Error: GCC_ANALYZER_WARNING (CWE-401): [#def1] cryptsetup-2.8.1/lib/bitlk/bitlk.c:85:9: warning[-Wanalyzer-malloc-leak]: leak of 'vmk' cryptsetup-2.8.1/lib/bitlk/bitlk.c:398:5: enter_function: entry to 'BITLK_read_sb' cryptsetup-2.8.1/lib/bitlk/bitlk.c:424:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:430:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:430:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:437:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:449:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:453:20: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:453:19: branch_true: following 'true' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:461:31: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:467:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:474:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:474:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:482:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_true: following 'true' branch (when 'i != 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:491:46: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_true: following 'true' branch (when 'i != 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:491:46: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_true: following 'true' branch (when 'i != 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:491:46: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_false: following 'false' branch (when 'i == 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:493:9: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:497:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:499:17: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:497:13: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:500:17: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:497:13: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:507:9: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:563:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:568:54: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:571:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:576:28: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:580:12: branch_false: following 'false' branch (when 'fve_entries' is non-NULL)... cryptsetup-2.8.1/lib/bitlk/bitlk.c:584:9: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:589:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:589:12: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:597:16: branch_true: following 'true' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:600:37: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:602:20: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:605:21: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:605:20: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:611:57: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:615:20: branch_true: following 'true' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:616:28: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:616:28: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:622:52: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:625:31: acquire_memory: allocated here cryptsetup-2.8.1/lib/bitlk/bitlk.c:626:28: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:630:25: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:632:25: call_function: calling 'guid_to_string' from 'BITLK_read_sb' # 83| static void guid_to_string(struct bitlk_guid *guid, char *out) { # 84| swap_guid(guid); # 85|-> uuid_unparse((unsigned char *) guid, out); # 86| } # 87| Error: GCC_ANALYZER_WARNING (CWE-401): [#def2] cryptsetup-2.8.1/lib/bitlk/bitlk.c:265:33: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>' cryptsetup-2.8.1/lib/bitlk/bitlk.c:398:5: enter_function: entry to 'BITLK_read_sb' cryptsetup-2.8.1/lib/bitlk/bitlk.c:424:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:430:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:430:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:437:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:449:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:453:20: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:453:19: branch_true: following 'true' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:461:31: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:467:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:474:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:474:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:482:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_true: following 'true' branch (when 'i != 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:491:46: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_true: following 'true' branch (when 'i != 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:491:46: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_true: following 'true' branch (when 'i != 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:491:46: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_false: following 'false' branch (when 'i == 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:493:9: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:497:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:499:17: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:497:13: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:500:17: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:497:13: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:507:9: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:563:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:568:54: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:571:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:576:28: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:580:12: branch_false: following 'false' branch (when 'fve_entries' is non-NULL)... cryptsetup-2.8.1/lib/bitlk/bitlk.c:584:9: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:589:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:589:12: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:597:16: branch_true: following 'true' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:600:37: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:602:20: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:605:21: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:605:20: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:611:57: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:615:20: branch_true: following 'true' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:616:28: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:616:28: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:622:52: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:626:28: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:630:25: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:633:37: acquire_memory: allocated here cryptsetup-2.8.1/lib/bitlk/bitlk.c:640:29: call_function: calling 'parse_vmk_entry' from 'BITLK_read_sb' # 263| if (key_entry_type != BITLK_ENTRY_TYPE_PROPERTY) { # 264| if (supported) { # 265|-> log_err(cd, _("Unexpected metadata entry type '%u' found when parsing supported Volume Master Key."), key_entry_type); # 266| return -EINVAL; # 267| } else { Error: GCC_ANALYZER_WARNING (CWE-401): [#def3] cryptsetup-2.8.1/lib/bitlk/bitlk.c:265:33: warning[-Wanalyzer-malloc-leak]: leak of 'vmk' cryptsetup-2.8.1/lib/bitlk/bitlk.c:398:5: enter_function: entry to 'BITLK_read_sb' cryptsetup-2.8.1/lib/bitlk/bitlk.c:424:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:430:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:430:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:437:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:449:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:453:20: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:453:19: branch_true: following 'true' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:461:31: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:467:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:474:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:474:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:482:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_true: following 'true' branch (when 'i != 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:491:46: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_true: following 'true' branch (when 'i != 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:491:46: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_true: following 'true' branch (when 'i != 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:491:46: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_false: following 'false' branch (when 'i == 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:493:9: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:497:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:499:17: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:497:13: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:500:17: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:497:13: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:507:9: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:563:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:568:54: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:571:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:576:28: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:580:12: branch_false: following 'false' branch (when 'fve_entries' is non-NULL)... cryptsetup-2.8.1/lib/bitlk/bitlk.c:584:9: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:589:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:589:12: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:597:16: branch_true: following 'true' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:600:37: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:602:20: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:605:21: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:605:20: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:611:57: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:615:20: branch_true: following 'true' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:616:28: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:616:28: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:622:52: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:625:31: acquire_memory: allocated here cryptsetup-2.8.1/lib/bitlk/bitlk.c:626:28: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:630:25: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:640:29: call_function: calling 'parse_vmk_entry' from 'BITLK_read_sb' # 263| if (key_entry_type != BITLK_ENTRY_TYPE_PROPERTY) { # 264| if (supported) { # 265|-> log_err(cd, _("Unexpected metadata entry type '%u' found when parsing supported Volume Master Key."), key_entry_type); # 266| return -EINVAL; # 267| } else { Error: GCC_ANALYZER_WARNING (CWE-401): [#def4] cryptsetup-2.8.1/lib/bitlk/bitlk.c:268:33: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>' cryptsetup-2.8.1/lib/bitlk/bitlk.c:398:5: enter_function: entry to 'BITLK_read_sb' cryptsetup-2.8.1/lib/bitlk/bitlk.c:424:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:430:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:430:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:437:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:449:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:453:20: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:453:19: branch_true: following 'true' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:461:31: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:467:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:474:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:474:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:482:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_true: following 'true' branch (when 'i != 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:491:46: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_true: following 'true' branch (when 'i != 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:491:46: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_true: following 'true' branch (when 'i != 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:491:46: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_false: following 'false' branch (when 'i == 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:493:9: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:497:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:499:17: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:497:13: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:500:17: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:497:13: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:507:9: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:563:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:568:54: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:571:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:576:28: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:580:12: branch_false: following 'false' branch (when 'fve_entries' is non-NULL)... cryptsetup-2.8.1/lib/bitlk/bitlk.c:584:9: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:589:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:589:12: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:597:16: branch_true: following 'true' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:600:37: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:602:20: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:605:21: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:605:20: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:611:57: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:615:20: branch_true: following 'true' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:616:28: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:616:28: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:622:52: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:626:28: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:630:25: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:633:37: acquire_memory: allocated here cryptsetup-2.8.1/lib/bitlk/bitlk.c:640:29: call_function: calling 'parse_vmk_entry' from 'BITLK_read_sb' # 266| return -EINVAL; # 267| } else { # 268|-> log_dbg(cd, "Unexpected metadata entry type '%u' found when parsing unsupported VMK.", key_entry_type); # 269| } # 270| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def5] cryptsetup-2.8.1/lib/bitlk/bitlk.c:268:33: warning[-Wanalyzer-malloc-leak]: leak of 'vmk' cryptsetup-2.8.1/lib/bitlk/bitlk.c:398:5: enter_function: entry to 'BITLK_read_sb' cryptsetup-2.8.1/lib/bitlk/bitlk.c:424:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:430:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:430:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:437:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:449:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:453:20: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:453:19: branch_true: following 'true' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:461:31: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:467:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:474:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:474:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:482:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_true: following 'true' branch (when 'i != 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:491:46: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_true: following 'true' branch (when 'i != 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:491:46: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_true: following 'true' branch (when 'i != 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:491:46: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_false: following 'false' branch (when 'i == 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:493:9: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:497:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:499:17: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:497:13: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:500:17: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:497:13: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:507:9: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:563:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:568:54: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:571:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:576:28: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:580:12: branch_false: following 'false' branch (when 'fve_entries' is non-NULL)... cryptsetup-2.8.1/lib/bitlk/bitlk.c:584:9: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:589:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:589:12: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:597:16: branch_true: following 'true' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:600:37: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:602:20: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:605:21: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:605:20: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:611:57: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:615:20: branch_true: following 'true' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:616:28: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:616:28: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:622:52: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:625:31: acquire_memory: allocated here cryptsetup-2.8.1/lib/bitlk/bitlk.c:626:28: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:630:25: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:640:29: call_function: calling 'parse_vmk_entry' from 'BITLK_read_sb' # 266| return -EINVAL; # 267| } else { # 268|-> log_dbg(cd, "Unexpected metadata entry type '%u' found when parsing unsupported VMK.", key_entry_type); # 269| } # 270| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def6] cryptsetup-2.8.1/lib/bitlk/bitlk.c:323:29: warning[-Wanalyzer-malloc-leak]: leak of 'string' cryptsetup-2.8.1/lib/bitlk/bitlk.c:398:5: enter_function: entry to 'BITLK_read_sb' cryptsetup-2.8.1/lib/bitlk/bitlk.c:424:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:430:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:430:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:437:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:449:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:453:20: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:453:19: branch_true: following 'true' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:461:31: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:467:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:474:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:474:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:482:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_true: following 'true' branch (when 'i != 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:491:46: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_true: following 'true' branch (when 'i != 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:491:46: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_true: following 'true' branch (when 'i != 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:491:46: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_false: following 'false' branch (when 'i == 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:493:9: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:497:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:499:17: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:497:13: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:500:17: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:497:13: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:507:9: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:563:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:568:54: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:571:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:576:28: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:580:12: branch_false: following 'false' branch (when 'fve_entries' is non-NULL)... cryptsetup-2.8.1/lib/bitlk/bitlk.c:584:9: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:589:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:589:12: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:597:16: branch_true: following 'true' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:600:37: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:602:20: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:605:21: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:605:20: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:611:57: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:615:20: branch_true: following 'true' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:616:28: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:616:28: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:622:52: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:626:28: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:630:25: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:640:29: call_function: calling 'parse_vmk_entry' from 'BITLK_read_sb' # 321| if (!string) # 322| return -ENOMEM; # 323|-> r = crypt_utf16_to_utf8(&string, CONST_CAST(char16_t *)(data + start + BITLK_ENTRY_HEADER_LEN), # 324| key_entry_size - BITLK_ENTRY_HEADER_LEN); # 325| if (r < 0 || !string) { Error: GCC_ANALYZER_WARNING (CWE-401): [#def7] cryptsetup-2.8.1/lib/bitlk/bitlk.c:586:9: warning[-Wanalyzer-malloc-leak]: leak of 'fve_entries' cryptsetup-2.8.1/lib/bitlk/bitlk.c:424:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:430:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:430:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:437:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:449:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:453:20: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:453:19: branch_true: following 'true' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:461:31: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:467:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:474:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:474:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:482:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_true: following 'true' branch (when 'i != 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:491:46: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_true: following 'true' branch (when 'i != 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:491:46: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_true: following 'true' branch (when 'i != 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:491:46: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_false: following 'false' branch (when 'i == 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:493:9: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:497:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:499:17: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:497:13: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:500:17: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:497:13: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:507:9: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:563:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:568:54: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:571:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:576:28: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:579:23: acquire_memory: allocated here cryptsetup-2.8.1/lib/bitlk/bitlk.c:580:12: branch_false: following 'false' branch (when 'fve_entries' is non-NULL)... cryptsetup-2.8.1/lib/bitlk/bitlk.c:584:9: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:586:9: throw: if 'device_path' throws an exception... cryptsetup-2.8.1/lib/bitlk/bitlk.c:586:9: danger: 'fve_entries' leaks here; was allocated at [(31)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/30) # 584| memset(fve_entries, 0, fve_entries_size); # 585| # 586|-> log_dbg(cd, "Reading BITLK FVE metadata entries of size %zu on device %s, offset %" PRIu64 ".", # 587| fve_entries_size, device_path(device), params->metadata_offset[0] + BITLK_FVE_METADATA_HEADERS_LEN); # 588| Error: GCC_ANALYZER_WARNING (CWE-401): [#def8] cryptsetup-2.8.1/lib/bitlk/bitlk.c:589:13: warning[-Wanalyzer-malloc-leak]: leak of 'fve_entries' cryptsetup-2.8.1/lib/bitlk/bitlk.c:424:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:430:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:430:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:437:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:449:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:453:20: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:453:19: branch_true: following 'true' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:461:31: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:467:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:474:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:474:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:482:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_true: following 'true' branch (when 'i != 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:491:46: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_true: following 'true' branch (when 'i != 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:491:46: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_true: following 'true' branch (when 'i != 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:491:46: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_false: following 'false' branch (when 'i == 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:493:9: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:497:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:499:17: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:497:13: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:500:17: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:497:13: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:507:9: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:563:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:568:54: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:571:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:576:28: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:579:23: acquire_memory: allocated here cryptsetup-2.8.1/lib/bitlk/bitlk.c:580:12: branch_false: following 'false' branch (when 'fve_entries' is non-NULL)... cryptsetup-2.8.1/lib/bitlk/bitlk.c:584:9: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:589:13: throw: if 'device_alignment' throws an exception... cryptsetup-2.8.1/lib/bitlk/bitlk.c:589:13: danger: 'fve_entries' leaks here; was allocated at [(31)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/30) # 587| fve_entries_size, device_path(device), params->metadata_offset[0] + BITLK_FVE_METADATA_HEADERS_LEN); # 588| # 589|-> if (read_lseek_blockwise(devfd, device_block_size(cd, device), # 590| device_alignment(device), fve_entries, fve_entries_size, # 591| params->metadata_offset[0] + BITLK_FVE_METADATA_HEADERS_LEN) != (ssize_t)fve_entries_size) { Error: GCC_ANALYZER_WARNING (CWE-401): [#def9] cryptsetup-2.8.1/lib/bitlk/bitlk.c:704:29: warning[-Wanalyzer-malloc-leak]: leak of 'description' cryptsetup-2.8.1/lib/bitlk/bitlk.c:424:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:430:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:430:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:437:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:449:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:453:20: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:453:19: branch_true: following 'true' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:461:31: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:467:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:474:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:474:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:482:13: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_true: following 'true' branch (when 'i != 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:491:46: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_true: following 'true' branch (when 'i != 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:491:46: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_true: following 'true' branch (when 'i != 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:491:46: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:490:21: branch_false: following 'false' branch (when 'i == 3')... cryptsetup-2.8.1/lib/bitlk/bitlk.c:493:9: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:497:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:499:17: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:497:13: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:500:17: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:497:13: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:507:9: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:563:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:568:54: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:571:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:576:28: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:580:12: branch_false: following 'false' branch (when 'fve_entries' is non-NULL)... cryptsetup-2.8.1/lib/bitlk/bitlk.c:584:9: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:589:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:589:12: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:597:16: branch_true: following 'true' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:600:37: branch_true: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:602:20: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:605:21: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:605:20: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:611:57: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:615:20: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:656:27: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:682:27: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:694:27: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:694:27: branch_true: following 'true' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:695:28: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:699:46: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:699:39: acquire_memory: allocated here cryptsetup-2.8.1/lib/bitlk/bitlk.c:700:28: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/bitlk/bitlk.c:705:59: branch_false: ...to here cryptsetup-2.8.1/lib/bitlk/bitlk.c:704:29: throw: if 'crypt_utf16_to_utf8' throws an exception... cryptsetup-2.8.1/lib/bitlk/bitlk.c:704:29: danger: 'description' leaks here; was allocated at [(49)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/48) # 702| goto out; # 703| } # 704|-> r = crypt_utf16_to_utf8(&description, CONST_CAST(char16_t *)(fve_entries + start + BITLK_ENTRY_HEADER_LEN), # 705| entry_size - BITLK_ENTRY_HEADER_LEN); # 706| if (r < 0) { Error: COMPILER_WARNING (CWE-704): [#def10] cryptsetup-2.8.1/lib/crypto_backend/crypto_storage.c: scope_hint: In function 'crypt_sector_iv_init' cryptsetup-2.8.1/lib/crypto_backend/crypto_storage.c:80:35: warning[-Wdiscarded-qualifiers]: initialization discards 'const' qualifier from pointer target type # 80 | char *hash_name = strchr(iv_name, ':'); # | ^~~~~~ # 78| } else if (!strncasecmp(iv_name, "essiv:", 6)) { # 79| struct crypt_hash *h = NULL; # 80|-> char *hash_name = strchr(iv_name, ':'); # 81| int hash_size; # 82| char tmp[256]; Error: COMPILER_WARNING (CWE-704): [#def11] cryptsetup-2.8.1/lib/crypto_backend/crypto_storage.c:80:35: warning[-Wdiscarded-qualifiers]: initialization discards 'const' qualifier from pointer target type # 78| } else if (!strncasecmp(iv_name, "essiv:", 6)) { # 79| struct crypt_hash *h = NULL; # 80|-> char *hash_name = strchr(iv_name, ':'); # 81| int hash_size; # 82| char tmp[256]; Error: COMPILER_WARNING (CWE-704): [#def12] cryptsetup-2.8.1/lib/libdevmapper.c: scope_hint: In function 'dm_uuid_cmp' cryptsetup-2.8.1/lib/libdevmapper.c:3265:13: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type # 3265 | str = strchr(dm_uuid, '-'); # | ^ # 3263| dm_uuid = dm_uuid + strlen(CRYPT_LUKS2_HW_OPAL); # 3264| # 3265|-> str = strchr(dm_uuid, '-'); # 3266| if (!str) # 3267| return -EINVAL; Error: COMPILER_WARNING (CWE-704): [#def13] cryptsetup-2.8.1/lib/libdevmapper.c:3265:13: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type # 3263| dm_uuid = dm_uuid + strlen(CRYPT_LUKS2_HW_OPAL); # 3264| # 3265|-> str = strchr(dm_uuid, '-'); # 3266| if (!str) # 3267| return -EINVAL; Error: COMPILER_WARNING (CWE-704): [#def14] cryptsetup-2.8.1/lib/libdevmapper.c: scope_hint: In function 'dm_uuid_integrity_cmp' cryptsetup-2.8.1/lib/libdevmapper.c:3300:13: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type # 3300 | str = strchr(dm_uuid, '-'); # | ^ # 3298| dm_uuid = dm_uuid + strlen(CRYPT_LUKS2_HW_OPAL); # 3299| # 3300|-> str = strchr(dm_uuid, '-'); # 3301| if (!str) # 3302| return -EINVAL; Error: COMPILER_WARNING (CWE-704): [#def15] cryptsetup-2.8.1/lib/libdevmapper.c:3300:13: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type # 3298| dm_uuid = dm_uuid + strlen(CRYPT_LUKS2_HW_OPAL); # 3299| # 3300|-> str = strchr(dm_uuid, '-'); # 3301| if (!str) # 3302| return -EINVAL; Error: COMPILER_WARNING (CWE-704): [#def16] cryptsetup-2.8.1/lib/libdevmapper.c:3304:14: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type # 3304 | stri = strchr(dmi_uuid, '-'); # | ^ # 3302| return -EINVAL; # 3303| # 3304|-> stri = strchr(dmi_uuid, '-'); # 3305| if (!stri) # 3306| return -EINVAL; Error: COMPILER_WARNING (CWE-704): [#def17] cryptsetup-2.8.1/lib/libdevmapper.c:3304:14: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type # 3302| return -EINVAL; # 3303| # 3304|-> stri = strchr(dmi_uuid, '-'); # 3305| if (!stri) # 3306| return -EINVAL; Error: COMPILER_WARNING (CWE-704): [#def18] cryptsetup-2.8.1/lib/luks1/keyencryption.c: scope_hint: In function '_error_hint' cryptsetup-2.8.1/lib/luks1/keyencryption.c:32:22: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type # 32 | else if (!(c = strchr(mode, '-')) || strlen(c) < 4) # | ^ # 30| if (!strncmp(mode, "xts", 3) && (keyLength != 256 && keyLength != 512)) # 31| log_err(ctx, _("Key size in XTS mode must be 256 or 512 bits.")); # 32|-> else if (!(c = strchr(mode, '-')) || strlen(c) < 4) # 33| log_err(ctx, _("Cipher specification should be in [cipher]-[mode]-[iv] format.")); # 34| } Error: COMPILER_WARNING (CWE-704): [#def19] cryptsetup-2.8.1/lib/luks1/keyencryption.c:32:22: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type # 30| if (!strncmp(mode, "xts", 3) && (keyLength != 256 && keyLength != 512)) # 31| log_err(ctx, _("Key size in XTS mode must be 256 or 512 bits.")); # 32|-> else if (!(c = strchr(mode, '-')) || strlen(c) < 4) # 33| log_err(ctx, _("Cipher specification should be in [cipher]-[mode]-[iv] format.")); # 34| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def20] cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:805:24: warning[-Wanalyzer-malloc-leak]: leak of 'calloc(1, 360)' cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3312:12: enter_function: entry to 'reencrypt_load' cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3323:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3326:19: branch_false: ...to here cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3326:19: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3329:13: branch_false: ...to here cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3330:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3333:12: branch_false: ...to here cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3333:12: branch_true: following 'true' branch... cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3334:21: branch_true: ...to here cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3334:21: call_function: calling 'reencrypt_load_clean' from 'reencrypt_load' # 803| json_object *jobj_keyslot, *jobj_mode; # 804| # 805|-> jobj_keyslot = LUKS2_get_keyslot_jobj(hdr, LUKS2_find_keyslot(hdr, "reencrypt")); # 806| if (!jobj_keyslot) # 807| return mi; Error: GCC_ANALYZER_WARNING (CWE-401): [#def21] cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:809:9: warning[-Wanalyzer-malloc-leak]: leak of 'calloc(1, 360)' cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3312:12: enter_function: entry to 'reencrypt_load' cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3323:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3326:19: branch_false: ...to here cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3326:19: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3329:13: branch_false: ...to here cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3330:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3333:12: branch_false: ...to here cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3333:12: branch_true: following 'true' branch... cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3334:21: branch_true: ...to here cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3334:21: call_function: calling 'reencrypt_load_clean' from 'reencrypt_load' # 807| return mi; # 808| # 809|-> json_object_object_get_ex(jobj_keyslot, "mode", &jobj_mode); # 810| mode = json_object_get_string(jobj_mode); # 811| Error: GCC_ANALYZER_WARNING (CWE-401): [#def22] cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:810:16: warning[-Wanalyzer-malloc-leak]: leak of 'calloc(1, 360)' cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3312:12: enter_function: entry to 'reencrypt_load' cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3323:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3326:19: branch_false: ...to here cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3326:19: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3329:13: branch_false: ...to here cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3330:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3333:12: branch_false: ...to here cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3333:12: branch_true: following 'true' branch... cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3334:21: branch_true: ...to here cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3334:21: call_function: calling 'reencrypt_load_clean' from 'reencrypt_load' # 808| # 809| json_object_object_get_ex(jobj_keyslot, "mode", &jobj_mode); # 810|-> mode = json_object_get_string(jobj_mode); # 811| # 812| /* validation enforces allowed values */ Error: GCC_ANALYZER_WARNING (CWE-401): [#def23] cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:827:24: warning[-Wanalyzer-malloc-leak]: leak of 'calloc(1, 360)' cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3312:12: enter_function: entry to 'reencrypt_load' cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3323:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3326:19: branch_false: ...to here cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3326:19: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3329:13: branch_false: ...to here cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3330:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3333:12: branch_false: ...to here cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3333:12: branch_true: following 'true' branch... cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3334:21: branch_true: ...to here cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3334:21: call_function: calling 'reencrypt_load_clean' from 'reencrypt_load' # 825| crypt_reencrypt_direction_info di = CRYPT_REENCRYPT_FORWARD; # 826| # 827|-> jobj_keyslot = LUKS2_get_keyslot_jobj(hdr, LUKS2_find_keyslot(hdr, "reencrypt")); # 828| if (!jobj_keyslot) # 829| return di; Error: GCC_ANALYZER_WARNING (CWE-401): [#def24] cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:1171:29: warning[-Wanalyzer-malloc-leak]: leak of 'calloc(1, 360)' cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3312:12: enter_function: entry to 'reencrypt_load' cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3323:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3326:19: branch_false: ...to here cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3326:19: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3329:13: branch_false: ...to here cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3330:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3333:12: branch_false: ...to here cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3333:12: branch_true: following 'true' branch... cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3334:21: branch_true: ...to here cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3334:21: call_function: calling 'reencrypt_load_clean' from 'reencrypt_load' # 1169| uint64_t dummy, area_length; # 1170| # 1171|-> rh->reenc_keyslot = LUKS2_find_keyslot(hdr, "reencrypt"); # 1172| if (rh->reenc_keyslot < 0) # 1173| return -EINVAL; Error: GCC_ANALYZER_WARNING (CWE-401): [#def25] cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:1174:13: warning[-Wanalyzer-malloc-leak]: leak of 'calloc(1, 360)' cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3312:12: enter_function: entry to 'reencrypt_load' cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3323:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3326:19: branch_false: ...to here cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3326:19: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3329:13: branch_false: ...to here cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3330:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3333:12: branch_false: ...to here cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3333:12: branch_true: following 'true' branch... cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3334:21: branch_true: ...to here cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3334:21: call_function: calling 'reencrypt_load_clean' from 'reencrypt_load' # 1172| if (rh->reenc_keyslot < 0) # 1173| return -EINVAL; # 1174|-> if (LUKS2_keyslot_area(hdr, rh->reenc_keyslot, &dummy, &area_length) < 0) # 1175| return -EINVAL; # 1176| Error: GCC_ANALYZER_WARNING (CWE-401): [#def26] cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:1281:9: warning[-Wanalyzer-malloc-leak]: leak of 'calloc(1, 360)' cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3312:12: enter_function: entry to 'reencrypt_load' cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3323:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3326:19: branch_false: ...to here cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3326:19: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3329:13: branch_false: ...to here cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3330:12: branch_false: following 'false' branch... cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3333:12: branch_false: ...to here cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3333:12: branch_true: following 'true' branch... cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3334:21: branch_true: ...to here cryptsetup-2.8.1/lib/luks2/luks2_reencrypt.c:3334:21: call_function: calling 'reencrypt_load_clean' from 'reencrypt_load' # 1279| return -ENOMEM; # 1280| # 1281|-> log_dbg(cd, "Loading stored reencryption context."); # 1282| # 1283| r = reencrypt_context_init(cd, hdr, tmp, device_size, max_hotzone_size, fixed_device_size); Error: COMPILER_WARNING (CWE-704): [#def27] cryptsetup-2.8.1/lib/tcrypt/tcrypt.c: scope_hint: In function 'TCRYPT_status_one' cryptsetup-2.8.1/lib/tcrypt/tcrypt.c:1029:24: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type # 1029 | if ((c = strchr(tgt->u.crypt.cipher, '-'))) # | ^ # 1027| # 1028| if (is_tcrypt_subdev(dmd.uuid, base_uuid)) { # 1029|-> if ((c = strchr(tgt->u.crypt.cipher, '-'))) # 1030| *c = '\0'; # 1031| strcat(cipher, "-"); Error: COMPILER_WARNING (CWE-704): [#def28] cryptsetup-2.8.1/lib/tcrypt/tcrypt.c:1029:24: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type # 1027| # 1028| if (is_tcrypt_subdev(dmd.uuid, base_uuid)) { # 1029|-> if ((c = strchr(tgt->u.crypt.cipher, '-'))) # 1030| *c = '\0'; # 1031| strcat(cipher, "-"); Error: COMPILER_WARNING (CWE-704): [#def29] cryptsetup-2.8.1/lib/utils_keyring.c: scope_hint: In function 'keyring_type_and_name' cryptsetup-2.8.1/lib/utils_keyring.c:312:18: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type # 312 | name_tmp = strchr(key_name, ':'); # | ^ # 310| return INVALID_KEY; # 311| # 312|-> name_tmp = strchr(key_name, ':'); # 313| if (!name_tmp) # 314| return INVALID_KEY; Error: COMPILER_WARNING (CWE-704): [#def30] cryptsetup-2.8.1/lib/utils_keyring.c:312:18: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type # 310| return INVALID_KEY; # 311| # 312|-> name_tmp = strchr(key_name, ':'); # 313| if (!name_tmp) # 314| return INVALID_KEY;
| analyzer-version-clippy | 1.92.0 |
| analyzer-version-cppcheck | 2.19.1 |
| analyzer-version-gcc | 16.0.0 |
| analyzer-version-gcc-analyzer | 16.0.0 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.92.0 |
| diffbase-analyzer-version-cppcheck | 2.19.1 |
| diffbase-analyzer-version-gcc | 16.0.0 |
| diffbase-analyzer-version-gcc-analyzer | 16.0.0 |
| diffbase-analyzer-version-shellcheck | 0.11.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-241.us-west-2.compute.internal |
| diffbase-known-false-positives | /usr/share/csmock/known-false-positives.js |
| diffbase-known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| diffbase-mock-config | fedora-rawhide-x86_64 |
| diffbase-project-name | cryptsetup-2.8.3-3.fc44 |
| diffbase-store-results-to | /tmp/tmpecb8z2lx/cryptsetup-2.8.3-3.fc44.tar.xz |
| diffbase-time-created | 2026-01-08 15:50:17 |
| diffbase-time-finished | 2026-01-08 15:52:05 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmpecb8z2lx/cryptsetup-2.8.3-3.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpecb8z2lx/cryptsetup-2.8.3-3.fc44.src.rpm' |
| diffbase-tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-241.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | cryptsetup-2.8.1-1.fc43 |
| store-results-to | /tmp/tmpmq2a_g8g/cryptsetup-2.8.1-1.fc43.tar.xz |
| time-created | 2026-01-08 15:47:33 |
| time-finished | 2026-01-08 15:49:48 |
| title | Fixed findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmpmq2a_g8g/cryptsetup-2.8.1-1.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpmq2a_g8g/cryptsetup-2.8.1-1.fc43.src.rpm' |
| tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |