Error: GCC_ANALYZER_WARNING (CWE-401): [#def1] dnsmasq-2.90/src/dnsmasq.c:1408:7: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’ dnsmasq-2.90/src/dnsmasq.c:1406:6: branch_true: following ‘true’ branch... dnsmasq-2.90/src/dnsmasq.c:1407:21: branch_true: ...to here dnsmasq-2.90/src/dnsmasq.c:1407:14: acquire_memory: allocated here dnsmasq-2.90/src/dnsmasq.c:1406:7: branch_true: following ‘true’ branch (when ‘buf’ is non-NULL)... dnsmasq-2.90/src/dnsmasq.c:1408:7: branch_true: ...to here dnsmasq-2.90/src/dnsmasq.c:1408:7: throw: if ‘read_write’ throws an exception... dnsmasq-2.90/src/dnsmasq.c:1408:7: danger: ‘buf’ leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2) # 1406| if (evp->msg_sz != 0 && # 1407| (buf = malloc(evp->msg_sz + 1)) && # 1408|-> read_write(fd, (unsigned char *)buf, evp->msg_sz, 1)) # 1409| { # 1410| buf[evp->msg_sz] = 0; Error: GCC_ANALYZER_WARNING (CWE-775): [#def2] dnsmasq-2.90/src/dnsmasq.c:1982:19: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[0]’ dnsmasq-2.90/src/dnsmasq.c:2138:5: enter_function: entry to ‘delay_dhcp’ dnsmasq-2.90/src/dnsmasq.c:2161:8: branch_true: following ‘true’ branch... dnsmasq-2.90/src/dnsmasq.c:2188:10: branch_true: following ‘true’ branch... dnsmasq-2.90/src/dnsmasq.c:2189:9: branch_true: ...to here dnsmasq-2.90/src/dnsmasq.c:2189:9: call_function: calling ‘check_dns_listeners’ from ‘delay_dhcp’ # 1980| # 1981| unsigned char a; # 1982|-> read_write(pipefd[0], &a, 1, 1); # 1983| #endif # 1984| Error: GCC_ANALYZER_WARNING (CWE-775): [#def3] dnsmasq-2.90/src/dnsmasq.c:2025:19: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[0]’ dnsmasq-2.90/src/dnsmasq.c:2138:5: enter_function: entry to ‘delay_dhcp’ dnsmasq-2.90/src/dnsmasq.c:2161:8: branch_true: following ‘true’ branch... dnsmasq-2.90/src/dnsmasq.c:2188:10: branch_true: following ‘true’ branch... dnsmasq-2.90/src/dnsmasq.c:2189:9: branch_true: ...to here dnsmasq-2.90/src/dnsmasq.c:2189:9: call_function: calling ‘check_dns_listeners’ from ‘delay_dhcp’ # 2023| # 2024| close(daemon->netlinkfd); # 2025|-> read_write(pipefd[1], &a, 1, 0); # 2026| #endif # 2027| alarm(CHILD_LIFETIME); Error: GCC_ANALYZER_WARNING (CWE-775): [#def4] dnsmasq-2.90/src/dnsmasq.c:2025:19: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[1]’ dnsmasq-2.90/src/dnsmasq.c:2138:5: enter_function: entry to ‘delay_dhcp’ dnsmasq-2.90/src/dnsmasq.c:2161:8: branch_true: following ‘true’ branch... dnsmasq-2.90/src/dnsmasq.c:2188:10: branch_true: following ‘true’ branch... dnsmasq-2.90/src/dnsmasq.c:2189:9: branch_true: ...to here dnsmasq-2.90/src/dnsmasq.c:2189:9: call_function: calling ‘check_dns_listeners’ from ‘delay_dhcp’ # 2023| # 2024| close(daemon->netlinkfd); # 2025|-> read_write(pipefd[1], &a, 1, 0); # 2026| #endif # 2027| alarm(CHILD_LIFETIME); Error: GCC_ANALYZER_WARNING (CWE-775): [#def5] dnsmasq-2.90/src/dnsmasq.c:2025:19: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[auth_dns]’ dnsmasq-2.90/src/dnsmasq.c:2138:5: enter_function: entry to ‘delay_dhcp’ dnsmasq-2.90/src/dnsmasq.c:2161:8: branch_true: following ‘true’ branch... dnsmasq-2.90/src/dnsmasq.c:2188:10: branch_true: following ‘true’ branch... dnsmasq-2.90/src/dnsmasq.c:2189:9: branch_true: ...to here dnsmasq-2.90/src/dnsmasq.c:2189:9: call_function: calling ‘check_dns_listeners’ from ‘delay_dhcp’ # 2023| # 2024| close(daemon->netlinkfd); # 2025|-> read_write(pipefd[1], &a, 1, 0); # 2026| #endif # 2027| alarm(CHILD_LIFETIME); Error: GCC_ANALYZER_WARNING (CWE-457): [#def6] dnsmasq-2.90/src/dnsmasq.c:2025:19: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘pipefd[1]’ dnsmasq-2.90/src/dnsmasq.c:2138:5: enter_function: entry to ‘delay_dhcp’ dnsmasq-2.90/src/dnsmasq.c:2161:8: branch_true: following ‘true’ branch... dnsmasq-2.90/src/dnsmasq.c:2188:10: branch_true: following ‘true’ branch... dnsmasq-2.90/src/dnsmasq.c:2189:9: branch_true: ...to here dnsmasq-2.90/src/dnsmasq.c:2189:9: call_function: calling ‘check_dns_listeners’ from ‘delay_dhcp’ # 2023| # 2024| close(daemon->netlinkfd); # 2025|-> read_write(pipefd[1], &a, 1, 0); # 2026| #endif # 2027| alarm(CHILD_LIFETIME); Error: GCC_ANALYZER_WARNING (CWE-404): [#def7] dnsmasq-2.90/src/rfc1035.c:1477:19: warning[-Wanalyzer-va-list-leak]: missing call to ‘va_end’ dnsmasq-2.90/src/rfc1035.c:1400:3: acquire_resource: ‘va_start’ called here dnsmasq-2.90/src/rfc1035.c:1405:6: branch_true: following ‘true’ branch (when ‘nameoffset > 0’)... dnsmasq-2.90/src/rfc1035.c:1407:7: branch_true: ...to here dnsmasq-2.90/src/rfc1035.c:1438:10: branch_true: following ‘true’ branch... dnsmasq-2.90/src/rfc1035.c:1439:5: branch_true: ...to here dnsmasq-2.90/src/rfc1035.c:1475:12: branch_false: following ‘false’ branch (when ‘offset’ is NULL)... dnsmasq-2.90/src/rfc1035.c:1477:19: branch_false: ...to here dnsmasq-2.90/src/rfc1035.c:1477:19: throw: if ‘do_rfc1035_name’ throws an exception... dnsmasq-2.90/src/rfc1035.c:1477:19: danger: missing call to ‘va_end’ to match ‘va_start’ at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0) # 1475| if (offset) # 1476| *offset = p - (unsigned char *)header; # 1477|-> if (!(p = do_rfc1035_name(p, va_arg(ap, char *), limit))) # 1478| goto truncated; # 1479| CHECK_LIMIT(1);
| analyzer-version-clippy | 1.92.0 |
| analyzer-version-cppcheck | 2.19.1 |
| analyzer-version-gcc | 16.0.0 |
| analyzer-version-gcc-analyzer | 16.0.0 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.92.0 |
| diffbase-analyzer-version-cppcheck | 2.19.1 |
| diffbase-analyzer-version-gcc | 16.0.0 |
| diffbase-analyzer-version-gcc-analyzer | 16.0.0 |
| diffbase-analyzer-version-shellcheck | 0.11.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-99.us-west-2.compute.internal |
| diffbase-known-false-positives | /usr/share/csmock/known-false-positives.js |
| diffbase-known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| diffbase-mock-config | fedora-rawhide-x86_64 |
| diffbase-project-name | dnsmasq-2.91-1.fc44 |
| diffbase-store-results-to | /tmp/tmpfuiv5rid/dnsmasq-2.91-1.fc44.tar.xz |
| diffbase-time-created | 2026-01-08 15:51:54 |
| diffbase-time-finished | 2026-01-08 15:54:16 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmpfuiv5rid/dnsmasq-2.91-1.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpfuiv5rid/dnsmasq-2.91-1.fc44.src.rpm' |
| diffbase-tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-99.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | dnsmasq-2.90-7.fc43 |
| store-results-to | /tmp/tmp3ch2jhts/dnsmasq-2.90-7.fc43.tar.xz |
| time-created | 2026-01-08 15:49:31 |
| time-finished | 2026-01-08 15:51:36 |
| title | Fixed findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmp3ch2jhts/dnsmasq-2.90-7.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmp3ch2jhts/dnsmasq-2.90-7.fc43.src.rpm' |
| tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |