Error: GCC_ANALYZER_WARNING (CWE-416): [#def1] ed-1.22.4/buffer.c:69:26: warning[-Wanalyzer-use-after-free]: use after ‘free’ of ‘yank_buffer_head.q_forw’ ed-1.22.4/buffer.c:510:6: enter_function: entry to ‘yank_lines’ ed-1.22.4/buffer.c:516:3: call_function: calling ‘clear_yank_buffer’ from ‘yank_lines’ ed-1.22.4/buffer.c:516:3: return_function: returning to ‘yank_lines’ from ‘clear_yank_buffer’ ed-1.22.4/buffer.c:517:10: branch_true: following ‘true’ branch... ed-1.22.4/buffer.c:519:5: branch_true: ...to here ed-1.22.4/buffer.c:520:21: call_function: calling ‘dup_line_node’ from ‘yank_lines’ ed-1.22.4/buffer.c:520:21: return_function: returning to ‘yank_lines’ from ‘dup_line_node’ ed-1.22.4/buffer.c:521:7: branch_false: following ‘false’ branch... ed-1.22.4/buffer.c:522:5: call_function: inlined call to ‘insert_node’ from ‘yank_lines’ # 67| /* link next and previous nodes */ # 68| static void link_nodes( line_node * const prev, line_node * const next ) # 69|-> { prev->q_forw = next; next->q_back = prev; } # 70| # 71| Error: GCC_ANALYZER_WARNING (CWE-401): [#def2] ed-1.22.4/buffer.c:90:28: warning[-Wanalyzer-malloc-leak]: leak of ‘dup_line_node(lp)’ ed-1.22.4/buffer.c:412:6: enter_function: entry to ‘put_lines’ ed-1.22.4/buffer.c:417:5: branch_false: following ‘false’ branch... ed-1.22.4/buffer.c:419:3: branch_false: ...to here ed-1.22.4/buffer.c:420:10: branch_true: following ‘true’ branch... ed-1.22.4/buffer.c:422:9: call_function: inlined call to ‘too_many_lines’ from ‘put_lines’ ed-1.22.4/buffer.c:423:5: branch_true: ...to here ed-1.22.4/buffer.c:424:21: call_function: calling ‘dup_line_node’ from ‘put_lines’ ed-1.22.4/buffer.c:424:21: return_function: returning to ‘put_lines’ from ‘dup_line_node’ ed-1.22.4/buffer.c:425:7: branch_false: following ‘false’ branch... ed-1.22.4/buffer.c:426:5: branch_false: ...to here ed-1.22.4/buffer.c:426:5: call_function: calling ‘add_line_node’ from ‘put_lines’ # 88| static void add_line_node( line_node * const lp ) # 89| { # 90|-> line_node * const prev = search_line_node( current_addr_ ); # 91| insert_node( lp, prev ); # 92| ++current_addr_; Error: GCC_ANALYZER_WARNING (CWE-401): [#def3] ed-1.22.4/buffer.c:475:3: warning[-Wanalyzer-malloc-leak]: leak of ‘dup_line_node(0)’ ed-1.22.4/buffer.c:446:14: enter_function: entry to ‘put_sbuf_line’ ed-1.22.4/buffer.c:449:5: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)... ed-1.22.4/buffer.c:452:19: branch_false: ...to here ed-1.22.4/buffer.c:453:7: call_function: inlined call to ‘too_many_lines’ from ‘put_sbuf_line’ ed-1.22.4/buffer.c:455:7: branch_true: ...to here ed-1.22.4/buffer.c:466:5: branch_false: following ‘false’ branch... ed-1.22.4/buffer.c:473:20: branch_false: ...to here ed-1.22.4/buffer.c:473:20: call_function: calling ‘dup_line_node’ from ‘put_sbuf_line’ ed-1.22.4/buffer.c:473:20: return_function: returning to ‘put_sbuf_line’ from ‘dup_line_node’ ed-1.22.4/buffer.c:474:5: branch_false: following ‘false’ branch... ed-1.22.4/buffer.c:475:3: branch_false: ...to here ed-1.22.4/buffer.c:476:3: call_function: calling ‘add_line_node’ from ‘put_sbuf_line’ # 473| line_node * lp = dup_line_node( 0 ); # 474| if( !lp ) return 0; # 475|-> lp->pos = sfpos; lp->len = len; # 476| add_line_node( lp ); # 477| sfpos += len; /* update file position */ Error: GCC_ANALYZER_WARNING (CWE-457): [#def4] ed-1.22.4/carg_parser.c:109:3: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘s2’ ed-1.22.4/carg_parser.c:226:6: enter_function: entry to ‘ap_init’ ed-1.22.4/carg_parser.c:239:5: branch_false: following ‘false’ branch... ed-1.22.4/carg_parser.c:241:10: branch_true: following ‘true’ branch... ed-1.22.4/carg_parser.c:243:35: branch_true: ...to here ed-1.22.4/carg_parser.c:246:7: branch_true: following ‘true’ branch... ed-1.22.4/carg_parser.c:246:9: branch_true: ...to here ed-1.22.4/carg_parser.c:250:32: branch_false: following ‘false’ branch... ed-1.22.4/carg_parser.c:251:9: branch_false: ...to here ed-1.22.4/carg_parser.c:251:9: branch_false: following ‘false’ branch (when ‘ch2 != 45’)... ed-1.22.4/carg_parser.c:256:17: branch_false: ...to here ed-1.22.4/carg_parser.c:256:17: call_function: calling ‘parse_short_option’ from ‘ap_init’ # 107| ap->error = (char *)tmp; # 108| memcpy( ap->error, s1, l1 ); # 109|-> memcpy( ap->error + l1, s2, l2 ); # 110| memcpy( ap->error + l1 + l2, s3, l3 + 1 ); # 111| return 1; Error: GCC_ANALYZER_WARNING (CWE-131): [#def5] ed-1.22.4/global.c:73:5: warning[-Wanalyzer-allocation-size]: allocated buffer size is not a multiple of the pointee's size ed-1.22.4/global.c:59:5: branch_true: following ‘true’ branch... ed-1.22.4/global.c:61:7: branch_true: ...to here ed-1.22.4/global.c:61:7: branch_false: following ‘false’ branch (when ‘min_size <= 2147483646’)... ed-1.22.4/global.c:63:26: branch_false: ...to here ed-1.22.4/global.c:67:7: branch_true: following ‘true’ branch... ed-1.22.4/global.c:67:33: branch_true: ...to here ed-1.22.4/global.c:69:7: branch_false: following ‘false’ branch (when ‘new_buf’ is non-NULL)... ed-1.22.4/global.c:72:5: branch_false: ...to here ed-1.22.4/global.c:73:5: danger: allocated ‘(const int)active_size’ bytes and assigned to ‘const line_node **’ here; ‘sizeof (const line_node *)’ is ‘8’ # 71| set_error_msg( mem_msg ); enable_interrupts(); return false; } # 72| active_size = new_size; # 73|-> active_list = (const line_node **)new_buf; # 74| enable_interrupts(); # 75| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def6] ed-1.22.4/io.c:39:33: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’ ed-1.22.4/io.c:288:5: enter_function: entry to ‘read_file’ ed-1.22.4/io.c:294:5: branch_true: following ‘true’ branch... ed-1.22.4/io.c:294:31: branch_true: ...to here ed-1.22.4/io.c:294:31: acquire_memory: allocated here ed-1.22.4/io.c:298:5: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)... ed-1.22.4/io.c:301:21: branch_false: ...to here ed-1.22.4/io.c:301:21: call_function: calling ‘read_stream’ from ‘read_file’ # 37| static bool unterminated_last_line( void ) # 38| { return unterminated_line != 0 && # 39|-> unterminated_line == search_line_node( last_addr() ); } # 40| # 41| Error: GCC_ANALYZER_WARNING (CWE-401): [#def7] ed-1.22.4/io.c:39:51: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’ ed-1.22.4/io.c:288:5: enter_function: entry to ‘read_file’ ed-1.22.4/io.c:294:5: branch_true: following ‘true’ branch... ed-1.22.4/io.c:294:31: branch_true: ...to here ed-1.22.4/io.c:294:31: acquire_memory: allocated here ed-1.22.4/io.c:298:5: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)... ed-1.22.4/io.c:301:21: branch_false: ...to here ed-1.22.4/io.c:301:21: call_function: calling ‘read_stream’ from ‘read_file’ # 37| static bool unterminated_last_line( void ) # 38| { return unterminated_line != 0 && # 39|-> unterminated_line == search_line_node( last_addr() ); } # 40| # 41| Error: GCC_ANALYZER_WARNING (CWE-401): [#def8] ed-1.22.4/io.c:209:10: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’ ed-1.22.4/io.c:288:5: enter_function: entry to ‘read_file’ ed-1.22.4/io.c:294:5: branch_true: following ‘true’ branch... ed-1.22.4/io.c:294:31: branch_true: ...to here ed-1.22.4/io.c:294:31: acquire_memory: allocated here ed-1.22.4/io.c:298:5: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)... ed-1.22.4/io.c:301:21: branch_false: ...to here ed-1.22.4/io.c:301:21: call_function: calling ‘read_stream’ from ‘read_file’ # 207| while( true ) # 208| { # 209|-> if( !resize_buffer( &buf, &bufsz, i + 2 ) ) return 0; # 210| c = getc( fp ); if( c == EOF ) break; # 211| buf[i++] = c; Error: GCC_ANALYZER_WARNING (CWE-401): [#def9] ed-1.22.4/io.c:212:18: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’ ed-1.22.4/io.c:288:5: enter_function: entry to ‘read_file’ ed-1.22.4/io.c:294:5: branch_true: following ‘true’ branch... ed-1.22.4/io.c:294:31: branch_true: ...to here ed-1.22.4/io.c:294:31: acquire_memory: allocated here ed-1.22.4/io.c:298:5: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)... ed-1.22.4/io.c:301:21: branch_false: ...to here ed-1.22.4/io.c:301:21: call_function: calling ‘read_stream’ from ‘read_file’ # 210| c = getc( fp ); if( c == EOF ) break; # 211| buf[i++] = c; # 212|-> if( c == 0 ) set_binary(); # 213| else if( c == '\n' ) /* remove CR only from CR/LF pairs */ # 214| { if( strip_cr() && i > 1 && buf[i-2] == '\r' ) { buf[i-2] = '\n'; --i; } Error: GCC_ANALYZER_WARNING (CWE-401): [#def10] ed-1.22.4/io.c:243:20: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’ ed-1.22.4/io.c:288:5: enter_function: entry to ‘read_file’ ed-1.22.4/io.c:294:5: branch_true: following ‘true’ branch... ed-1.22.4/io.c:294:31: branch_true: ...to here ed-1.22.4/io.c:294:31: acquire_memory: allocated here ed-1.22.4/io.c:298:5: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)... ed-1.22.4/io.c:301:21: branch_false: ...to here ed-1.22.4/io.c:301:21: call_function: calling ‘read_stream’ from ‘read_file’ # 241| const int addr ) # 242| { # 243|-> line_node * lp = search_line_node( addr ); # 244| undo_atom * up = 0; # 245| long total_size = 0; /* number of bytes read */ Error: GCC_ANALYZER_WARNING (CWE-401): [#def11] ed-1.22.4/io.c:246:27: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’ ed-1.22.4/io.c:288:5: enter_function: entry to ‘read_file’ ed-1.22.4/io.c:294:5: branch_true: following ‘true’ branch... ed-1.22.4/io.c:294:31: branch_true: ...to here ed-1.22.4/io.c:294:31: acquire_memory: allocated here ed-1.22.4/io.c:298:5: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)... ed-1.22.4/io.c:301:21: branch_false: ...to here ed-1.22.4/io.c:301:21: call_function: calling ‘read_stream’ from ‘read_file’ # 244| undo_atom * up = 0; # 245| long total_size = 0; /* number of bytes read */ # 246|-> const bool o_isbinary = isbinary(); # 247| const bool appended = ( addr == last_addr() ); # 248| const bool o_unterminated_last_line = unterminated_last_line(); Error: GCC_ANALYZER_WARNING (CWE-401): [#def12] ed-1.22.4/io.c:247:35: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’ ed-1.22.4/io.c:288:5: enter_function: entry to ‘read_file’ ed-1.22.4/io.c:294:5: branch_true: following ‘true’ branch... ed-1.22.4/io.c:294:31: branch_true: ...to here ed-1.22.4/io.c:294:31: acquire_memory: allocated here ed-1.22.4/io.c:298:5: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)... ed-1.22.4/io.c:301:21: branch_false: ...to here ed-1.22.4/io.c:301:21: call_function: calling ‘read_stream’ from ‘read_file’ # 245| long total_size = 0; /* number of bytes read */ # 246| const bool o_isbinary = isbinary(); # 247|-> const bool appended = ( addr == last_addr() ); # 248| const bool o_unterminated_last_line = unterminated_last_line(); # 249| bool newline_added = false; Error: GCC_ANALYZER_WARNING (CWE-401): [#def13] ed-1.22.4/io.c:251:3: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’ ed-1.22.4/io.c:288:5: enter_function: entry to ‘read_file’ ed-1.22.4/io.c:294:5: branch_true: following ‘true’ branch... ed-1.22.4/io.c:294:31: branch_true: ...to here ed-1.22.4/io.c:294:31: acquire_memory: allocated here ed-1.22.4/io.c:298:5: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)... ed-1.22.4/io.c:301:21: branch_false: ...to here ed-1.22.4/io.c:301:21: call_function: calling ‘read_stream’ from ‘read_file’ # 249| bool newline_added = false; # 250| # 251|-> set_current_addr( addr ); # 252| while( true ) # 253| { Error: GCC_ANALYZER_WARNING (CWE-775): [#def14] ed-1.22.4/io.c:296:62: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(filename, "r")’ ed-1.22.4/io.c:294:5: branch_false: following ‘false’ branch... ed-1.22.4/io.c:295:20: branch_false: ...to here ed-1.22.4/io.c:295:10: branch_true: following ‘true’ branch... ed-1.22.4/io.c:296:19: acquire_resource: opened here ed-1.22.4/io.c:295:12: branch_true: following ‘true’ branch... ed-1.22.4/io.c:295:12: branch_true: ...to here ed-1.22.4/io.c:295:12: branch_true: following ‘true’ branch (when ‘read_onlyp’ is non-NULL)... ed-1.22.4/io.c:296:62: branch_true: ...to here ed-1.22.4/io.c:296:62: throw: if ‘modified’ throws an exception... ed-1.22.4/io.c:296:62: danger: ‘fopen(filename, "r")’ leaks here; was opened at [(5)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/4) # 294| if( *filename == '!' ) fp = popen( filename + 1, "r" ); # 295| else if( !( fp = fopen( filename, "r+" ) ) && errno != ENOENT && # 296|-> ( fp = fopen( filename, "r" ) ) && read_onlyp && !modified() ) # 297| *read_onlyp = true; # 298| if( !fp ) Error: GCC_ANALYZER_WARNING (CWE-401): [#def15] ed-1.22.4/io.c:296:62: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "r")’ ed-1.22.4/io.c:294:5: branch_false: following ‘false’ branch... ed-1.22.4/io.c:295:20: branch_false: ...to here ed-1.22.4/io.c:295:10: branch_true: following ‘true’ branch... ed-1.22.4/io.c:296:19: acquire_memory: allocated here ed-1.22.4/io.c:295:12: branch_true: following ‘true’ branch... ed-1.22.4/io.c:295:12: branch_true: ...to here ed-1.22.4/io.c:295:12: branch_true: following ‘true’ branch (when ‘read_onlyp’ is non-NULL)... ed-1.22.4/io.c:296:62: branch_true: ...to here ed-1.22.4/io.c:296:62: throw: if ‘modified’ throws an exception... ed-1.22.4/io.c:296:62: danger: ‘fopen(filename, "r")’ leaks here; was allocated at [(5)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/4) # 294| if( *filename == '!' ) fp = popen( filename + 1, "r" ); # 295| else if( !( fp = fopen( filename, "r+" ) ) && errno != ENOENT && # 296|-> ( fp = fopen( filename, "r" ) ) && read_onlyp && !modified() ) # 297| *read_onlyp = true; # 298| if( !fp ) Error: GCC_ANALYZER_WARNING (CWE-401): [#def16] ed-1.22.4/io.c:318:20: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’ ed-1.22.4/io.c:346:5: enter_function: entry to ‘write_file’ ed-1.22.4/io.c:352:5: branch_true: following ‘true’ branch... ed-1.22.4/io.c:352:31: branch_true: ...to here ed-1.22.4/io.c:352:31: acquire_memory: allocated here ed-1.22.4/io.c:354:5: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)... ed-1.22.4/io.c:357:21: branch_false: ...to here ed-1.22.4/io.c:357:21: call_function: calling ‘write_stream’ from ‘write_file’ # 316| int from, const int to ) # 317| { # 318|-> line_node * lp = search_line_node( from ); # 319| long size = 0; /* number of bytes written */ # 320| Error: GCC_ANALYZER_WARNING (CWE-401): [#def17] ed-1.22.4/io.c:324:16: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’ ed-1.22.4/io.c:346:5: enter_function: entry to ‘write_file’ ed-1.22.4/io.c:352:5: branch_true: following ‘true’ branch... ed-1.22.4/io.c:352:31: branch_true: ...to here ed-1.22.4/io.c:352:31: acquire_memory: allocated here ed-1.22.4/io.c:354:5: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)... ed-1.22.4/io.c:357:21: branch_false: ...to here ed-1.22.4/io.c:357:21: call_function: calling ‘write_stream’ from ‘write_file’ # 322| { # 323| int len; # 324|-> char * p = get_sbuf_line( lp ); # 325| if( !p ) return -1; # 326| len = lp->len; Error: GCC_ANALYZER_WARNING (CWE-401): [#def18] ed-1.22.4/io.c:327:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’ ed-1.22.4/io.c:346:5: enter_function: entry to ‘write_file’ ed-1.22.4/io.c:352:5: branch_true: following ‘true’ branch... ed-1.22.4/io.c:352:31: branch_true: ...to here ed-1.22.4/io.c:352:31: acquire_memory: allocated here ed-1.22.4/io.c:354:5: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)... ed-1.22.4/io.c:357:21: branch_false: ...to here ed-1.22.4/io.c:357:21: call_function: calling ‘write_stream’ from ‘write_file’ # 325| if( !p ) return -1; # 326| len = lp->len; # 327|-> if( from != last_addr() || !isbinary() || !unterminated_last_line() ) # 328| p[len++] = '\n'; # 329| size += len; Error: GCC_ANALYZER_WARNING (CWE-401): [#def19] ed-1.22.4/io.c:327:33: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’ ed-1.22.4/io.c:346:5: enter_function: entry to ‘write_file’ ed-1.22.4/io.c:352:5: branch_true: following ‘true’ branch... ed-1.22.4/io.c:352:31: branch_true: ...to here ed-1.22.4/io.c:352:31: acquire_memory: allocated here ed-1.22.4/io.c:354:5: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)... ed-1.22.4/io.c:357:21: branch_false: ...to here ed-1.22.4/io.c:357:21: call_function: calling ‘write_stream’ from ‘write_file’ # 325| if( !p ) return -1; # 326| len = lp->len; # 327|-> if( from != last_addr() || !isbinary() || !unterminated_last_line() ) # 328| p[len++] = '\n'; # 329| size += len;
| analyzer-version-clippy | 1.92.0 |
| analyzer-version-cppcheck | 2.19.1 |
| analyzer-version-gcc | 16.0.0 |
| analyzer-version-gcc-analyzer | 16.0.0 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-103.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | ed-1.22.4-1.fc44 |
| store-results-to | /tmp/tmph4dxhdj_/ed-1.22.4-1.fc44.tar.xz |
| time-created | 2026-01-08 16:00:54 |
| time-finished | 2026-01-08 16:02:03 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmph4dxhdj_/ed-1.22.4-1.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmph4dxhdj_/ed-1.22.4-1.fc44.src.rpm' |
| tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |