused-parameter]: unused parameter ‘argv’
#   41 | main(int argc, char **argv)
#      |                ~~~~~~~^~~~
#   39|   
#   40|   int
#   41|-> main(int argc, char **argv)
#   42|   {
#   43|   	int i;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1299]
certmonger-0.79.21/tests/tools/payload.c:56:25: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/tests/tools/payload.c:53:16: branch_true: following ‘true’ branch (when ‘i > 0’)...
certmonger-0.79.21/tests/tools/payload.c:54:32: branch_true: ...to here
certmonger-0.79.21/tests/tools/payload.c:55:20: branch_false: following ‘false’ branch (when ‘q’ is non-NULL)...
certmonger-0.79.21/tests/tools/payload.c:61:17: branch_false: ...to here
certmonger-0.79.21/tests/tools/payload.c:53:16: branch_true: following ‘true’ branch (when ‘i > 0’)...
certmonger-0.79.21/tests/tools/payload.c:54:32: branch_true: ...to here
certmonger-0.79.21/tests/tools/payload.c:55:20: branch_true: following ‘true’ branch (when ‘q’ is NULL)...
certmonger-0.79.21/tests/tools/payload.c:56:25: branch_true: ...to here
certmonger-0.79.21/tests/tools/payload.c:56:25: throw: if ‘perror’ throws an exception...
certmonger-0.79.21/tests/tools/payload.c:56:25: danger: ‘p’ leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   54|   		q = realloc(p, len + i);
#   55|   		if (q == NULL) {
#   56|-> 			perror("malloc");
#   57|   			free(p);
#   58|   			return 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1300]
certmonger-0.79.21/tests/tools/payload.c:68:13: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
certmonger-0.79.21/tests/tools/payload.c:53:16: branch_true: following ‘true’ branch (when ‘i > 0’)...
certmonger-0.79.21/tests/tools/payload.c:54:32: branch_true: ...to here
certmonger-0.79.21/tests/tools/payload.c:55:20: branch_false: following ‘false’ branch (when ‘q’ is non-NULL)...
certmonger-0.79.21/tests/tools/payload.c:61:17: branch_false: ...to here
certmonger-0.79.21/tests/tools/payload.c:53:16: branch_false: following ‘false’ branch (when ‘i <= 0’)...
certmonger-0.79.21/tests/tools/payload.c:64:9: branch_false: ...to here
certmonger-0.79.21/tests/tools/payload.c:68:13: throw: if ‘SEC_ASN1DecodeItem’ throws an exception...
certmonger-0.79.21/tests/tools/payload.c:68:13: danger: ‘p’ leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#   66|   	encoded.len = len;
#   67|   	memset(&signed_data, 0, sizeof(signed_data));
#   68|-> 	if (SEC_ASN1DecodeItem(NULL, &signed_data,
#   69|   			       CERT_SignedDataTemplate,
#   70|   			       &encoded) == SECSuccess) {

Error: COMPILER_WARNING (CWE-563): [#def1301]
certmonger-0.79.21/tests/tools/pem2base.c: scope_hint: In function ‘main’
certmonger-0.79.21/tests/tools/pem2base.c:33:10: warning[-Wunused-parameter]: unused parameter ‘argc’
#   33 | main(int argc, char **argv)
#      |      ~~~~^~~~
#   31|   
#   32|   int
#   33|-> main(int argc, char **argv)
#   34|   {
#   35|   	char buf[LINE_MAX], *p = NULL, *q;

Error: COMPILER_WARNING (CWE-563): [#def1302]
certmonger-0.79.21/tests/tools/pem2base.c:33:23: warning[-Wunused-parameter]: unused parameter ‘argv’
#   33 | main(int argc, char **argv)
#      |                ~~~~~~~^~~~
#   31|   
#   32|   int
#   33|-> main(int argc, char **argv)
#   34|   {
#   35|   	char buf[LINE_MAX], *p = NULL, *q;

Error: COMPILER_WARNING (CWE-563): [#def1303]
certmonger-0.79.21/tests/tools/prefs.c: scope_hint: In function ‘main’
certmonger-0.79.21/tests/tools/prefs.c:28:10: warning[-Wunused-parameter]: unused parameter ‘argc’
#   28 | main(int argc, char **argv)
#      |      ~~~~^~~~
#   26|   
#   27|   int
#   28|-> main(int argc, char **argv)
#   29|   {
#   30|   	const char *dest;

Error: COMPILER_WARNING (CWE-563): [#def1304]
certmonger-0.79.21/tests/tools/prefs.c:28:23: warning[-Wunused-parameter]: unused parameter ‘argv’
#   28 | main(int argc, char **argv)
#      |                ~~~~~~~^~~~
#   26|   
#   27|   int
#   28|-> main(int argc, char **argv)
#   29|   {
#   30|   	const char *dest;