Error: GCC_ANALYZER_WARNING (CWE-457): [#def1] dnsmasq-2.91/src/dbus.c:512:11: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘val’ dnsmasq-2.91/src/dbus.c:510:6: branch_true: following ‘true’ branch... dnsmasq-2.91/src/dbus.c:512:11: branch_true: ...to here dnsmasq-2.91/src/dbus.c:512:11: danger: use of uninitialized value ‘val’ here # 510| if (!reply) # 511| { # 512|-> if (val) # 513| set_option_bool(flag); # 514| else Error: GCC_ANALYZER_WARNING (CWE-457): [#def2] dnsmasq-2.91/src/dbus.c:853:21: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘enabled’ dnsmasq-2.91/src/dbus.c:793:6: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dbus.c:806:12: branch_false: ...to here dnsmasq-2.91/src/dbus.c:806:11: branch_false: following ‘false’ branch (when the strings are non-equal)... dnsmasq-2.91/src/dbus.c:814:12: branch_false: ...to here dnsmasq-2.91/src/dbus.c:814:11: branch_false: following ‘false’ branch (when the strings are non-equal)... dnsmasq-2.91/src/dbus.c:819:12: branch_false: ...to here dnsmasq-2.91/src/dbus.c:819:11: branch_false: following ‘false’ branch (when the strings are non-equal)... dnsmasq-2.91/src/dbus.c:824:12: branch_false: ...to here dnsmasq-2.91/src/dbus.c:824:11: branch_false: following ‘false’ branch (when the strings are non-equal)... dnsmasq-2.91/src/dbus.c:829:12: branch_false: ...to here dnsmasq-2.91/src/dbus.c:829:11: branch_false: following ‘false’ branch (when the strings are non-equal)... dnsmasq-2.91/src/dbus.c:834:12: branch_false: ...to here dnsmasq-2.91/src/dbus.c:834:11: branch_false: following ‘false’ branch (when the strings are non-equal)... dnsmasq-2.91/src/dbus.c:838:12: branch_false: ...to here dnsmasq-2.91/src/dbus.c:838:11: branch_true: following ‘true’ branch (when the strings are equal)... dnsmasq-2.91/src/dbus.c:844:21: branch_true: ...to here dnsmasq-2.91/src/dbus.c:844:10: branch_true: following ‘true’ branch... dnsmasq-2.91/src/dbus.c:846:15: branch_true: ...to here dnsmasq-2.91/src/dbus.c:853:21: danger: use of uninitialized value ‘enabled’ here # 851| } # 852| # 853|-> list.rr = enabled ? T_A : 0; # 854| } # 855| } Error: GCC_ANALYZER_WARNING (CWE-457): [#def3] dnsmasq-2.91/src/dbus.c:871:29: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘enabled’ dnsmasq-2.91/src/dbus.c:793:6: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dbus.c:806:12: branch_false: ...to here dnsmasq-2.91/src/dbus.c:806:11: branch_false: following ‘false’ branch (when the strings are non-equal)... dnsmasq-2.91/src/dbus.c:814:12: branch_false: ...to here dnsmasq-2.91/src/dbus.c:814:11: branch_false: following ‘false’ branch (when the strings are non-equal)... dnsmasq-2.91/src/dbus.c:819:12: branch_false: ...to here dnsmasq-2.91/src/dbus.c:819:11: branch_false: following ‘false’ branch (when the strings are non-equal)... dnsmasq-2.91/src/dbus.c:824:12: branch_false: ...to here dnsmasq-2.91/src/dbus.c:824:11: branch_false: following ‘false’ branch (when the strings are non-equal)... dnsmasq-2.91/src/dbus.c:829:12: branch_false: ...to here dnsmasq-2.91/src/dbus.c:829:11: branch_false: following ‘false’ branch (when the strings are non-equal)... dnsmasq-2.91/src/dbus.c:834:12: branch_false: ...to here dnsmasq-2.91/src/dbus.c:834:11: branch_false: following ‘false’ branch (when the strings are non-equal)... dnsmasq-2.91/src/dbus.c:838:12: branch_false: ...to here dnsmasq-2.91/src/dbus.c:838:11: branch_false: following ‘false’ branch (when the strings are non-equal)... dnsmasq-2.91/src/dbus.c:856:12: branch_false: ...to here dnsmasq-2.91/src/dbus.c:856:11: branch_true: following ‘true’ branch (when the strings are equal)... dnsmasq-2.91/src/dbus.c:862:21: branch_true: ...to here dnsmasq-2.91/src/dbus.c:862:10: branch_true: following ‘true’ branch... dnsmasq-2.91/src/dbus.c:864:15: branch_true: ...to here dnsmasq-2.91/src/dbus.c:871:29: danger: use of uninitialized value ‘enabled’ here # 869| } # 870| # 871|-> list.rr = enabled ? T_AAAA : 0; # 872| } # 873| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def4] dnsmasq-2.91/src/dnsmasq.c:1428:7: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’ dnsmasq-2.91/src/dnsmasq.c:1426:6: branch_true: following ‘true’ branch... dnsmasq-2.91/src/dnsmasq.c:1427:21: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:1427:14: acquire_memory: allocated here dnsmasq-2.91/src/dnsmasq.c:1426:7: branch_true: following ‘true’ branch (when ‘buf’ is non-NULL)... dnsmasq-2.91/src/dnsmasq.c:1428:7: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:1428:7: throw: if ‘read_write’ throws an exception... dnsmasq-2.91/src/dnsmasq.c:1428:7: danger: ‘buf’ leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2) # 1426| if (evp->msg_sz != 0 && # 1427| (buf = malloc(evp->msg_sz + 1)) && # 1428|-> read_write(fd, (unsigned char *)buf, evp->msg_sz, RW_READ)) # 1429| { # 1430| buf[evp->msg_sz] = 0; Error: GCC_ANALYZER_WARNING (CWE-775): [#def5] dnsmasq-2.91/src/dnsmasq.c:2034:11: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[1]’ dnsmasq-2.91/src/dnsmasq.c:1953:6: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:1956:7: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:1956:6: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:1975:3: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2026:6: branch_true: following ‘true’ branch... dnsmasq-2.91/src/dnsmasq.c:2028:11: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2028:10: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:2031:16: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2031:10: branch_true: following ‘true’ branch (when ‘p == -1’)... dnsmasq-2.91/src/dnsmasq.c:2034:11: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2034:11: throw: if ‘close’ throws an exception... dnsmasq-2.91/src/dnsmasq.c:2034:11: danger: ‘pipefd[1]’ leaks here # 2032| { # 2033| /* fork failed */ # 2034|-> close(pipefd[0]); # 2035| close(pipefd[1]); # 2036| goto closeconandreturn; Error: GCC_ANALYZER_WARNING (CWE-775): [#def6] dnsmasq-2.91/src/dnsmasq.c:2035:11: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[1]’ dnsmasq-2.91/src/dnsmasq.c:1953:6: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:1956:7: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:1956:6: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:1975:3: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2026:6: branch_true: following ‘true’ branch... dnsmasq-2.91/src/dnsmasq.c:2028:11: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2028:10: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:2031:16: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2031:10: branch_true: following ‘true’ branch (when ‘p == -1’)... dnsmasq-2.91/src/dnsmasq.c:2034:11: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2035:11: throw: if ‘close’ throws an exception... dnsmasq-2.91/src/dnsmasq.c:2035:11: danger: ‘pipefd[1]’ leaks here # 2033| /* fork failed */ # 2034| close(pipefd[0]); # 2035|-> close(pipefd[1]); # 2036| goto closeconandreturn; # 2037| } Error: GCC_ANALYZER_WARNING (CWE-775): [#def7] dnsmasq-2.91/src/dnsmasq.c:2059:11: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[0]’ dnsmasq-2.91/src/dnsmasq.c:1953:6: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:1956:7: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:1956:6: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:1975:3: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2026:6: branch_true: following ‘true’ branch... dnsmasq-2.91/src/dnsmasq.c:2028:11: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2028:10: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:2031:16: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2031:10: branch_false: following ‘false’ branch (when ‘p != -1’)... dnsmasq-2.91/src/dnsmasq.c:2039:10: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2039:10: branch_true: following ‘true’ branch (when ‘p != 0’)... dnsmasq-2.91/src/dnsmasq.c:2042:11: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2059:11: throw: if ‘read_write’ throws an exception... dnsmasq-2.91/src/dnsmasq.c:2059:11: danger: ‘pipefd[0]’ leaks here # 2057| netlink socket. */ # 2058| # 2059|-> read_write(pipefd[0], &a, 1, RW_READ); # 2060| #endif # 2061| Error: GCC_ANALYZER_WARNING (CWE-775): [#def8] dnsmasq-2.91/src/dnsmasq.c:2101:7: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[0]’ dnsmasq-2.91/src/dnsmasq.c:1953:6: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:1956:7: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:1956:6: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:1975:3: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2026:6: branch_true: following ‘true’ branch... dnsmasq-2.91/src/dnsmasq.c:2028:11: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2028:10: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:2031:16: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2031:10: branch_false: following ‘false’ branch (when ‘p != -1’)... dnsmasq-2.91/src/dnsmasq.c:2039:10: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2039:10: branch_false: following ‘false’ branch (when ‘p == 0’)... dnsmasq-2.91/src/dnsmasq.c:2083:6: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2083:6: branch_true: following ‘true’ branch (when ‘iface’ is non-NULL)... dnsmasq-2.91/src/dnsmasq.c:2085:7: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2096:6: branch_true: following ‘true’ branch... dnsmasq-2.91/src/dnsmasq.c:2100:7: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2101:7: throw: if ‘read_write’ throws an exception... dnsmasq-2.91/src/dnsmasq.c:2101:7: danger: ‘pipefd[0]’ leaks here # 2099| /* See comment above re: netlink socket. */ # 2100| close(daemon->netlinkfd); # 2101|-> read_write(pipefd[1], &a, 1, RW_WRITE); # 2102| #endif # 2103| alarm(CHILD_LIFETIME); Error: GCC_ANALYZER_WARNING (CWE-775): [#def9] dnsmasq-2.91/src/dnsmasq.c:2101:7: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[1]’ dnsmasq-2.91/src/dnsmasq.c:1953:6: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:1956:7: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:1956:6: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:1975:3: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2026:6: branch_true: following ‘true’ branch... dnsmasq-2.91/src/dnsmasq.c:2028:11: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2028:10: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:2031:16: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2031:10: branch_false: following ‘false’ branch (when ‘p != -1’)... dnsmasq-2.91/src/dnsmasq.c:2039:10: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2039:10: branch_false: following ‘false’ branch (when ‘p == 0’)... dnsmasq-2.91/src/dnsmasq.c:2083:6: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2083:6: branch_false: following ‘false’ branch (when ‘iface’ is NULL)... dnsmasq-2.91/src/dnsmasq.c:2090:7: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2096:6: branch_true: following ‘true’ branch... dnsmasq-2.91/src/dnsmasq.c:2100:7: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2101:7: throw: if ‘read_write’ throws an exception... dnsmasq-2.91/src/dnsmasq.c:2101:7: danger: ‘pipefd[1]’ leaks here # 2099| /* See comment above re: netlink socket. */ # 2100| close(daemon->netlinkfd); # 2101|-> read_write(pipefd[1], &a, 1, RW_WRITE); # 2102| #endif # 2103| alarm(CHILD_LIFETIME); Error: GCC_ANALYZER_WARNING (CWE-775): [#def10] dnsmasq-2.91/src/dnsmasq.c:2101:7: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[auth_dns]’ dnsmasq-2.91/src/dnsmasq.c:1953:6: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:1956:7: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:1956:6: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:1975:3: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2026:6: branch_true: following ‘true’ branch... dnsmasq-2.91/src/dnsmasq.c:2028:11: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2028:10: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:2031:16: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2031:10: branch_false: following ‘false’ branch (when ‘p != -1’)... dnsmasq-2.91/src/dnsmasq.c:2039:10: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2039:10: branch_false: following ‘false’ branch (when ‘p == 0’)... dnsmasq-2.91/src/dnsmasq.c:2083:6: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2083:6: branch_false: following ‘false’ branch (when ‘iface’ is NULL)... dnsmasq-2.91/src/dnsmasq.c:2090:7: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2096:6: branch_true: following ‘true’ branch... dnsmasq-2.91/src/dnsmasq.c:2100:7: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2101:7: throw: if ‘read_write’ throws an exception... dnsmasq-2.91/src/dnsmasq.c:2101:7: danger: ‘pipefd[auth_dns]’ leaks here # 2099| /* See comment above re: netlink socket. */ # 2100| close(daemon->netlinkfd); # 2101|-> read_write(pipefd[1], &a, 1, RW_WRITE); # 2102| #endif # 2103| alarm(CHILD_LIFETIME); Error: GCC_ANALYZER_WARNING (CWE-457): [#def11] dnsmasq-2.91/src/dnsmasq.c:2101:7: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘pipefd[1]’ dnsmasq-2.91/src/dnsmasq.c:1953:6: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:1956:7: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:1956:6: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:1975:3: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2026:6: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:2083:6: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2083:6: branch_false: following ‘false’ branch (when ‘iface’ is NULL)... dnsmasq-2.91/src/dnsmasq.c:2090:7: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2096:6: branch_true: following ‘true’ branch... dnsmasq-2.91/src/dnsmasq.c:2100:7: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2101:7: danger: use of uninitialized value ‘pipefd[1]’ here # 2099| /* See comment above re: netlink socket. */ # 2100| close(daemon->netlinkfd); # 2101|-> read_write(pipefd[1], &a, 1, RW_WRITE); # 2102| #endif # 2103| alarm(CHILD_LIFETIME); Error: GCC_ANALYZER_WARNING (CWE-775): [#def12] dnsmasq-2.91/src/dnsmasq.c:2111:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[auth_dns]’ dnsmasq-2.91/src/dnsmasq.c:1953:6: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:1956:7: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:1956:6: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:1975:3: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2026:6: branch_true: following ‘true’ branch... dnsmasq-2.91/src/dnsmasq.c:2028:11: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2028:10: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:2031:16: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2031:10: branch_false: following ‘false’ branch (when ‘p != -1’)... dnsmasq-2.91/src/dnsmasq.c:2039:10: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2039:10: branch_false: following ‘false’ branch (when ‘p == 0’)... dnsmasq-2.91/src/dnsmasq.c:2083:6: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2083:6: branch_false: following ‘false’ branch (when ‘iface’ is NULL)... dnsmasq-2.91/src/dnsmasq.c:2090:7: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2096:6: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:2111:16: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2111:16: throw: if ‘fcntl’ throws an exception... dnsmasq-2.91/src/dnsmasq.c:2111:16: danger: ‘pipefd[auth_dns]’ leaks here # 2109| attribute from the listening socket. # 2110| Reset that here. */ # 2111|-> if ((flags = fcntl(confd, F_GETFL, 0)) != -1) # 2112| while(retry_send(fcntl(confd, F_SETFL, flags & ~O_NONBLOCK))); # 2113| Error: GCC_ANALYZER_WARNING (CWE-775): [#def13] dnsmasq-2.91/src/dnsmasq.c:2112:11: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[auth_dns]’ dnsmasq-2.91/src/dnsmasq.c:1953:6: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:1956:7: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:1956:6: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:1975:3: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2026:6: branch_true: following ‘true’ branch... dnsmasq-2.91/src/dnsmasq.c:2028:11: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2028:10: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:2031:16: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2031:10: branch_false: following ‘false’ branch (when ‘p != -1’)... dnsmasq-2.91/src/dnsmasq.c:2039:10: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2039:10: branch_false: following ‘false’ branch (when ‘p == 0’)... dnsmasq-2.91/src/dnsmasq.c:2083:6: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2083:6: branch_false: following ‘false’ branch (when ‘iface’ is NULL)... dnsmasq-2.91/src/dnsmasq.c:2090:7: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2096:6: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:2111:16: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2111:6: branch_true: following ‘true’ branch... dnsmasq-2.91/src/dnsmasq.c:2111:6: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2112:11: throw: if ‘retry_send’ throws an exception... dnsmasq-2.91/src/dnsmasq.c:2112:11: danger: ‘pipefd[auth_dns]’ leaks here # 2110| Reset that here. */ # 2111| if ((flags = fcntl(confd, F_GETFL, 0)) != -1) # 2112|-> while(retry_send(fcntl(confd, F_SETFL, flags & ~O_NONBLOCK))); # 2113| # 2114| buff = tcp_request(confd, now, &tcp_addr, netmask, auth_dns); Error: GCC_ANALYZER_WARNING (CWE-775): [#def14] dnsmasq-2.91/src/dnsmasq.c:2112:22: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[auth_dns]’ dnsmasq-2.91/src/dnsmasq.c:1953:6: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:1956:7: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:1956:6: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:1975:3: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2026:6: branch_true: following ‘true’ branch... dnsmasq-2.91/src/dnsmasq.c:2028:11: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2028:10: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:2031:16: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2031:10: branch_false: following ‘false’ branch (when ‘p != -1’)... dnsmasq-2.91/src/dnsmasq.c:2039:10: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2039:10: branch_false: following ‘false’ branch (when ‘p == 0’)... dnsmasq-2.91/src/dnsmasq.c:2083:6: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2083:6: branch_false: following ‘false’ branch (when ‘iface’ is NULL)... dnsmasq-2.91/src/dnsmasq.c:2090:7: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2096:6: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:2111:16: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2111:6: branch_true: following ‘true’ branch... dnsmasq-2.91/src/dnsmasq.c:2111:6: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2112:22: throw: if ‘fcntl’ throws an exception... dnsmasq-2.91/src/dnsmasq.c:2112:22: danger: ‘pipefd[auth_dns]’ leaks here # 2110| Reset that here. */ # 2111| if ((flags = fcntl(confd, F_GETFL, 0)) != -1) # 2112|-> while(retry_send(fcntl(confd, F_SETFL, flags & ~O_NONBLOCK))); # 2113| # 2114| buff = tcp_request(confd, now, &tcp_addr, netmask, auth_dns); Error: GCC_ANALYZER_WARNING (CWE-775): [#def15] dnsmasq-2.91/src/dnsmasq.c:2170:11: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[0]’ dnsmasq-2.91/src/dnsmasq.c:2151:6: branch_true: following ‘true’ branch... dnsmasq-2.91/src/dnsmasq.c:2156:21: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2165:10: branch_false: following ‘false’ branch (when ‘i >= 0’)... dnsmasq-2.91/src/dnsmasq.c:2165:20: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2165:11: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:2168:16: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2168:10: branch_true: following ‘true’ branch (when ‘p != 0’)... dnsmasq-2.91/src/dnsmasq.c:2170:11: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2170:11: throw: if ‘close’ throws an exception... dnsmasq-2.91/src/dnsmasq.c:2170:11: danger: ‘pipefd[0]’ leaks here # 2168| if ((p = fork()) != 0) # 2169| { # 2170|-> close(pipefd[1]); /* parent needs read pipe end. */ # 2171| if (p == -1) # 2172| { Error: GCC_ANALYZER_WARNING (CWE-775): [#def16] dnsmasq-2.91/src/dnsmasq.c:2170:11: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[1]’ dnsmasq-2.91/src/dnsmasq.c:2151:6: branch_true: following ‘true’ branch... dnsmasq-2.91/src/dnsmasq.c:2156:21: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2165:10: branch_false: following ‘false’ branch (when ‘i >= 0’)... dnsmasq-2.91/src/dnsmasq.c:2165:20: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2165:11: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:2168:16: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2168:10: branch_true: following ‘true’ branch (when ‘p != 0’)... dnsmasq-2.91/src/dnsmasq.c:2170:11: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2170:11: throw: if ‘close’ throws an exception... dnsmasq-2.91/src/dnsmasq.c:2170:11: danger: ‘pipefd[1]’ leaks here # 2168| if ((p = fork()) != 0) # 2169| { # 2170|-> close(pipefd[1]); /* parent needs read pipe end. */ # 2171| if (p == -1) # 2172| { Error: GCC_ANALYZER_WARNING (CWE-775): [#def17] dnsmasq-2.91/src/dnsmasq.c:2174:15: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[0]’ dnsmasq-2.91/src/dnsmasq.c:2151:6: branch_true: following ‘true’ branch... dnsmasq-2.91/src/dnsmasq.c:2156:21: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2165:10: branch_false: following ‘false’ branch (when ‘i >= 0’)... dnsmasq-2.91/src/dnsmasq.c:2165:20: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2165:11: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:2168:16: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2168:10: branch_true: following ‘true’ branch (when ‘p != 0’)... dnsmasq-2.91/src/dnsmasq.c:2170:11: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2171:14: branch_true: following ‘true’ branch (when ‘p == -1’)... dnsmasq-2.91/src/dnsmasq.c:2174:15: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2174:15: throw: if ‘close’ throws an exception... dnsmasq-2.91/src/dnsmasq.c:2174:15: danger: ‘pipefd[0]’ leaks here # 2172| { # 2173| /* fork() failed */ # 2174|-> close(pipefd[0]); # 2175| return STAT_ABANDONED; # 2176| } Error: GCC_ANALYZER_WARNING (CWE-775): [#def18] dnsmasq-2.91/src/dnsmasq.c:2192:11: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[0]’ dnsmasq-2.91/src/dnsmasq.c:2151:6: branch_true: following ‘true’ branch... dnsmasq-2.91/src/dnsmasq.c:2156:21: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2165:10: branch_false: following ‘false’ branch (when ‘i >= 0’)... dnsmasq-2.91/src/dnsmasq.c:2165:20: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2165:11: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:2168:16: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2168:10: branch_true: following ‘true’ branch (when ‘p != 0’)... dnsmasq-2.91/src/dnsmasq.c:2170:11: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2171:14: branch_false: following ‘false’ branch (when ‘p != -1’)... dnsmasq-2.91/src/dnsmasq.c:2192:11: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2192:11: throw: if ‘read_write’ throws an exception... dnsmasq-2.91/src/dnsmasq.c:2192:11: danger: ‘pipefd[0]’ leaks here # 2190| is sent by the child after it has closed the # 2191| netlink socket. */ # 2192|-> read_write(pipefd[0], &a, 1, RW_READ); # 2193| #endif # 2194| Error: GCC_ANALYZER_WARNING (CWE-775): [#def19] dnsmasq-2.91/src/dnsmasq.c:2213:11: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[0]’ dnsmasq-2.91/src/dnsmasq.c:2151:6: branch_true: following ‘true’ branch... dnsmasq-2.91/src/dnsmasq.c:2156:21: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2165:10: branch_false: following ‘false’ branch (when ‘i >= 0’)... dnsmasq-2.91/src/dnsmasq.c:2165:20: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2165:11: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:2168:16: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2168:10: branch_false: following ‘false’ branch (when ‘p == 0’)... dnsmasq-2.91/src/dnsmasq.c:2213:23: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2213:11: throw: if ‘close’ throws an exception... dnsmasq-2.91/src/dnsmasq.c:2213:11: danger: ‘pipefd[0]’ leaks here # 2211| #ifdef HAVE_LINUX_NETWORK # 2212| /* See comment above re: netlink socket. */ # 2213|-> close(daemon->netlinkfd); # 2214| read_write(pipefd[1], &a, 1, RW_WRITE); # 2215| #endif Error: GCC_ANALYZER_WARNING (CWE-775): [#def20] dnsmasq-2.91/src/dnsmasq.c:2213:11: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[1]’ dnsmasq-2.91/src/dnsmasq.c:2151:6: branch_true: following ‘true’ branch... dnsmasq-2.91/src/dnsmasq.c:2156:21: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2165:10: branch_false: following ‘false’ branch (when ‘i >= 0’)... dnsmasq-2.91/src/dnsmasq.c:2165:20: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2165:11: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:2168:16: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2168:10: branch_false: following ‘false’ branch (when ‘p == 0’)... dnsmasq-2.91/src/dnsmasq.c:2213:23: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2213:11: throw: if ‘close’ throws an exception... dnsmasq-2.91/src/dnsmasq.c:2213:11: danger: ‘pipefd[1]’ leaks here # 2211| #ifdef HAVE_LINUX_NETWORK # 2212| /* See comment above re: netlink socket. */ # 2213|-> close(daemon->netlinkfd); # 2214| read_write(pipefd[1], &a, 1, RW_WRITE); # 2215| #endif Error: GCC_ANALYZER_WARNING (CWE-775): [#def21] dnsmasq-2.91/src/dnsmasq.c:2214:11: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[0]’ dnsmasq-2.91/src/dnsmasq.c:2151:6: branch_true: following ‘true’ branch... dnsmasq-2.91/src/dnsmasq.c:2156:21: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2165:10: branch_false: following ‘false’ branch (when ‘i >= 0’)... dnsmasq-2.91/src/dnsmasq.c:2165:20: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2165:11: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:2168:16: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2168:10: branch_false: following ‘false’ branch (when ‘p == 0’)... dnsmasq-2.91/src/dnsmasq.c:2213:23: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2214:11: throw: if ‘read_write’ throws an exception... dnsmasq-2.91/src/dnsmasq.c:2214:11: danger: ‘pipefd[0]’ leaks here # 2212| /* See comment above re: netlink socket. */ # 2213| close(daemon->netlinkfd); # 2214|-> read_write(pipefd[1], &a, 1, RW_WRITE); # 2215| #endif # 2216| close(pipefd[0]); /* close read end in child. */ Error: GCC_ANALYZER_WARNING (CWE-775): [#def22] dnsmasq-2.91/src/dnsmasq.c:2214:11: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[1]’ dnsmasq-2.91/src/dnsmasq.c:2151:6: branch_true: following ‘true’ branch... dnsmasq-2.91/src/dnsmasq.c:2156:21: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2165:10: branch_false: following ‘false’ branch (when ‘i >= 0’)... dnsmasq-2.91/src/dnsmasq.c:2165:20: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2165:11: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:2168:16: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2168:10: branch_false: following ‘false’ branch (when ‘p == 0’)... dnsmasq-2.91/src/dnsmasq.c:2213:23: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2214:11: throw: if ‘read_write’ throws an exception... dnsmasq-2.91/src/dnsmasq.c:2214:11: danger: ‘pipefd[1]’ leaks here # 2212| /* See comment above re: netlink socket. */ # 2213| close(daemon->netlinkfd); # 2214|-> read_write(pipefd[1], &a, 1, RW_WRITE); # 2215| #endif # 2216| close(pipefd[0]); /* close read end in child. */ Error: GCC_ANALYZER_WARNING (CWE-775): [#def23] dnsmasq-2.91/src/dnsmasq.c:2216:11: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[0]’ dnsmasq-2.91/src/dnsmasq.c:2151:6: branch_true: following ‘true’ branch... dnsmasq-2.91/src/dnsmasq.c:2156:21: branch_true: ...to here dnsmasq-2.91/src/dnsmasq.c:2165:10: branch_false: following ‘false’ branch (when ‘i >= 0’)... dnsmasq-2.91/src/dnsmasq.c:2165:20: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2165:11: branch_false: following ‘false’ branch... dnsmasq-2.91/src/dnsmasq.c:2168:16: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2168:10: branch_false: following ‘false’ branch (when ‘p == 0’)... dnsmasq-2.91/src/dnsmasq.c:2213:23: branch_false: ...to here dnsmasq-2.91/src/dnsmasq.c:2216:11: throw: if ‘close’ throws an exception... dnsmasq-2.91/src/dnsmasq.c:2216:11: danger: ‘pipefd[0]’ leaks here # 2214| read_write(pipefd[1], &a, 1, RW_WRITE); # 2215| #endif # 2216|-> close(pipefd[0]); /* close read end in child. */ # 2217| daemon->pipe_to_parent = pipefd[1]; # 2218| } Error: GCC_ANALYZER_WARNING (CWE-457): [#def24] dnsmasq-2.91/src/edns0.c:297:12: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘encode[0]’ dnsmasq-2.91/src/edns0.c:546:8: enter_function: entry to ‘add_edns0_config’ dnsmasq-2.91/src/edns0.c:551:11: call_function: calling ‘add_mac’ from ‘add_edns0_config’ dnsmasq-2.91/src/edns0.c:551:11: return_function: returning to ‘add_edns0_config’ from ‘add_mac’ dnsmasq-2.91/src/edns0.c:552:10: call_function: calling ‘add_dns_client’ from ‘add_edns0_config’ # 295| # 296| if (replace != 0 || maclen == 6) # 297|-> plen = add_pseudoheader(header, plen, limit, EDNS0_OPTION_NOMDEVICEID, (unsigned char *)encode, strlen(encode), 0, replace); # 298| # 299| return plen; Error: COMPILER_WARNING: [#def25] dnsmasq-2.91/src/edns0.c: scope_hint: In function ‘add_umbrella_opt’ dnsmasq-2.91/src/edns0.c:512:30: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘unsigned char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (5 chars into 4 available) # 512 | struct umbrella_opt opt = {{"ODNS"}, UMBRELLA_VERSION, 0, {0}}; # | ^ # 510| *cacheable = 0; # 511| # 512|-> struct umbrella_opt opt = {{"ODNS"}, UMBRELLA_VERSION, 0, {0}}; # 513| u8 *u = &opt.fields[0]; # 514| int family = source->sa.sa_family; Error: GCC_ANALYZER_WARNING (CWE-775): [#def26] dnsmasq-2.91/src/network.c:1133:10: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘tcpfd’ dnsmasq-2.91/src/network.c:1177:6: enter_function: entry to ‘create_bound_listeners’ dnsmasq-2.91/src/network.c:1223:35: branch_true: following ‘true’ branch (when ‘if_tmp’ is non-NULL)... dnsmasq-2.91/src/network.c:1224:11: branch_true: ...to here dnsmasq-2.91/src/network.c:1225:16: call_function: calling ‘create_listeners’ from ‘create_bound_listeners’ # 1131| } # 1132| # 1133|-> return l; # 1134| } # 1135|
| analyzer-version-clippy | 1.92.0 |
| analyzer-version-cppcheck | 2.19.1 |
| analyzer-version-gcc | 16.0.0 |
| analyzer-version-gcc-analyzer | 16.0.0 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.92.0 |
| diffbase-analyzer-version-cppcheck | 2.19.1 |
| diffbase-analyzer-version-gcc | 16.0.0 |
| diffbase-analyzer-version-gcc-analyzer | 16.0.0 |
| diffbase-analyzer-version-shellcheck | 0.11.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-99.us-west-2.compute.internal |
| diffbase-known-false-positives | /usr/share/csmock/known-false-positives.js |
| diffbase-known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| diffbase-mock-config | fedora-rawhide-x86_64 |
| diffbase-project-name | dnsmasq-2.90-7.fc43 |
| diffbase-store-results-to | /tmp/tmp3ch2jhts/dnsmasq-2.90-7.fc43.tar.xz |
| diffbase-time-created | 2026-01-08 15:49:31 |
| diffbase-time-finished | 2026-01-08 15:51:36 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmp3ch2jhts/dnsmasq-2.90-7.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmp3ch2jhts/dnsmasq-2.90-7.fc43.src.rpm' |
| diffbase-tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-99.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | dnsmasq-2.91-1.fc44 |
| store-results-to | /tmp/tmpfuiv5rid/dnsmasq-2.91-1.fc44.tar.xz |
| time-created | 2026-01-08 15:51:54 |
| time-finished | 2026-01-08 15:54:16 |
| title | Newly introduced findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmpfuiv5rid/dnsmasq-2.91-1.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpfuiv5rid/dnsmasq-2.91-1.fc44.src.rpm' |
| tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |