erofs-utils-1.8.10-3.fc44

List of Findings

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1]
erofs-utils-1.8.10/contrib/stress.c:127:9: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(subpath)’
erofs-utils-1.8.10/contrib/stress.c:763:5: enter_function: entry to ‘main’
erofs-utils-1.8.10/contrib/stress.c:770:12: branch_false: following ‘false’ branch...
erofs-utils-1.8.10/contrib/stress.c:776:15: branch_false: ...to here
erofs-utils-1.8.10/contrib/stress.c:776:15: call_function: calling ‘init_filetable’ from ‘main’
#  125|   	}
#  126|   	fep = &ftp->fents[ftp->nfiles++];
#  127|-> 	fep->subpath = strdup(subpath);
#  128|   	fep->fd = -1;
#  129|   	fep->chkfd = -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def2]
erofs-utils-1.8.10/contrib/stress.c:164:22: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(dirpath)’
erofs-utils-1.8.10/contrib/stress.c:763:5: enter_function: entry to ‘main’
erofs-utils-1.8.10/contrib/stress.c:770:12: branch_false: following ‘false’ branch...
erofs-utils-1.8.10/contrib/stress.c:776:15: branch_false: ...to here
erofs-utils-1.8.10/contrib/stress.c:776:15: call_function: calling ‘init_filetable’ from ‘main’
#  162|   		 */
#  163|   		errno = 0;
#  164|-> 		dp = readdir(_dir);
#  165|   		if (!dp)
#  166|   			break;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def3]
erofs-utils-1.8.10/contrib/stress.c:759:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘freq_table’
erofs-utils-1.8.10/contrib/stress.c:753:22: acquire_memory: this call could return NULL
erofs-utils-1.8.10/contrib/stress.c:755:30: branch_true: following ‘true’ branch...
erofs-utils-1.8.10/contrib/stress.c:756:21: branch_true: ...to here
erofs-utils-1.8.10/contrib/stress.c:758:29: branch_true: following ‘true’ branch...
erofs-utils-1.8.10/contrib/stress.c:759:43: branch_true: ...to here
erofs-utils-1.8.10/contrib/stress.c:759:25: danger: ‘malloc((long unsigned int)f * 4) + (long unsigned int)i * 4’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#  757|   			continue;
#  758|   		for (f = 0; f < p->freq; f++, i++)
#  759|-> 			freq_table[i] = p - ops;
#  760|   	}
#  761|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def4]
erofs-utils-1.8.10/dump/main.c:707:23: warning[-Wanalyzer-malloc-leak]: leak of ‘buffer_ptr’
erofs-utils-1.8.10/dump/main.c:684:20: branch_false: following ‘false’ branch...
erofs-utils-1.8.10/dump/main.c:696:23: branch_false: ...to here
erofs-utils-1.8.10/dump/main.c:697:22: acquire_memory: allocated here
erofs-utils-1.8.10/dump/main.c:698:12: branch_false: following ‘false’ branch (when ‘buffer_ptr’ is non-NULL)...
erofs-utils-1.8.10/dump/main.c:703:9: branch_false: ...to here
erofs-utils-1.8.10/dump/main.c:705:16: branch_true: following ‘true’ branch (when ‘pending_size != 0’)...
erofs-utils-1.8.10/dump/main.c:706:17: branch_true: ...to here
erofs-utils-1.8.10/dump/main.c:707:23: throw: if ‘erofs_pread’ throws an exception...
erofs-utils-1.8.10/dump/main.c:707:23: danger: ‘buffer_ptr’ leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#  705|   	while (pending_size > 0) {
#  706|   		read_size = pending_size > buffer_size? buffer_size: pending_size;
#  707|-> 		err = erofs_pread(&inode, buffer_ptr, read_size, read_offset);
#  708|   		if (err) {
#  709|   			erofs_err("read file failed @ nid %llu", inode.nid | 0ULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def5]
erofs-utils-1.8.10/dump/main.c:716:9: warning[-Wanalyzer-malloc-leak]: leak of ‘buffer_ptr’
erofs-utils-1.8.10/dump/main.c:684:20: branch_false: following ‘false’ branch...
erofs-utils-1.8.10/dump/main.c:696:23: branch_false: ...to here
erofs-utils-1.8.10/dump/main.c:697:22: acquire_memory: allocated here
erofs-utils-1.8.10/dump/main.c:698:12: branch_false: following ‘false’ branch (when ‘buffer_ptr’ is non-NULL)...
erofs-utils-1.8.10/dump/main.c:703:9: branch_false: ...to here
erofs-utils-1.8.10/dump/main.c:705:16: branch_false: following ‘false’ branch (when ‘pending_size == 0’)...
erofs-utils-1.8.10/dump/main.c:716:9: branch_false: ...to here
erofs-utils-1.8.10/dump/main.c:716:9: throw: if ‘fflush’ throws an exception...
erofs-utils-1.8.10/dump/main.c:716:9: danger: ‘buffer_ptr’ leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#  714|   		fwrite(buffer_ptr, read_size, 1, stdout);
#  715|   	}
#  716|-> 	fflush(stdout);
#  717|   
#  718|   out:

Error: GCC_ANALYZER_WARNING (CWE-415): [#def6]
erofs-utils-1.8.10/fsck/main.c:580:45: warning[-Wanalyzer-double-free]: double-‘free’ of ‘buffer’
erofs-utils-1.8.10/fsck/main.c:951:12: enter_function: entry to ‘erofsfsck_check_inode’
erofs-utils-1.8.10/fsck/main.c:958:12: branch_false: following ‘false’ branch...
erofs-utils-1.8.10/fsck/main.c:965:15: branch_false: ...to here
erofs-utils-1.8.10/fsck/main.c:965:12: branch_true: following ‘true’ branch...
erofs-utils-1.8.10/fsck/main.c:972:15: call_function: calling ‘erofsfsck_extract_inode’ from ‘erofsfsck_check_inode’
#  578|   
#  579|   				buffer_size = map.m_llen;
#  580|-> 				newbuffer = realloc(buffer, buffer_size);
#  581|   				if (!newbuffer) {
#  582|   					ret = -ENOMEM;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def7]
erofs-utils-1.8.10/fsck/main.c:587:31: warning[-Wanalyzer-malloc-leak]: leak of ‘raw’
erofs-utils-1.8.10/fsck/main.c:951:12: enter_function: entry to ‘erofsfsck_check_inode’
erofs-utils-1.8.10/fsck/main.c:958:12: branch_false: following ‘false’ branch...
erofs-utils-1.8.10/fsck/main.c:965:15: branch_false: ...to here
erofs-utils-1.8.10/fsck/main.c:965:12: branch_true: following ‘true’ branch...
erofs-utils-1.8.10/fsck/main.c:972:15: call_function: calling ‘erofsfsck_extract_inode’ from ‘erofsfsck_check_inode’
#  585|   				buffer = newbuffer;
#  586|   			}
#  587|-> 			ret = z_erofs_read_one_data(inode, &map, raw, buffer,
#  588|   						    0, map.m_llen, false);
#  589|   			if (ret)

Error: CPPCHECK_WARNING (CWE-401): [#def8]
erofs-utils-1.8.10/fsck/main.c:707: error[memleak]: Memory leak: entry
#  705|   	list_add_tail(&entry->list,
#  706|   		      &erofsfsck_link_hashtable[nid % NR_HARDLINK_HASHTABLE]);
#  707|-> 	return 0;
#  708|   }
#  709|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def9]
erofs-utils-1.8.10/fuse/main.c:190:15: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
erofs-utils-1.8.10/fuse/main.c:173:15: acquire_memory: allocated here
erofs-utils-1.8.10/fuse/main.c:174:12: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
erofs-utils-1.8.10/fuse/main.c:178:9: branch_false: ...to here
erofs-utils-1.8.10/fuse/main.c:190:15: throw: if ‘erofs_iterate_dir’ throws an exception...
erofs-utils-1.8.10/fuse/main.c:190:15: danger: ‘buf’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  188|   
#  189|   #ifdef NDEBUG
#  190|-> 	ret = erofs_iterate_dir(&ctx.ctx, false);
#  191|   #else
#  192|   	ret = erofs_iterate_dir(&ctx.ctx, true);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def10]
erofs-utils-1.8.10/fuse/main.c:242:15: warning[-Wanalyzer-malloc-leak]: leak of ‘vi’
erofs-utils-1.8.10/fuse/main.c:234:14: acquire_memory: allocated here
erofs-utils-1.8.10/fuse/main.c:235:12: branch_false: following ‘false’ branch (when ‘vi’ is non-NULL)...
erofs-utils-1.8.10/fuse/main.c:240:9: branch_false: ...to here
erofs-utils-1.8.10/fuse/main.c:242:15: throw: if ‘erofs_read_inode_from_disk’ throws an exception...
erofs-utils-1.8.10/fuse/main.c:242:15: danger: ‘vi’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  240|   	vi->sbi = &g_sbi;
#  241|   	vi->nid = erofsfuse_to_nid(ino);
#  242|-> 	ret = erofs_read_inode_from_disk(vi);
#  243|   	if (ret < 0) {
#  244|   		fuse_reply_err(req, -ret);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def11]
erofs-utils-1.8.10/fuse/main.c:292:15: warning[-Wanalyzer-malloc-leak]: leak of ‘vi’
erofs-utils-1.8.10/fuse/main.c:284:14: acquire_memory: allocated here
erofs-utils-1.8.10/fuse/main.c:285:12: branch_false: following ‘false’ branch (when ‘vi’ is non-NULL)...
erofs-utils-1.8.10/fuse/main.c:290:9: branch_false: ...to here
erofs-utils-1.8.10/fuse/main.c:292:15: throw: if ‘erofs_read_inode_from_disk’ throws an exception...
erofs-utils-1.8.10/fuse/main.c:292:15: danger: ‘vi’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#  290|   	vi->sbi = &g_sbi;
#  291|   	vi->nid = erofsfuse_to_nid(ino);
#  292|-> 	ret = erofs_read_inode_from_disk(vi);
#  293|   	if (ret < 0) {
#  294|   		fuse_reply_err(req, -ret);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def12]
erofs-utils-1.8.10/fuse/main.c:335:15: warning[-Wanalyzer-malloc-leak]: leak of ‘vi’
erofs-utils-1.8.10/fuse/main.c:327:14: acquire_memory: allocated here
erofs-utils-1.8.10/fuse/main.c:328:12: branch_false: following ‘false’ branch (when ‘vi’ is non-NULL)...
erofs-utils-1.8.10/fuse/main.c:333:9: branch_false: ...to here
erofs-utils-1.8.10/fuse/main.c:335:15: throw: if ‘erofs_read_inode_from_disk’ throws an exception...
erofs-utils-1.8.10/fuse/main.c:335:15: danger: ‘vi’ leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
#  333|   	vi->sbi = &g_sbi;
#  334|   	vi->nid = erofsfuse_to_nid(parent);
#  335|-> 	ret = erofs_read_inode_from_disk(vi);
#  336|   	if (ret < 0) {
#  337|   		fuse_reply_err(req, -ret);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def13]
erofs-utils-1.8.10/fuse/main.c:381:15: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
erofs-utils-1.8.10/fuse/main.c:375:15: acquire_memory: allocated here
erofs-utils-1.8.10/fuse/main.c:376:12: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
erofs-utils-1.8.10/fuse/main.c:381:15: branch_false: ...to here
erofs-utils-1.8.10/fuse/main.c:381:15: throw: if ‘erofs_pread’ throws an exception...
erofs-utils-1.8.10/fuse/main.c:381:15: danger: ‘buf’ leaks here; was allocated at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
#  379|   	}
#  380|   
#  381|-> 	ret = erofs_pread(vi, buf, size, off);
#  382|   	if (ret) {
#  383|   		fuse_reply_err(req, -ret);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def14]
erofs-utils-1.8.10/fuse/main.c:417:15: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
erofs-utils-1.8.10/fuse/main.c:406:12: branch_false: following ‘false’ branch...
erofs-utils-1.8.10/fuse/main.c:411:22: branch_false: ...to here
erofs-utils-1.8.10/fuse/main.c:411:15: acquire_memory: allocated here
erofs-utils-1.8.10/fuse/main.c:412:12: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
erofs-utils-1.8.10/fuse/main.c:417:15: branch_false: ...to here
erofs-utils-1.8.10/fuse/main.c:417:15: throw: if ‘erofs_pread’ throws an exception...
erofs-utils-1.8.10/fuse/main.c:417:15: danger: ‘buf’ leaks here; was allocated at [(3)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/2)
#  415|   	}
#  416|   
#  417|-> 	ret = erofs_pread(&vi, buf, vi.i_size, 0);
#  418|   	if (ret < 0) {
#  419|   		fuse_reply_err(req, -ret);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def15]
erofs-utils-1.8.10/fuse/main.c:458:15: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
erofs-utils-1.8.10/fuse/main.c:445:12: branch_false: following ‘false’ branch...
erofs-utils-1.8.10/fuse/main.c:450:12: branch_false: ...to here
erofs-utils-1.8.10/fuse/main.c:450:12: branch_true: following ‘true’ branch (when ‘size != 0’)...
erofs-utils-1.8.10/fuse/main.c:451:23: branch_true: ...to here
erofs-utils-1.8.10/fuse/main.c:451:23: acquire_memory: allocated here
erofs-utils-1.8.10/fuse/main.c:452:20: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
erofs-utils-1.8.10/fuse/main.c:458:15: branch_false: ...to here
erofs-utils-1.8.10/fuse/main.c:458:15: throw: if ‘erofs_getxattr’ throws an exception...
erofs-utils-1.8.10/fuse/main.c:458:15: danger: ‘buf’ leaks here; was allocated at [(5)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/4)
#  456|   	}
#  457|   
#  458|-> 	ret = erofs_getxattr(&vi, name, buf, size);
#  459|   	if (ret < 0)
#  460|   		fuse_reply_err(req, -ret);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def16]
erofs-utils-1.8.10/fuse/main.c:491:15: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
erofs-utils-1.8.10/fuse/main.c:478:12: branch_false: following ‘false’ branch...
erofs-utils-1.8.10/fuse/main.c:483:12: branch_false: ...to here
erofs-utils-1.8.10/fuse/main.c:483:12: branch_true: following ‘true’ branch (when ‘size != 0’)...
erofs-utils-1.8.10/fuse/main.c:484:23: branch_true: ...to here
erofs-utils-1.8.10/fuse/main.c:484:23: acquire_memory: allocated here
erofs-utils-1.8.10/fuse/main.c:485:20: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
erofs-utils-1.8.10/fuse/main.c:491:15: branch_false: ...to here
erofs-utils-1.8.10/fuse/main.c:491:15: throw: if ‘erofs_listxattr’ throws an exception...
erofs-utils-1.8.10/fuse/main.c:491:15: danger: ‘buf’ leaks here; was allocated at [(5)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/4)
#  489|   	}
#  490|   
#  491|-> 	ret = erofs_listxattr(&vi, buf, size);
#  492|   	if (ret < 0)
#  493|   		fuse_reply_err(req, -ret);

Error: GCC_ANALYZER_WARNING (CWE-479): [#def17]
erofs-utils-1.8.10/fuse/main.c:619:25: warning[-Wanalyzer-unsafe-call-within-signal-handler]: call to ‘fprintf’ from within signal handler
erofs-utils-1.8.10/fuse/main.c:631:5: enter_function: entry to ‘main’
erofs-utils-1.8.10/fuse/main.c:606:13: enter_function: entry to ‘signal_handle_sigsegv’
erofs-utils-1.8.10/fuse/main.c:617:12: branch_true: following ‘true’ branch (when ‘strings’ is non-NULL)...
erofs-utils-1.8.10/fuse/main.c:617:12: branch_true: ...to here
erofs-utils-1.8.10/fuse/main.c:618:29: branch_true: following ‘true’ branch (when ‘i < nptrs’)...
erofs-utils-1.8.10/fuse/main.c:619:25: branch_true: ...to here
erofs-utils-1.8.10/fuse/main.c:619:25: danger: call to ‘fprintf’ from within signal handler
#  617|   	if (strings) {
#  618|   		for (i = 0; i < nptrs; i++)
#  619|-> 			erofs_dump("%s\n", strings[i]);
#  620|   		free(strings);
#  621|   	}

Error: GCC_ANALYZER_WARNING (CWE-479): [#def18]
erofs-utils-1.8.10/fuse/main.c:620:17: warning[-Wanalyzer-unsafe-call-within-signal-handler]: call to ‘free’ from within signal handler
erofs-utils-1.8.10/fuse/main.c:631:5: enter_function: entry to ‘main’
erofs-utils-1.8.10/fuse/main.c:606:13: enter_function: entry to ‘signal_handle_sigsegv’
erofs-utils-1.8.10/fuse/main.c:617:12: branch_true: following ‘true’ branch (when ‘strings’ is non-NULL)...
erofs-utils-1.8.10/fuse/main.c:617:12: branch_true: ...to here
erofs-utils-1.8.10/fuse/main.c:620:17: danger: call to ‘free’ from within signal handler
#  618|   		for (i = 0; i < nptrs; i++)
#  619|   			erofs_dump("%s\n", strings[i]);
#  620|-> 		free(strings);
#  621|   	}
#  622|   	erofs_dump("========================================\n");

Error: GCC_ANALYZER_WARNING (CWE-476): [#def19]
erofs-utils-1.8.10/include/erofs/hashmap.h:71:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'e'
erofs-utils-1.8.10/lib/hashmap.c:259:13: enter_function: entry to 'memintern'
erofs-utils-1.8.10/lib/hashmap.c:272:12: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/hashmap.c:274:17: call_function: inlined call to 'st_add' from 'memintern'
erofs-utils-1.8.10/lib/hashmap.c:274:17: acquire_memory: this call could return NULL
erofs-utils-1.8.10/lib/hashmap.c:275:17: call_function: inlined call to 'hashmap_entry_init' from 'memintern'
#   69|   	struct hashmap_entry *e = entry;
#   70|   
#   71|-> 	e->hash = hash;
#   72|   	e->next = NULL;
#   73|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def20]
erofs-utils-1.8.10/include/erofs/hashmap.h:87:16: warning[-Wanalyzer-malloc-leak]: leak of 'chunkdata'
erofs-utils-1.8.10/lib/blobchunk.c:257:5: enter_function: entry to 'erofs_blob_write_chunked_file'
erofs-utils-1.8.10/lib/blobchunk.c:278:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:280:9: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:283:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:285:13: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:290:21: acquire_memory: allocated here
erofs-utils-1.8.10/lib/blobchunk.c:291:12: branch_false: following 'false' branch (when 'chunkdata' is non-NULL)...
erofs-utils-1.8.10/lib/blobchunk.c:294:31: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:296:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:302:22: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:305:23: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/blobchunk.c:307:42: branch_true: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:309:20: branch_true: following 'true' branch (when 'offset < 0')...
erofs-utils-1.8.10/lib/blobchunk.c:310:29: branch_true: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:310:28: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/blobchunk.c:311:33: branch_true: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:327:20: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:345:23: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:347:20: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:352:25: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:352:25: call_function: calling 'erofs_blob_getchunk' from 'erofs_blob_write_chunked_file'
#   85|   
#   86|   	hashmap_entry_init(&key, hash);
#   87|-> 	return hashmap_get(map, &key, keydata);
#   88|   }
#   89|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def21]
erofs-utils-1.8.10/include/erofs/internal.h:486:13: warning[-Wanalyzer-malloc-leak]: leak of 'buf'
erofs-utils-1.8.10/lib/super.c:162:5: enter_function: entry to 'erofs_writesb'
erofs-utils-1.8.10/lib/super.c:195:15: acquire_memory: allocated here
erofs-utils-1.8.10/lib/super.c:196:12: branch_false: following 'false' branch (when 'buf' is non-NULL)...
erofs-utils-1.8.10/lib/super.c:201:16: branch_false: ...to here
erofs-utils-1.8.10/lib/super.c:203:15: call_function: inlined call to 'erofs_dev_write' from 'erofs_writesb'
#  484|   				  u64 offset, size_t len)
#  485|   {
#  486|-> 	if (erofs_io_pwrite(&sbi->bdev, buf, offset, len) != (ssize_t)len)
#  487|   		return -EIO;
#  488|   	return 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def22]
erofs-utils-1.8.10/include/erofs/internal.h:513:16: warning[-Wanalyzer-malloc-leak]: leak of 'buffer'
erofs-utils-1.8.10/lib/data.c:417:14: enter_function: entry to 'erofs_read_metadata_bdi'
erofs-utils-1.8.10/lib/data.c:426:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/data.c:428:15: branch_false: ...to here
erofs-utils-1.8.10/lib/data.c:429:12: branch_false: following 'false' branch (when 'len != 0')...
erofs-utils-1.8.10/lib/data.c:432:18: branch_false: ...to here
erofs-utils-1.8.10/lib/data.c:432:18: acquire_memory: allocated here
erofs-utils-1.8.10/lib/data.c:433:12: branch_false: following 'false' branch (when 'buffer' is non-NULL)...
erofs-utils-1.8.10/lib/data.c:435:17: branch_false: ...to here
erofs-utils-1.8.10/lib/data.c:438:21: branch_true: following 'true' branch (when 'i < len')...
erofs-utils-1.8.10/lib/data.c:439:23: branch_true: ...to here
erofs-utils-1.8.10/lib/data.c:441:23: call_function: inlined call to 'erofs_blk_read' from 'erofs_read_metadata_bdi'
#  511|   				 void *buf, erofs_blk_t start, u32 nblocks)
#  512|   {
#  513|-> 	return erofs_dev_read(sbi, device_id, buf, erofs_pos(sbi, start),
#  514|   			      erofs_pos(sbi, nblocks));
#  515|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def23]
erofs-utils-1.8.10/lib/blobchunk.c:65:9: warning[-Wanalyzer-malloc-leak]: leak of 'chunkdata'
erofs-utils-1.8.10/lib/blobchunk.c:257:5: enter_function: entry to 'erofs_blob_write_chunked_file'
erofs-utils-1.8.10/lib/blobchunk.c:278:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:280:9: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:283:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:285:13: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:290:21: acquire_memory: allocated here
erofs-utils-1.8.10/lib/blobchunk.c:291:12: branch_false: following 'false' branch (when 'chunkdata' is non-NULL)...
erofs-utils-1.8.10/lib/blobchunk.c:294:31: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:296:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:302:22: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:305:23: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/blobchunk.c:307:42: branch_true: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:309:20: branch_true: following 'true' branch (when 'offset < 0')...
erofs-utils-1.8.10/lib/blobchunk.c:310:29: branch_true: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:310:28: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/blobchunk.c:311:33: branch_true: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:327:20: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:345:23: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:347:20: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:352:25: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:352:25: call_function: calling 'erofs_blob_getchunk' from 'erofs_blob_write_chunked_file'
#   63|   	int ret;
#   64|   
#   65|-> 	erofs_sha256(buf, chunksize, sha256);
#   66|   	hash = memhash(sha256, sizeof(sha256));
#   67|   	chunk = hashmap_get_from_hash(&blob_hashmap, hash, sha256);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def24]
erofs-utils-1.8.10/lib/blobchunk.c:66:16: warning[-Wanalyzer-malloc-leak]: leak of 'chunkdata'
erofs-utils-1.8.10/lib/blobchunk.c:257:5: enter_function: entry to 'erofs_blob_write_chunked_file'
erofs-utils-1.8.10/lib/blobchunk.c:278:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:280:9: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:283:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:285:13: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:290:21: acquire_memory: allocated here
erofs-utils-1.8.10/lib/blobchunk.c:291:12: branch_false: following 'false' branch (when 'chunkdata' is non-NULL)...
erofs-utils-1.8.10/lib/blobchunk.c:294:31: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:296:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:302:22: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:305:23: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/blobchunk.c:307:42: branch_true: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:309:20: branch_true: following 'true' branch (when 'offset < 0')...
erofs-utils-1.8.10/lib/blobchunk.c:310:29: branch_true: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:310:28: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/blobchunk.c:311:33: branch_true: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:327:20: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:345:23: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:347:20: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:352:25: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:352:25: call_function: calling 'erofs_blob_getchunk' from 'erofs_blob_write_chunked_file'
#   64|   
#   65|   	erofs_sha256(buf, chunksize, sha256);
#   66|-> 	hash = memhash(sha256, sizeof(sha256));
#   67|   	chunk = hashmap_get_from_hash(&blob_hashmap, hash, sha256);
#   68|   	if (chunk) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def25]
erofs-utils-1.8.10/lib/blobchunk.c:74:25: warning[-Wanalyzer-malloc-leak]: leak of 'chunkdata'
erofs-utils-1.8.10/lib/blobchunk.c:257:5: enter_function: entry to 'erofs_blob_write_chunked_file'
erofs-utils-1.8.10/lib/blobchunk.c:278:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:280:9: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:283:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:285:13: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:290:21: acquire_memory: allocated here
erofs-utils-1.8.10/lib/blobchunk.c:291:12: branch_false: following 'false' branch (when 'chunkdata' is non-NULL)...
erofs-utils-1.8.10/lib/blobchunk.c:294:31: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:296:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:302:22: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:305:23: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/blobchunk.c:307:42: branch_true: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:309:20: branch_true: following 'true' branch (when 'offset < 0')...
erofs-utils-1.8.10/lib/blobchunk.c:310:29: branch_true: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:310:28: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/blobchunk.c:311:33: branch_true: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:327:20: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:345:23: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:347:20: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:352:25: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:352:25: call_function: calling 'erofs_blob_getchunk' from 'erofs_blob_write_chunked_file'
#   72|   		if (chunk->blkaddr == erofs_holechunk.blkaddr) {
#   73|   			chunk = &erofs_holechunk;
#   74|-> 			erofs_dbg("Found duplicated hole chunk");
#   75|   		} else {
#   76|   			erofs_dbg("Found duplicated chunk at %u",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def26]
erofs-utils-1.8.10/lib/blobchunk.c:76:25: warning[-Wanalyzer-malloc-leak]: leak of 'chunkdata'
erofs-utils-1.8.10/lib/blobchunk.c:257:5: enter_function: entry to 'erofs_blob_write_chunked_file'
erofs-utils-1.8.10/lib/blobchunk.c:278:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:280:9: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:283:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:285:13: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:290:21: acquire_memory: allocated here
erofs-utils-1.8.10/lib/blobchunk.c:291:12: branch_false: following 'false' branch (when 'chunkdata' is non-NULL)...
erofs-utils-1.8.10/lib/blobchunk.c:294:31: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:296:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:302:22: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:305:23: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/blobchunk.c:307:42: branch_true: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:309:20: branch_true: following 'true' branch (when 'offset < 0')...
erofs-utils-1.8.10/lib/blobchunk.c:310:29: branch_true: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:310:28: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/blobchunk.c:311:33: branch_true: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:327:20: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:345:23: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:347:20: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:352:25: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:352:25: call_function: calling 'erofs_blob_getchunk' from 'erofs_blob_write_chunked_file'
#   74|   			erofs_dbg("Found duplicated hole chunk");
#   75|   		} else {
#   76|-> 			erofs_dbg("Found duplicated chunk at %u",
#   77|   				  chunk->blkaddr);
#   78|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def27]
erofs-utils-1.8.10/lib/blobchunk.c:97:9: warning[-Wanalyzer-malloc-leak]: leak of 'chunk'
erofs-utils-1.8.10/lib/blobchunk.c:68:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:82:17: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:82:17: acquire_memory: allocated here
erofs-utils-1.8.10/lib/blobchunk.c:83:12: branch_false: following 'false' branch (when 'chunk' is non-NULL)...
erofs-utils-1.8.10/lib/blobchunk.c:86:9: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:97:9: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/blobchunk.c:97:9: branch_true: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:97:9: throw: if 'erofs_msg' throws an exception...
erofs-utils-1.8.10/lib/blobchunk.c:97:9: danger: 'chunk' leaks here; was allocated at [(3)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/2)
#   95|   	chunk->blkaddr = erofs_blknr(sbi, blkpos);
#   96|   
#   97|-> 	erofs_dbg("Writing chunk (%llu bytes) to %u", chunksize | 0ULL,
#   98|   		  chunk->blkaddr);
#   99|   	ret = __erofs_io_write(blobfile, buf, chunksize);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def28]
erofs-utils-1.8.10/lib/blobchunk.c:97:9: warning[-Wanalyzer-malloc-leak]: leak of 'chunkdata'
erofs-utils-1.8.10/lib/blobchunk.c:257:5: enter_function: entry to 'erofs_blob_write_chunked_file'
erofs-utils-1.8.10/lib/blobchunk.c:278:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:280:9: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:283:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:285:13: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:290:21: acquire_memory: allocated here
erofs-utils-1.8.10/lib/blobchunk.c:291:12: branch_false: following 'false' branch (when 'chunkdata' is non-NULL)...
erofs-utils-1.8.10/lib/blobchunk.c:294:31: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:296:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:302:22: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:305:23: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/blobchunk.c:307:42: branch_true: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:309:20: branch_true: following 'true' branch (when 'offset < 0')...
erofs-utils-1.8.10/lib/blobchunk.c:310:29: branch_true: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:310:28: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/blobchunk.c:311:33: branch_true: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:327:20: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:345:23: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:347:20: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:352:25: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:352:25: call_function: calling 'erofs_blob_getchunk' from 'erofs_blob_write_chunked_file'
#   95|   	chunk->blkaddr = erofs_blknr(sbi, blkpos);
#   96|   
#   97|-> 	erofs_dbg("Writing chunk (%llu bytes) to %u", chunksize | 0ULL,
#   98|   		  chunk->blkaddr);
#   99|   	ret = __erofs_io_write(blobfile, buf, chunksize);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def29]
erofs-utils-1.8.10/lib/blobchunk.c:99:15: warning[-Wanalyzer-malloc-leak]: leak of 'chunk'
erofs-utils-1.8.10/lib/blobchunk.c:68:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:82:17: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:82:17: acquire_memory: allocated here
erofs-utils-1.8.10/lib/blobchunk.c:83:12: branch_false: following 'false' branch (when 'chunk' is non-NULL)...
erofs-utils-1.8.10/lib/blobchunk.c:86:9: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:99:15: throw: if '__erofs_io_write' throws an exception...
erofs-utils-1.8.10/lib/blobchunk.c:99:15: danger: 'chunk' leaks here; was allocated at [(3)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/2)
#   97|   	erofs_dbg("Writing chunk (%llu bytes) to %u", chunksize | 0ULL,
#   98|   		  chunk->blkaddr);
#   99|-> 	ret = __erofs_io_write(blobfile, buf, chunksize);
#  100|   	if (ret == chunksize) {
#  101|   		padding = erofs_blkoff(sbi, chunksize);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def30]
erofs-utils-1.8.10/lib/blobchunk.c:99:15: warning[-Wanalyzer-malloc-leak]: leak of 'chunkdata'
erofs-utils-1.8.10/lib/blobchunk.c:257:5: enter_function: entry to 'erofs_blob_write_chunked_file'
erofs-utils-1.8.10/lib/blobchunk.c:278:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:280:9: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:283:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:285:13: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:290:21: acquire_memory: allocated here
erofs-utils-1.8.10/lib/blobchunk.c:291:12: branch_false: following 'false' branch (when 'chunkdata' is non-NULL)...
erofs-utils-1.8.10/lib/blobchunk.c:294:31: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:296:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:302:22: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:305:23: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/blobchunk.c:307:42: branch_true: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:309:20: branch_true: following 'true' branch (when 'offset < 0')...
erofs-utils-1.8.10/lib/blobchunk.c:310:29: branch_true: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:310:28: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/blobchunk.c:311:33: branch_true: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:327:20: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:345:23: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:347:20: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:352:25: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:352:25: call_function: calling 'erofs_blob_getchunk' from 'erofs_blob_write_chunked_file'
#   97|   	erofs_dbg("Writing chunk (%llu bytes) to %u", chunksize | 0ULL,
#   98|   		  chunk->blkaddr);
#   99|-> 	ret = __erofs_io_write(blobfile, buf, chunksize);
#  100|   	if (ret == chunksize) {
#  101|   		padding = erofs_blkoff(sbi, chunksize);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def31]
erofs-utils-1.8.10/lib/blobchunk.c:104:31: warning[-Wanalyzer-malloc-leak]: leak of 'chunk'
erofs-utils-1.8.10/lib/blobchunk.c:68:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:82:17: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:82:17: acquire_memory: allocated here
erofs-utils-1.8.10/lib/blobchunk.c:83:12: branch_false: following 'false' branch (when 'chunk' is non-NULL)...
erofs-utils-1.8.10/lib/blobchunk.c:86:9: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:100:12: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/blobchunk.c:101:27: branch_true: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:102:20: branch_true: following 'true' branch (when 'padding != 0')...
erofs-utils-1.8.10/lib/blobchunk.c:103:35: branch_true: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:104:31: throw: if '__erofs_io_write' throws an exception...
erofs-utils-1.8.10/lib/blobchunk.c:104:31: danger: 'chunk' leaks here; was allocated at [(3)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/2)
#  102|   		if (padding) {
#  103|   			padding = erofs_blksiz(sbi) - padding;
#  104|-> 			ret = __erofs_io_write(blobfile, zeroed, padding);
#  105|   			if (ret > 0 && ret != padding)
#  106|   				ret = -EIO;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def32]
erofs-utils-1.8.10/lib/blobchunk.c:118:9: warning[-Wanalyzer-malloc-leak]: leak of 'chunk'
erofs-utils-1.8.10/lib/blobchunk.c:55:32: enter_function: entry to 'erofs_blob_getchunk'
erofs-utils-1.8.10/lib/blobchunk.c:68:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:82:17: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:82:17: acquire_memory: allocated here
erofs-utils-1.8.10/lib/blobchunk.c:83:12: branch_false: following 'false' branch (when 'chunk' is non-NULL)...
erofs-utils-1.8.10/lib/blobchunk.c:86:9: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:100:12: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/blobchunk.c:101:27: branch_true: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:112:12: branch_false: following 'false' branch (when 'ret >= 0')...
erofs-utils-1.8.10/lib/blobchunk.c:117:9: call_function: inlined call to 'hashmap_entry_init' from 'erofs_blob_getchunk'
erofs-utils-1.8.10/lib/blobchunk.c:118:9: throw: if 'hashmap_add' throws an exception...
erofs-utils-1.8.10/lib/blobchunk.c:118:9: danger: 'chunk' leaks here; was allocated at [(4)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/3)
#  116|   
#  117|   	hashmap_entry_init(&chunk->ent, hash);
#  118|-> 	hashmap_add(&blob_hashmap, chunk);
#  119|   	return chunk;
#  120|   }

Error: GCC_ANALYZER_WARNING (CWE-457): [#def33]
erofs-utils-1.8.10/lib/blobchunk.c:190:22: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'extent_end'
erofs-utils-1.8.10/lib/blobchunk.c:153:29: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:189:15: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:190:22: danger: use of uninitialized value 'extent_end' here
#  188|   	}
#  189|   	off = roundup(off, unit);
#  190|-> 	extent_end = min(extent_end, extent_start + remaining_blks);
#  191|   	if (extent_start != EROFS_NULL_ADDR) {
#  192|   		zeroedlen = inode->i_size & (erofs_blksiz(sbi) - 1);

Error: GCC_ANALYZER_WARNING (CWE-457): [#def34]
erofs-utils-1.8.10/lib/blobchunk.c:221:25: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value '*<unknown>'
erofs-utils-1.8.10/lib/blobchunk.c:257:5: enter_function: entry to 'erofs_blob_write_chunked_file'
erofs-utils-1.8.10/lib/blobchunk.c:278:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:280:9: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:283:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:285:13: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:291:12: branch_false: following 'false' branch (when 'chunkdata' is non-NULL)...
erofs-utils-1.8.10/lib/blobchunk.c:294:31: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:296:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:302:22: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:305:23: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/blobchunk.c:366:9: call_function: inlined call to 'erofs_update_minextblks' from 'erofs_blob_write_chunked_file'
erofs-utils-1.8.10/lib/blobchunk.c:369:16: call_function: calling 'erofs_blob_mergechunks' from 'erofs_blob_write_chunked_file'
#  219|   	for (dst = src = 0; dst < count; ++dst) {
#  220|   		*((void **)inode->chunkindexes + dst) =
#  221|-> 			*((void **)inode->chunkindexes + src);
#  222|   		src += 1U << (new_chunkbits - chunkbits);
#  223|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def35]
erofs-utils-1.8.10/lib/blobchunk.c:572:9: warning[-Wanalyzer-malloc-leak]: leak of 'zeros'
erofs-utils-1.8.10/lib/blobchunk.c:568:17: acquire_memory: allocated here
erofs-utils-1.8.10/lib/blobchunk.c:569:12: branch_false: following 'false' branch (when 'zeros' is non-NULL)...
erofs-utils-1.8.10/lib/blobchunk.c:572:9: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:572:9: throw: if 'erofs_sha256' throws an exception...
erofs-utils-1.8.10/lib/blobchunk.c:572:9: danger: 'zeros' leaks here; was allocated at [(1)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/0)
#  570|   		return -ENOMEM;
#  571|   
#  572|-> 	erofs_sha256(zeros, chunksize, sha256);
#  573|   	free(zeros);
#  574|   	hash = memhash(sha256, sizeof(sha256));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def36]
erofs-utils-1.8.10/lib/blobchunk.c:585:9: warning[-Wanalyzer-malloc-leak]: leak of 'chunk'
erofs-utils-1.8.10/lib/blobchunk.c:569:12: branch_false: following 'false' branch (when 'zeros' is non-NULL)...
erofs-utils-1.8.10/lib/blobchunk.c:572:9: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:575:17: acquire_memory: allocated here
erofs-utils-1.8.10/lib/blobchunk.c:576:12: branch_false: following 'false' branch (when 'chunk' is non-NULL)...
erofs-utils-1.8.10/lib/blobchunk.c:579:9: branch_false: ...to here
erofs-utils-1.8.10/lib/blobchunk.c:585:9: throw: if 'hashmap_add' throws an exception...
erofs-utils-1.8.10/lib/blobchunk.c:585:9: danger: 'chunk' leaks here; was allocated at [(3)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/2)
#  583|   
#  584|   	hashmap_entry_init(&chunk->ent, hash);
#  585|-> 	hashmap_add(&blob_hashmap, chunk);
#  586|   	return ret;
#  587|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def37]
erofs-utils-1.8.10/lib/compress.c:379:9: warning[-Wanalyzer-malloc-leak]: leak of 'sctx.pivot'
erofs-utils-1.8.10/lib/compress.c:1725:5: enter_function: entry to 'erofs_write_compressed_file'
erofs-utils-1.8.10/lib/compress.c:1737:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/compress.c:1742:14: branch_false: ...to here
erofs-utils-1.8.10/lib/compress.c:1743:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/compress.c:1747:18: branch_false: ...to here
erofs-utils-1.8.10/lib/compress.c:1761:15: call_function: calling 'z_erofs_compress_segment' from 'erofs_write_compressed_file'
#  377|   out:
#  378|   	z_erofs_commit_extent(ctx, ei);
#  379|-> 	ctx->pivot = NULL;
#  380|   	return 0;
#  381|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def38]
erofs-utils-1.8.10/lib/compress.c:1675:30: warning[-Wanalyzer-malloc-leak]: leak of 'ictx'
erofs-utils-1.8.10/lib/compress.c:1627:7: enter_function: entry to 'erofs_begin_compressed_file'
erofs-utils-1.8.10/lib/compress.c:1654:12: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/compress.c:1654:13: branch_true: ...to here
erofs-utils-1.8.10/lib/compress.c:1654:13: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/compress.c:1664:24: branch_false: ...to here
erofs-utils-1.8.10/lib/compress.c:1664:24: acquire_memory: allocated here
erofs-utils-1.8.10/lib/compress.c:1665:20: branch_false: following 'false' branch (when 'ictx' is non-NULL)...
erofs-utils-1.8.10/lib/compress.c:1668:9: branch_false: ...to here
erofs-utils-1.8.10/lib/compress.c:1674:12: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/compress.c:1674:33: call_function: inlined call to 'erofs_is_packed_inode' from 'erofs_begin_compressed_file'
erofs-utils-1.8.10/lib/compress.c:1675:30: throw: if 'z_erofs_fragments_tofh' throws an exception...
erofs-utils-1.8.10/lib/compress.c:1675:30: danger: 'ictx' leaks here; was allocated at [(6)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/5)
# 1673|   
# 1674|   	if (cfg.c_fragments && !erofs_is_packed_inode(inode)) {
# 1675|-> 		ictx->tofh = z_erofs_fragments_tofh(inode, fd, fpos);
# 1676|   		if (ictx == &g_ictx && cfg.c_fragdedupe != FRAGDEDUPE_OFF) {
# 1677|   			/*

Error: GCC_ANALYZER_WARNING (CWE-401): [#def39]
erofs-utils-1.8.10/lib/compress_hints.c:34:15: warning[-Wanalyzer-malloc-leak]: leak of 'ch'
erofs-utils-1.8.10/lib/compress_hints.c:30:14: acquire_memory: allocated here
erofs-utils-1.8.10/lib/compress_hints.c:31:12: branch_false: following 'false' branch (when 'ch' is non-NULL)...
erofs-utils-1.8.10/lib/compress_hints.c:34:23: branch_false: ...to here
erofs-utils-1.8.10/lib/compress_hints.c:34:15: throw: if 'regcomp' throws an exception...
erofs-utils-1.8.10/lib/compress_hints.c:34:15: danger: 'ch' leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#   32|   		return -ENOMEM;
#   33|   
#   34|-> 	ret = regcomp(&ch->reg, s, REG_EXTENDED|REG_NOSUB);
#   35|   	if (ret) {
#   36|   		dump_regerror(ret, s, &ch->reg);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def40]
erofs-utils-1.8.10/lib/compress_hints.c:107:21: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(cfg.c_compress_hints_file, "r")'
erofs-utils-1.8.10/lib/compress_hints.c:96:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/compress_hints.c:99:13: branch_false: ...to here
erofs-utils-1.8.10/lib/compress_hints.c:99:13: acquire_resource: opened here
erofs-utils-1.8.10/lib/compress_hints.c:100:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/compress_hints.c:100:12: branch_false: ...to here
erofs-utils-1.8.10/lib/compress_hints.c:103:24: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/compress_hints.c:107:21: branch_true: ...to here
erofs-utils-1.8.10/lib/compress_hints.c:113:20: branch_true: following 'true' branch (when 'pattern' is NULL)...
erofs-utils-1.8.10/lib/compress_hints.c:117:20: branch_true: ...to here
erofs-utils-1.8.10/lib/compress_hints.c:117:20: branch_true: following 'true' branch (when 'alg' is NULL)...
erofs-utils-1.8.10/lib/compress_hints.c:118:25: branch_true: ...to here
erofs-utils-1.8.10/lib/compress_hints.c:118:25: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/compress_hints.c:118:25: branch_true: ...to here
erofs-utils-1.8.10/lib/compress_hints.c:118:25: throw: if 'erofs_msg' throws an exception...
erofs-utils-1.8.10/lib/compress_hints.c:107:21: danger: 'fopen(cfg.c_compress_hints_file, "r")' leaks here; was opened at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#  105|   		char *alg, *pattern;
#  106|   
#  107|-> 		if (*buf == '#' || *buf == '\n')
#  108|   			continue;
#  109|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def41]
erofs-utils-1.8.10/lib/compress_hints.c:107:21: warning[-Wanalyzer-malloc-leak]: leak of 'fopen(cfg.c_compress_hints_file, "r")'
erofs-utils-1.8.10/lib/compress_hints.c:96:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/compress_hints.c:99:13: branch_false: ...to here
erofs-utils-1.8.10/lib/compress_hints.c:99:13: acquire_memory: allocated here
erofs-utils-1.8.10/lib/compress_hints.c:100:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/compress_hints.c:100:12: branch_false: ...to here
erofs-utils-1.8.10/lib/compress_hints.c:103:24: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/compress_hints.c:107:21: branch_true: ...to here
erofs-utils-1.8.10/lib/compress_hints.c:113:20: branch_true: following 'true' branch (when 'pattern' is NULL)...
erofs-utils-1.8.10/lib/compress_hints.c:117:20: branch_true: ...to here
erofs-utils-1.8.10/lib/compress_hints.c:117:20: branch_true: following 'true' branch (when 'alg' is NULL)...
erofs-utils-1.8.10/lib/compress_hints.c:118:25: branch_true: ...to here
erofs-utils-1.8.10/lib/compress_hints.c:118:25: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/compress_hints.c:118:25: branch_true: ...to here
erofs-utils-1.8.10/lib/compress_hints.c:118:25: throw: if 'erofs_msg' throws an exception...
erofs-utils-1.8.10/lib/compress_hints.c:107:21: danger: 'fopen(cfg.c_compress_hints_file, "r")' leaks here; was allocated at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#  105|   		char *alg, *pattern;
#  106|   
#  107|-> 		if (*buf == '#' || *buf == '\n')
#  108|   			continue;
#  109|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def42]
erofs-utils-1.8.10/lib/compress_hints.c:149:13: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(cfg.c_compress_hints_file, "r")'
erofs-utils-1.8.10/lib/compress_hints.c:96:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/compress_hints.c:99:13: branch_false: ...to here
erofs-utils-1.8.10/lib/compress_hints.c:99:13: acquire_resource: opened here
erofs-utils-1.8.10/lib/compress_hints.c:100:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/compress_hints.c:100:12: branch_false: ...to here
erofs-utils-1.8.10/lib/compress_hints.c:149:12: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/compress_hints.c:150:17: branch_true: ...to here
erofs-utils-1.8.10/lib/compress_hints.c:151:17: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/compress_hints.c:151:17: branch_true: ...to here
erofs-utils-1.8.10/lib/compress_hints.c:151:17: throw: if 'erofs_msg' throws an exception...
erofs-utils-1.8.10/lib/compress_hints.c:149:13: danger: 'fopen(cfg.c_compress_hints_file, "r")' leaks here; was opened at [(3)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/2)
#  147|   	}
#  148|   
#  149|-> 	if (cfg.c_mkfs_pclustersize_max < max_pclustersize) {
#  150|   		cfg.c_mkfs_pclustersize_max = max_pclustersize;
#  151|   		erofs_warn("update max pclustersize to %u",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def43]
erofs-utils-1.8.10/lib/compress_hints.c:149:13: warning[-Wanalyzer-malloc-leak]: leak of 'fopen(cfg.c_compress_hints_file, "r")'
erofs-utils-1.8.10/lib/compress_hints.c:96:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/compress_hints.c:99:13: branch_false: ...to here
erofs-utils-1.8.10/lib/compress_hints.c:99:13: acquire_memory: allocated here
erofs-utils-1.8.10/lib/compress_hints.c:100:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/compress_hints.c:100:12: branch_false: ...to here
erofs-utils-1.8.10/lib/compress_hints.c:149:12: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/compress_hints.c:150:17: branch_true: ...to here
erofs-utils-1.8.10/lib/compress_hints.c:151:17: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/compress_hints.c:151:17: branch_true: ...to here
erofs-utils-1.8.10/lib/compress_hints.c:151:17: throw: if 'erofs_msg' throws an exception...
erofs-utils-1.8.10/lib/compress_hints.c:149:13: danger: 'fopen(cfg.c_compress_hints_file, "r")' leaks here; was allocated at [(3)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/2)
#  147|   	}
#  148|   
#  149|-> 	if (cfg.c_mkfs_pclustersize_max < max_pclustersize) {
#  150|   		cfg.c_mkfs_pclustersize_max = max_pclustersize;
#  151|   		erofs_warn("update max pclustersize to %u",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def44]
erofs-utils-1.8.10/lib/compressor_libdeflate.c:113:21: warning[-Wanalyzer-malloc-leak]: leak of 'ctx'
erofs-utils-1.8.10/lib/compressor_libdeflate.c:110:15: acquire_memory: allocated here
erofs-utils-1.8.10/lib/compressor_libdeflate.c:111:12: branch_false: following 'false' branch (when 'ctx' is non-NULL)...
erofs-utils-1.8.10/lib/compressor_libdeflate.c:113:49: branch_false: ...to here
erofs-utils-1.8.10/lib/compressor_libdeflate.c:113:21: throw: if 'libdeflate_alloc_compressor' throws an exception...
erofs-utils-1.8.10/lib/compressor_libdeflate.c:113:21: danger: 'ctx' leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  111|   	if (!ctx)
#  112|   		return -ENOMEM;
#  113|-> 	ctx->strm = libdeflate_alloc_compressor(c->compression_level);
#  114|   	if (!ctx->strm) {
#  115|   		free(ctx);

Error: CPPCHECK_WARNING (CWE-401): [#def45]
erofs-utils-1.8.10/lib/compressor_liblzma.c:110: error[memleak]: Memory leak: ctx
#  108|   
#  109|   	if (lzma_lzma_preset(&ctx->opt, preset))
#  110|-> 		return -EINVAL;
#  111|   	ctx->opt.dict_size = c->dict_size;
#  112|   

Error: CPPCHECK_WARNING (CWE-758): [#def46]
erofs-utils-1.8.10/lib/compressor_libzstd.c:109: error[shiftTooManyBits]: Shifting 32-bit value by 63 bits is undefined behaviour
#  107|   			dict_size = min_t(u32, Z_EROFS_ZSTD_MAX_DICT_SIZE,
#  108|   					  cfg.c_mkfs_pclustersize_max << 3);
#  109|-> 			dict_size = 1 << ilog2(dict_size);
#  110|   		}
#  111|   	}

Error: CPPCHECK_WARNING (CWE-758): [#def47]
erofs-utils-1.8.10/lib/compressor_libzstd.c:112: error[shiftTooManyBits]: Shifting 32-bit value by 63 bits is undefined behaviour
#  110|   		}
#  111|   	}
#  112|-> 	if (dict_size != 1 << ilog2(dict_size) ||
#  113|   	    dict_size > Z_EROFS_ZSTD_MAX_DICT_SIZE) {
#  114|   		erofs_err("invalid dictionary size %u", dict_size);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def48]
erofs-utils-1.8.10/lib/compressor_libzstd.c:138:16: warning[-Wanalyzer-malloc-leak]: leak of 'ctx'
erofs-utils-1.8.10/lib/compressor_libzstd.c:129:12: branch_false: following 'false' branch (when 'ctx' is NULL)...
erofs-utils-1.8.10/lib/compressor_libzstd.c:134:23: branch_false: ...to here
erofs-utils-1.8.10/lib/compressor_libzstd.c:134:23: acquire_memory: allocated here
erofs-utils-1.8.10/lib/compressor_libzstd.c:135:20: branch_false: following 'false' branch (when 'ctx' is non-NULL)...
erofs-utils-1.8.10/lib/compressor_libzstd.c:138:16: branch_false: ...to here
erofs-utils-1.8.10/lib/compressor_libzstd.c:138:16: throw: if 'ZSTD_createCCtx' throws an exception...
erofs-utils-1.8.10/lib/compressor_libzstd.c:138:16: danger: 'ctx' leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#  136|   			return -ENOMEM;
#  137|   	}
#  138|-> 	cctx = ZSTD_createCCtx();
#  139|   	if (!cctx) {
#  140|   		err = -ENOMEM;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def49]
erofs-utils-1.8.10/lib/compressor_libzstd.c:145:19: warning[-Wanalyzer-malloc-leak]: leak of 'ctx'
erofs-utils-1.8.10/lib/compressor_libzstd.c:129:12: branch_false: following 'false' branch (when 'ctx' is NULL)...
erofs-utils-1.8.10/lib/compressor_libzstd.c:134:23: branch_false: ...to here
erofs-utils-1.8.10/lib/compressor_libzstd.c:134:23: acquire_memory: allocated here
erofs-utils-1.8.10/lib/compressor_libzstd.c:135:20: branch_false: following 'false' branch (when 'ctx' is non-NULL)...
erofs-utils-1.8.10/lib/compressor_libzstd.c:138:16: branch_false: ...to here
erofs-utils-1.8.10/lib/compressor_libzstd.c:139:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/compressor_libzstd.c:145:73: branch_false: ...to here
erofs-utils-1.8.10/lib/compressor_libzstd.c:145:19: throw: if 'ZSTD_CCtx_setParameter' throws an exception...
erofs-utils-1.8.10/lib/compressor_libzstd.c:145:19: danger: 'ctx' leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#  143|   
#  144|   	err = -EINVAL;
#  145|-> 	errcode = ZSTD_CCtx_setParameter(cctx, ZSTD_c_compressionLevel, c->compression_level);
#  146|   	if (ZSTD_isError(errcode)) {
#  147|   		erofs_err("failed to set compression level: %s",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def50]
erofs-utils-1.8.10/lib/compressor_libzstd.c:146:13: warning[-Wanalyzer-malloc-leak]: leak of 'ctx'
erofs-utils-1.8.10/lib/compressor_libzstd.c:129:12: branch_false: following 'false' branch (when 'ctx' is NULL)...
erofs-utils-1.8.10/lib/compressor_libzstd.c:134:23: branch_false: ...to here
erofs-utils-1.8.10/lib/compressor_libzstd.c:134:23: acquire_memory: allocated here
erofs-utils-1.8.10/lib/compressor_libzstd.c:135:20: branch_false: following 'false' branch (when 'ctx' is non-NULL)...
erofs-utils-1.8.10/lib/compressor_libzstd.c:138:16: branch_false: ...to here
erofs-utils-1.8.10/lib/compressor_libzstd.c:139:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/compressor_libzstd.c:145:73: branch_false: ...to here
erofs-utils-1.8.10/lib/compressor_libzstd.c:146:13: throw: if 'ZSTD_isError' throws an exception...
erofs-utils-1.8.10/lib/compressor_libzstd.c:146:13: danger: 'ctx' leaks here; was allocated at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#  144|   	err = -EINVAL;
#  145|   	errcode = ZSTD_CCtx_setParameter(cctx, ZSTD_c_compressionLevel, c->compression_level);
#  146|-> 	if (ZSTD_isError(errcode)) {
#  147|   		erofs_err("failed to set compression level: %s",
#  148|   			  ZSTD_getErrorName(errcode));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def51]
erofs-utils-1.8.10/lib/compressor_libzstd.c:147:17: warning[-Wanalyzer-malloc-leak]: leak of 'ctx'
erofs-utils-1.8.10/lib/compressor_libzstd.c:129:12: branch_false: following 'false' branch (when 'ctx' is NULL)...
erofs-utils-1.8.10/lib/compressor_libzstd.c:134:23: branch_false: ...to here
erofs-utils-1.8.10/lib/compressor_libzstd.c:134:23: acquire_memory: allocated here
erofs-utils-1.8.10/lib/compressor_libzstd.c:135:20: branch_false: following 'false' branch (when 'ctx' is non-NULL)...
erofs-utils-1.8.10/lib/compressor_libzstd.c:138:16: branch_false: ...to here
erofs-utils-1.8.10/lib/compressor_libzstd.c:139:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/compressor_libzstd.c:145:73: branch_false: ...to here
erofs-utils-1.8.10/lib/compressor_libzstd.c:146:12: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/compressor_libzstd.c:147:17: branch_true: ...to here
erofs-utils-1.8.10/lib/compressor_libzstd.c:147:17: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/compressor_libzstd.c:147:17: branch_true: ...to here
erofs-utils-1.8.10/lib/compressor_libzstd.c:147:17: throw: if 'ZSTD_getErrorName' throws an exception...
erofs-utils-1.8.10/lib/compressor_libzstd.c:147:17: danger: 'ctx' leaks here; was allocated at [(3)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/2)
#  145|   	errcode = ZSTD_CCtx_setParameter(cctx, ZSTD_c_compressionLevel, c->compression_level);
#  146|   	if (ZSTD_isError(errcode)) {
#  147|-> 		erofs_err("failed to set compression level: %s",
#  148|   			  ZSTD_getErrorName(errcode));
#  149|   		goto out_err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def52]
erofs-utils-1.8.10/lib/compressor_libzstd.c:151:19: warning[-Wanalyzer-malloc-leak]: leak of 'ctx'
erofs-utils-1.8.10/lib/compressor_libzstd.c:129:12: branch_false: following 'false' branch (when 'ctx' is NULL)...
erofs-utils-1.8.10/lib/compressor_libzstd.c:134:23: branch_false: ...to here
erofs-utils-1.8.10/lib/compressor_libzstd.c:134:23: acquire_memory: allocated here
erofs-utils-1.8.10/lib/compressor_libzstd.c:135:20: branch_false: following 'false' branch (when 'ctx' is non-NULL)...
erofs-utils-1.8.10/lib/compressor_libzstd.c:138:16: branch_false: ...to here
erofs-utils-1.8.10/lib/compressor_libzstd.c:139:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/compressor_libzstd.c:145:73: branch_false: ...to here
erofs-utils-1.8.10/lib/compressor_libzstd.c:146:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/compressor_libzstd.c:151:66: branch_false: ...to here
erofs-utils-1.8.10/lib/compressor_libzstd.c:151:19: throw: if 'ZSTD_CCtx_setParameter' throws an exception...
erofs-utils-1.8.10/lib/compressor_libzstd.c:151:19: danger: 'ctx' leaks here; was allocated at [(3)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/2)
#  149|   		goto out_err;
#  150|   	}
#  151|-> 	errcode = ZSTD_CCtx_setParameter(cctx, ZSTD_c_windowLog, ilog2(c->dict_size));
#  152|   	if (ZSTD_isError(errcode)) {
#  153|   		erofs_err("failed to set window log: %s", ZSTD_getErrorName(errcode));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def53]
erofs-utils-1.8.10/lib/compressor_libzstd.c:152:13: warning[-Wanalyzer-malloc-leak]: leak of 'ctx'
erofs-utils-1.8.10/lib/compressor_libzstd.c:129:12: branch_false: following 'false' branch (when 'ctx' is NULL)...
erofs-utils-1.8.10/lib/compressor_libzstd.c:134:23: branch_false: ...to here
erofs-utils-1.8.10/lib/compressor_libzstd.c:134:23: acquire_memory: allocated here
erofs-utils-1.8.10/lib/compressor_libzstd.c:135:20: branch_false: following 'false' branch (when 'ctx' is non-NULL)...
erofs-utils-1.8.10/lib/compressor_libzstd.c:138:16: branch_false: ...to here
erofs-utils-1.8.10/lib/compressor_libzstd.c:139:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/compressor_libzstd.c:145:73: branch_false: ...to here
erofs-utils-1.8.10/lib/compressor_libzstd.c:146:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/compressor_libzstd.c:151:66: branch_false: ...to here
erofs-utils-1.8.10/lib/compressor_libzstd.c:152:13: throw: if 'ZSTD_isError' throws an exception...
erofs-utils-1.8.10/lib/compressor_libzstd.c:152:13: danger: 'ctx' leaks here; was allocated at [(3)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/2)
#  150|   	}
#  151|   	errcode = ZSTD_CCtx_setParameter(cctx, ZSTD_c_windowLog, ilog2(c->dict_size));
#  152|-> 	if (ZSTD_isError(errcode)) {
#  153|   		erofs_err("failed to set window log: %s", ZSTD_getErrorName(errcode));
#  154|   		goto out_err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def54]
erofs-utils-1.8.10/lib/compressor_libzstd.c:153:17: warning[-Wanalyzer-malloc-leak]: leak of 'ctx'
erofs-utils-1.8.10/lib/compressor_libzstd.c:129:12: branch_false: following 'false' branch (when 'ctx' is NULL)...
erofs-utils-1.8.10/lib/compressor_libzstd.c:134:23: branch_false: ...to here
erofs-utils-1.8.10/lib/compressor_libzstd.c:134:23: acquire_memory: allocated here
erofs-utils-1.8.10/lib/compressor_libzstd.c:135:20: branch_false: following 'false' branch (when 'ctx' is non-NULL)...
erofs-utils-1.8.10/lib/compressor_libzstd.c:138:16: branch_false: ...to here
erofs-utils-1.8.10/lib/compressor_libzstd.c:139:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/compressor_libzstd.c:145:73: branch_false: ...to here
erofs-utils-1.8.10/lib/compressor_libzstd.c:146:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/compressor_libzstd.c:151:66: branch_false: ...to here
erofs-utils-1.8.10/lib/compressor_libzstd.c:152:12: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/compressor_libzstd.c:153:17: branch_true: ...to here
erofs-utils-1.8.10/lib/compressor_libzstd.c:153:17: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/compressor_libzstd.c:153:17: branch_true: ...to here
erofs-utils-1.8.10/lib/compressor_libzstd.c:153:17: throw: if 'ZSTD_getErrorName' throws an exception...
erofs-utils-1.8.10/lib/compressor_libzstd.c:153:17: danger: 'ctx' leaks here; was allocated at [(3)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/2)
#  151|   	errcode = ZSTD_CCtx_setParameter(cctx, ZSTD_c_windowLog, ilog2(c->dict_size));
#  152|   	if (ZSTD_isError(errcode)) {
#  153|-> 		erofs_err("failed to set window log: %s", ZSTD_getErrorName(errcode));
#  154|   		goto out_err;
#  155|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def55]
erofs-utils-1.8.10/lib/compressor_libzstd.c:166:9: warning[-Wanalyzer-malloc-leak]: leak of 'ctx'
erofs-utils-1.8.10/lib/compressor_libzstd.c:129:12: branch_false: following 'false' branch (when 'ctx' is NULL)...
erofs-utils-1.8.10/lib/compressor_libzstd.c:134:23: branch_false: ...to here
erofs-utils-1.8.10/lib/compressor_libzstd.c:134:23: acquire_memory: allocated here
erofs-utils-1.8.10/lib/compressor_libzstd.c:135:20: branch_false: following 'false' branch (when 'ctx' is non-NULL)...
erofs-utils-1.8.10/lib/compressor_libzstd.c:138:16: branch_false: ...to here
erofs-utils-1.8.10/lib/compressor_libzstd.c:166:9: throw: if 'ZSTD_freeCCtx' throws an exception...
erofs-utils-1.8.10/lib/compressor_libzstd.c:166:9: danger: 'ctx' leaks here; was allocated at [(3)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/2)
#  164|   	return 0;
#  165|   out_err:
#  166|-> 	ZSTD_freeCCtx(cctx);
#  167|   	free(ctx);
#  168|   	return err;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def56]
erofs-utils-1.8.10/lib/config.c:142:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 's'
erofs-utils-1.8.10/lib/config.c:119:12: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/config.c:125:20: branch_true: ...to here
erofs-utils-1.8.10/lib/config.c:133:12: branch_false: following 'false' branch (when 'col > placeholder')...
erofs-utils-1.8.10/lib/config.c:136:15: branch_false: ...to here
erofs-utils-1.8.10/lib/config.c:138:12: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/config.c:139:44: branch_true: ...to here
erofs-utils-1.8.10/lib/config.c:139:27: acquire_memory: this call could return NULL
erofs-utils-1.8.10/lib/config.c:141:20: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/config.c:142:25: branch_true: ...to here
erofs-utils-1.8.10/lib/config.c:142:25: danger: 's' could be NULL: unchecked value from [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6)
#  140|   
#  141|   		if (col > placeholder + 2) {
#  142|-> 			s[0] = '[';
#  143|   			s[1] = ']';
#  144|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def57]
erofs-utils-1.8.10/lib/decompress.c:59:15: warning[-Wanalyzer-malloc-leak]: leak of 'dest'
erofs-utils-1.8.10/lib/decompress.c:39:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/decompress.c:44:42: branch_false: ...to here
erofs-utils-1.8.10/lib/decompress.c:45:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/decompress.c:52:13: branch_false: ...to here
erofs-utils-1.8.10/lib/decompress.c:53:24: acquire_memory: allocated here
erofs-utils-1.8.10/lib/decompress.c:54:20: branch_false: following 'false' branch (when 'buff' is non-NULL)...
erofs-utils-1.8.10/lib/decompress.c:60:50: branch_false: ...to here
erofs-utils-1.8.10/lib/decompress.c:59:15: throw: if 'ZSTD_decompress' throws an exception...
erofs-utils-1.8.10/lib/decompress.c:59:15: danger: 'dest' leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#   57|   	}
#   58|   
#   59|-> 	ret = ZSTD_decompress(dest, total,
#   60|   			      src + inputmargin, rq->inputsize - inputmargin);
#   61|   	if (ZSTD_isError(ret)) {

Error: COMPILER_WARNING (CWE-681): [#def58]
erofs-utils-1.8.10/lib/decompress.c: scope_hint: In function 'z_erofs_qpl_get_job'
erofs-utils-1.8.10/lib/decompress.c:139:59: warning[-Wpointer-sign]: pointer targets in passing argument 2 of 'qpl_get_job_size' differ in signedness
#  139 |                 status = qpl_get_job_size(execution_path, &jobsize);
#      |                                                           ^~~~~~~~
#      |                                                           |
#      |                                                           int32_t * {aka int *}
/usr/include/qpl/qpl.h:22: included_from: Included from here.
erofs-utils-1.8.10/lib/decompress.c:84: included_from: Included from here.
/usr/include/qpl/c_api/job.h:161:1: note: expected 'uint32_t *' {aka 'unsigned int *'} but argument is of type 'int32_t *' {aka 'int *'}
#  161 | QPL_API(qpl_status, qpl_get_job_size, (qpl_path_t qpl_path, uint32_t* job_size_ptr))
#      | ^~~~~~~
#  137|   
#  138|   	if (!job) {
#  139|-> 		status = qpl_get_job_size(execution_path, &jobsize);
#  140|   		if (status != QPL_STS_OK) {
#  141|   			erofs_err("failed to get job size: %d", status);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def59]
erofs-utils-1.8.10/lib/decompress.c:149:26: warning[-Wanalyzer-malloc-leak]: leak of 'job'
erofs-utils-1.8.10/lib/decompress.c:138:12: branch_true: following 'true' branch (when 'job' is NULL)...
erofs-utils-1.8.10/lib/decompress.c:139:26: branch_true: ...to here
erofs-utils-1.8.10/lib/decompress.c:140:20: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/decompress.c:145:23: branch_false: ...to here
erofs-utils-1.8.10/lib/decompress.c:145:23: acquire_memory: allocated here
erofs-utils-1.8.10/lib/decompress.c:146:20: branch_false: following 'false' branch (when 'job' is non-NULL)...
erofs-utils-1.8.10/lib/decompress.c:149:66: branch_false: ...to here
erofs-utils-1.8.10/lib/decompress.c:149:26: throw: if 'qpl_init_job' throws an exception...
erofs-utils-1.8.10/lib/decompress.c:149:26: danger: 'job' leaks here; was allocated at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
#  147|   			return ERR_PTR(-ENOMEM);
#  148|   
#  149|-> 		status = qpl_init_job(execution_path, (qpl_job *)job->job);
#  150|   		if (status != QPL_STS_OK) {
#  151|   			erofs_err("failed to initialize job: %d", status);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def60]
erofs-utils-1.8.10/lib/decompress.c:267:15: warning[-Wanalyzer-malloc-leak]: leak of 'dest'
erofs-utils-1.8.10/lib/decompress.c:256:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/decompress.c:259:27: branch_false: ...to here
erofs-utils-1.8.10/lib/decompress.c:261:24: acquire_memory: allocated here
erofs-utils-1.8.10/lib/decompress.c:262:20: branch_false: following 'false' branch (when 'buff' is non-NULL)...
erofs-utils-1.8.10/lib/decompress.c:267:15: branch_false: ...to here
erofs-utils-1.8.10/lib/decompress.c:267:15: throw: if 'libdeflate_alloc_decompressor' throws an exception...
erofs-utils-1.8.10/lib/decompress.c:267:15: danger: 'dest' leaks here; was allocated at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#  265|   	}
#  266|   
#  267|-> 	inf = libdeflate_alloc_decompressor();
#  268|   	if (!inf) {
#  269|   		ret = -ENOMEM;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def61]
erofs-utils-1.8.10/lib/decompress.c:275:31: warning[-Wanalyzer-malloc-leak]: leak of 'dest'
erofs-utils-1.8.10/lib/decompress.c:256:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/decompress.c:259:27: branch_false: ...to here
erofs-utils-1.8.10/lib/decompress.c:261:24: acquire_memory: allocated here
erofs-utils-1.8.10/lib/decompress.c:262:20: branch_false: following 'false' branch (when 'buff' is non-NULL)...
erofs-utils-1.8.10/lib/decompress.c:267:15: branch_false: ...to here
erofs-utils-1.8.10/lib/decompress.c:268:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/decompress.c:273:13: branch_false: ...to here
erofs-utils-1.8.10/lib/decompress.c:273:12: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/decompress.c:273:12: branch_true: ...to here
erofs-utils-1.8.10/lib/decompress.c:275:31: throw: if 'libdeflate_deflate_decompress' throws an exception...
erofs-utils-1.8.10/lib/decompress.c:275:31: danger: 'dest' leaks here; was allocated at [(3)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/2)
#  273|   	if (rq->partial_decoding) {
#  274|   		while (1) {
#  275|-> 			ret = libdeflate_deflate_decompress(inf, src + inputmargin,
#  276|   					rq->inputsize - inputmargin, dest,
#  277|   					decodedcapacity, &actual_out);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def62]
erofs-utils-1.8.10/lib/decompress.c:298:23: warning[-Wanalyzer-malloc-leak]: leak of 'dest'
erofs-utils-1.8.10/lib/decompress.c:256:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/decompress.c:259:27: branch_false: ...to here
erofs-utils-1.8.10/lib/decompress.c:261:24: acquire_memory: allocated here
erofs-utils-1.8.10/lib/decompress.c:262:20: branch_false: following 'false' branch (when 'buff' is non-NULL)...
erofs-utils-1.8.10/lib/decompress.c:267:15: branch_false: ...to here
erofs-utils-1.8.10/lib/decompress.c:268:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/decompress.c:273:13: branch_false: ...to here
erofs-utils-1.8.10/lib/decompress.c:273:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/decompress.c:300:33: branch_false: ...to here
erofs-utils-1.8.10/lib/decompress.c:298:23: throw: if 'libdeflate_deflate_decompress' throws an exception...
erofs-utils-1.8.10/lib/decompress.c:298:23: danger: 'dest' leaks here; was allocated at [(3)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/2)
#  296|   		}
#  297|   	} else {
#  298|-> 		ret = libdeflate_deflate_decompress(inf, src + inputmargin,
#  299|   				rq->inputsize - inputmargin, dest,
#  300|   				rq->decodedlength, NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def63]
erofs-utils-1.8.10/lib/decompress.c:482:23: warning[-Wanalyzer-malloc-leak]: leak of 'dest'
erofs-utils-1.8.10/lib/decompress.c:474:12: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/decompress.c:475:31: branch_true: ...to here
erofs-utils-1.8.10/lib/decompress.c:475:24: acquire_memory: allocated here
erofs-utils-1.8.10/lib/decompress.c:476:20: branch_false: following 'false' branch (when 'buff' is non-NULL)...
erofs-utils-1.8.10/lib/decompress.c:481:13: branch_false: ...to here
erofs-utils-1.8.10/lib/decompress.c:482:23: throw: if 'LZ4_decompress_safe_partial' throws an exception...
erofs-utils-1.8.10/lib/decompress.c:482:23: danger: 'dest' leaks here; was allocated at [(3)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/2)
#  480|   
#  481|   	if (rq->partial_decoding || !support_0padding)
#  482|-> 		ret = LZ4_decompress_safe_partial(src + inputmargin, dest,
#  483|   				rq->inputsize - inputmargin,
#  484|   				rq->decodedlength, rq->decodedlength);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def64]
erofs-utils-1.8.10/lib/decompress.c:486:23: warning[-Wanalyzer-malloc-leak]: leak of 'dest'
erofs-utils-1.8.10/lib/decompress.c:470:20: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/decompress.c:474:13: branch_false: ...to here
erofs-utils-1.8.10/lib/decompress.c:474:12: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/decompress.c:475:31: branch_true: ...to here
erofs-utils-1.8.10/lib/decompress.c:475:24: acquire_memory: allocated here
erofs-utils-1.8.10/lib/decompress.c:476:20: branch_false: following 'false' branch (when 'buff' is non-NULL)...
erofs-utils-1.8.10/lib/decompress.c:481:13: branch_false: ...to here
erofs-utils-1.8.10/lib/decompress.c:481:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/decompress.c:481:13: branch_false: ...to here
erofs-utils-1.8.10/lib/decompress.c:481:13: branch_true: following 'true' branch (when 'support_0padding != 0')...
erofs-utils-1.8.10/lib/decompress.c:488:43: branch_true: ...to here
erofs-utils-1.8.10/lib/decompress.c:486:23: throw: if 'LZ4_decompress_safe' throws an exception...
erofs-utils-1.8.10/lib/decompress.c:486:23: danger: 'dest' leaks here; was allocated at [(5)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/4)
#  484|   				rq->decodedlength, rq->decodedlength);
#  485|   	else
#  486|-> 		ret = LZ4_decompress_safe(src + inputmargin, dest,
#  487|   					  rq->inputsize - inputmargin,
#  488|   					  rq->decodedlength);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def65]
erofs-utils-1.8.10/lib/dedupe.c:166:9: warning[-Wanalyzer-malloc-leak]: leak of 'di'
erofs-utils-1.8.10/lib/dedupe.c:158:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/dedupe.c:161:14: acquire_memory: allocated here
erofs-utils-1.8.10/lib/dedupe.c:162:12: branch_false: following 'false' branch (when 'di' is non-NULL)...
erofs-utils-1.8.10/lib/dedupe.c:165:31: branch_false: ...to here
erofs-utils-1.8.10/lib/dedupe.c:166:9: throw: if 'erofs_sha256' throws an exception...
erofs-utils-1.8.10/lib/dedupe.c:166:9: danger: 'di' leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#  164|   
#  165|   	di->original_length = e->length;
#  166|-> 	erofs_sha256(original_data, window_size, di->prefix_sha256);
#  167|   
#  168|   	di->prefix_xxh64 = xxh64(original_data, window_size, 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def66]
erofs-utils-1.8.10/lib/dedupe_ext.c:55:31: warning[-Wanalyzer-malloc-leak]: leak of 'memb'
erofs-utils-1.8.10/lib/dedupe_ext.c:47:9: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/dedupe_ext.c:48:21: branch_true: ...to here
erofs-utils-1.8.10/lib/dedupe_ext.c:48:20: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/dedupe_ext.c:50:28: branch_true: following 'true' branch (when 'memb' is NULL)...
erofs-utils-1.8.10/lib/dedupe_ext.c:51:40: branch_true: ...to here
erofs-utils-1.8.10/lib/dedupe_ext.c:51:40: acquire_memory: allocated here
erofs-utils-1.8.10/lib/dedupe_ext.c:52:36: branch_false: following 'false' branch (when 'memb' is non-NULL)...
erofs-utils-1.8.10/lib/dedupe_ext.c:55:60: branch_false: ...to here
erofs-utils-1.8.10/lib/dedupe_ext.c:55:31: throw: if 'erofs_dev_read' throws an exception...
erofs-utils-1.8.10/lib/dedupe_ext.c:55:31: danger: 'memb' leaks here; was allocated at [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6)
#   53|   					break;
#   54|   			}
#   55|-> 			ret = erofs_dev_read(sbi, 0, memb, item->e.pstart, len);
#   56|   			if (ret < 0 || memcmp(memb, encoded, len))
#   57|   				continue;

Error: CPPCHECK_WARNING (CWE-457): [#def67]
erofs-utils-1.8.10/lib/dir.c:168: error[uninitvar]: Uninitialized variable: de->nameoff
#  166|   		}
#  167|   
#  168|-> 		nameoff = le16_to_cpu(de->nameoff);
#  169|   		if (nameoff < sizeof(struct erofs_dirent) ||
#  170|   		    nameoff >= erofs_blksiz(sbi)) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def68]
erofs-utils-1.8.10/lib/exclude.c:46:23: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
erofs-utils-1.8.10/lib/exclude.c:36:12: branch_false: following 'false' branch (when 'r' is non-NULL)...
erofs-utils-1.8.10/lib/exclude.c:39:22: branch_false: ...to here
erofs-utils-1.8.10/lib/exclude.c:39:22: acquire_memory: allocated here
erofs-utils-1.8.10/lib/exclude.c:40:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/exclude.c:45:12: branch_false: ...to here
erofs-utils-1.8.10/lib/exclude.c:45:12: branch_true: following 'true' branch (when 'is_regex != 0')...
erofs-utils-1.8.10/lib/exclude.c:46:31: branch_true: ...to here
erofs-utils-1.8.10/lib/exclude.c:46:23: throw: if 'regcomp' throws an exception...
erofs-utils-1.8.10/lib/exclude.c:46:23: danger: '<unknown>' leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   44|   
#   45|   	if (is_regex) {
#   46|-> 		ret = regcomp(&r->reg, s, REG_EXTENDED|REG_NOSUB);
#   47|   		if (ret) {
#   48|   			dump_regerror(ret, s, &r->reg);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def69]
erofs-utils-1.8.10/lib/exclude.c:46:23: warning[-Wanalyzer-malloc-leak]: leak of 'r'
erofs-utils-1.8.10/lib/exclude.c:34:13: acquire_memory: allocated here
erofs-utils-1.8.10/lib/exclude.c:36:12: branch_false: following 'false' branch (when 'r' is non-NULL)...
erofs-utils-1.8.10/lib/exclude.c:39:22: branch_false: ...to here
erofs-utils-1.8.10/lib/exclude.c:40:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/exclude.c:45:12: branch_false: ...to here
erofs-utils-1.8.10/lib/exclude.c:45:12: branch_true: following 'true' branch (when 'is_regex != 0')...
erofs-utils-1.8.10/lib/exclude.c:46:31: branch_true: ...to here
erofs-utils-1.8.10/lib/exclude.c:46:23: throw: if 'regcomp' throws an exception...
erofs-utils-1.8.10/lib/exclude.c:46:23: danger: 'r' leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#   44|   
#   45|   	if (is_regex) {
#   46|-> 		ret = regcomp(&r->reg, s, REG_EXTENDED|REG_NOSUB);
#   47|   		if (ret) {
#   48|   			dump_regerror(ret, s, &r->reg);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def70]
erofs-utils-1.8.10/lib/fragments.c:138:15: warning[-Wanalyzer-malloc-leak]: leak of 'data'
erofs-utils-1.8.10/lib/fragments.c:128:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/fragments.c:130:13: branch_false: ...to here
erofs-utils-1.8.10/lib/fragments.c:130:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/fragments.c:133:14: branch_false: ...to here
erofs-utils-1.8.10/lib/fragments.c:134:16: acquire_memory: allocated here
erofs-utils-1.8.10/lib/fragments.c:135:12: branch_false: following 'false' branch (when 'data' is non-NULL)...
erofs-utils-1.8.10/lib/fragments.c:138:35: branch_false: ...to here
erofs-utils-1.8.10/lib/fragments.c:138:15: throw: if 'pread' throws an exception...
erofs-utils-1.8.10/lib/fragments.c:138:15: danger: 'data' leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  136|   		return -ENOMEM;
#  137|   
#  138|-> 	ret = pread(fd, data, s1, inode->i_size - s1);
#  139|   	if (ret != s1) {
#  140|   		free(data);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def71]
erofs-utils-1.8.10/lib/fragments.c:282:22: warning[-Wanalyzer-malloc-leak]: leak of 'memblock'
erofs-utils-1.8.10/lib/fragments.c:238:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/fragments.c:241:18: branch_false: ...to here
erofs-utils-1.8.10/lib/fragments.c:242:12: branch_false: following 'false' branch (when 'offset >= 0')...
erofs-utils-1.8.10/lib/fragments.c:245:31: branch_false: ...to here
erofs-utils-1.8.10/lib/fragments.c:246:12: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/fragments.c:247:29: branch_true: ...to here
erofs-utils-1.8.10/lib/fragments.c:275:28: acquire_memory: allocated here
erofs-utils-1.8.10/lib/fragments.c:276:20: branch_false: following 'false' branch (when 'memblock' is non-NULL)...
erofs-utils-1.8.10/lib/fragments.c:282:51: branch_false: ...to here
erofs-utils-1.8.10/lib/fragments.c:282:22: throw: if 'pread' throws an exception...
erofs-utils-1.8.10/lib/fragments.c:282:22: danger: 'memblock' leaks here; was allocated at [(7)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/6)
#  280|   		onheap = true;
#  281|   
#  282|-> 		rc = pread(epi->fd, memblock, sz, offset + inode->i_size - sz);
#  283|   		if (rc != sz) {
#  284|   			if (rc >= 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def72]
erofs-utils-1.8.10/lib/fragments.c:538:15: warning[-Wanalyzer-malloc-leak]: leak of 'buffer'
erofs-utils-1.8.10/lib/fragments.c:518:12: branch_false: following 'false' branch (when 'err == 0')...
erofs-utils-1.8.10/lib/fragments.c:521:9: branch_false: ...to here
erofs-utils-1.8.10/lib/fragments.c:523:12: branch_false: following 'false' branch (when 'err == 0')...
erofs-utils-1.8.10/lib/fragments.c:526:15: branch_false: ...to here
erofs-utils-1.8.10/lib/fragments.c:527:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/fragments.c:532:29: branch_false: ...to here
erofs-utils-1.8.10/lib/fragments.c:534:18: acquire_memory: allocated here
erofs-utils-1.8.10/lib/fragments.c:535:12: branch_false: following 'false' branch (when 'buffer' is non-NULL)...
erofs-utils-1.8.10/lib/fragments.c:538:15: branch_false: ...to here
erofs-utils-1.8.10/lib/fragments.c:538:15: throw: if 'erofs_pread' throws an exception...
erofs-utils-1.8.10/lib/fragments.c:538:15: danger: 'buffer' leaks here; was allocated at [(7)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/6)
#  536|   		return ERR_PTR(-ENOMEM);
#  537|   
#  538|-> 	err = erofs_pread(pi, buffer, map->m_llen, map->m_la);
#  539|   	if (err)
#  540|   		goto err_out;

Error: GCC_ANALYZER_WARNING (CWE-835): [#def73]
erofs-utils-1.8.10/lib/inode.c:140:9: warning[-Wanalyzer-infinite-loop]: infinite loop
#  138|   		return got;
#  139|   
#  140|-> 	list_for_each_entry_safe(d, t, &inode->i_subdirs, d_child)
#  141|   		free(d);
#  142|   

Error: GCC_ANALYZER_WARNING (CWE-415): [#def74]
erofs-utils-1.8.10/lib/inode.c:141:17: warning[-Wanalyzer-double-free]: double-'free' of 'd'
erofs-utils-1.8.10/lib/inode.c:1844:12: enter_function: entry to 'erofs_mkfs_build_tree'
erofs-utils-1.8.10/lib/inode.c:1852:12: branch_false: following 'false' branch (when 'q' is non-NULL)...
erofs-utils-1.8.10/lib/inode.c:1855:13: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:1864:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/inode.c:1868:9: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:1876:12: branch_false: following 'false' branch (when 'err == 0')...
erofs-utils-1.8.10/lib/inode.c:1879:15: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:1879:15: call_function: calling '__erofs_mkfs_build_tree' from 'erofs_mkfs_build_tree'
#  139|   
#  140|   	list_for_each_entry_safe(d, t, &inode->i_subdirs, d_child)
#  141|-> 		free(d);
#  142|   
#  143|   	free(inode->compressmeta);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def75]
erofs-utils-1.8.10/lib/inode.c:162:28: warning[-Wanalyzer-malloc-leak]: leak of 'erofs_d_alloc(dir, ".")'
erofs-utils-1.8.10/lib/inode.c:2041:21: enter_function: entry to 'erofs_rebuild_make_root'
erofs-utils-1.8.10/lib/inode.c:2045:16: call_function: calling 'erofs_new_inode' from 'erofs_rebuild_make_root'
erofs-utils-1.8.10/lib/inode.c:2045:16: return_function: returning to 'erofs_rebuild_make_root' from 'erofs_new_inode'
erofs-utils-1.8.10/lib/inode.c:2046:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/inode.c:2048:27: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:2053:9: call_function: calling 'erofs_init_empty_dir' from 'erofs_rebuild_make_root'
#  160|   {
#  161|   	unsigned int namelen = strlen(name);
#  162|-> 	unsigned int fsz = round_up(namelen + 1, EROFS_DENTRY_NAME_ALIGNMENT);
#  163|   	struct erofs_dentry *d;
#  164|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def76]
erofs-utils-1.8.10/lib/inode.c:236:24: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
erofs-utils-1.8.10/lib/inode.c:2041:21: enter_function: entry to 'erofs_rebuild_make_root'
erofs-utils-1.8.10/lib/inode.c:2045:16: call_function: calling 'erofs_new_inode' from 'erofs_rebuild_make_root'
erofs-utils-1.8.10/lib/inode.c:2045:16: return_function: returning to 'erofs_rebuild_make_root' from 'erofs_new_inode'
erofs-utils-1.8.10/lib/inode.c:2046:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/inode.c:2048:27: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:2053:9: call_function: calling 'erofs_init_empty_dir' from 'erofs_rebuild_make_root'
#  234|   	d = erofs_d_alloc(dir, ".");
#  235|   	if (IS_ERR(d))
#  236|-> 		return PTR_ERR(d);
#  237|   	d->inode = erofs_igrab(dir);
#  238|   	d->type = EROFS_FT_DIR;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def77]
erofs-utils-1.8.10/lib/inode.c:243:24: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
erofs-utils-1.8.10/lib/inode.c:2041:21: enter_function: entry to 'erofs_rebuild_make_root'
erofs-utils-1.8.10/lib/inode.c:2045:16: call_function: calling 'erofs_new_inode' from 'erofs_rebuild_make_root'
erofs-utils-1.8.10/lib/inode.c:2045:16: return_function: returning to 'erofs_rebuild_make_root' from 'erofs_new_inode'
erofs-utils-1.8.10/lib/inode.c:2046:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/inode.c:2048:27: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:2053:9: call_function: calling 'erofs_init_empty_dir' from 'erofs_rebuild_make_root'
#  241|   	d = erofs_d_alloc(dir, "..");
#  242|   	if (IS_ERR(d))
#  243|-> 		return PTR_ERR(d);
#  244|   	d->inode = erofs_igrab(erofs_parent_inode(dir));
#  245|   	d->type = EROFS_FT_DIR;

Error: CPPCHECK_WARNING (CWE-457): [#def78]
erofs-utils-1.8.10/lib/inode.c:394: error[uninitvar]: Uninitialized variable: de->nameoff
#  392|   			return err;
#  393|   
#  394|-> 		nameoff = le16_to_cpu(de->nameoff);
#  395|   		if (nameoff < sizeof(struct erofs_dirent) ||
#  396|   		    nameoff >= count) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def79]
erofs-utils-1.8.10/lib/inode.c:524:24: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'ctx.fd'
erofs-utils-1.8.10/lib/inode.c:1844:12: enter_function: entry to 'erofs_mkfs_build_tree'
erofs-utils-1.8.10/lib/inode.c:1852:12: branch_false: following 'false' branch (when 'q' is non-NULL)...
erofs-utils-1.8.10/lib/inode.c:1855:13: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:1864:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/inode.c:1868:9: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:1876:12: branch_false: following 'false' branch (when 'err == 0')...
erofs-utils-1.8.10/lib/inode.c:1879:15: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:1879:15: call_function: calling '__erofs_mkfs_build_tree' from 'erofs_mkfs_build_tree'
#  522|   {
#  523|   	if (cfg.c_compress_hints_file)
#  524|-> 		return z_erofs_apply_compress_hints(inode);
#  525|   	return true;
#  526|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def80]
erofs-utils-1.8.10/lib/inode.c:1073:25: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
erofs-utils-1.8.10/lib/inode.c:1926:21: enter_function: entry to 'erofs_mkfs_build_special_from_fd'
erofs-utils-1.8.10/lib/inode.c:1935:12: branch_false: following 'false' branch (when 'ret >= 0')...
erofs-utils-1.8.10/lib/inode.c:1938:15: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:1939:12: branch_false: following 'false' branch (when 'ret == 0')...
erofs-utils-1.8.10/lib/inode.c:1942:17: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:1942:17: call_function: calling 'erofs_new_inode' from 'erofs_mkfs_build_special_from_fd'
erofs-utils-1.8.10/lib/inode.c:1942:17: return_function: returning to 'erofs_mkfs_build_special_from_fd' from 'erofs_new_inode'
erofs-utils-1.8.10/lib/inode.c:1943:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/inode.c:1946:13: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:1951:15: call_function: calling 'erofs_fill_inode' from 'erofs_mkfs_build_special_from_fd'
# 1071|   	if (erofs_should_use_inode_extended(inode, path)) {
# 1072|   		if (cfg.c_force_inodeversion == FORCE_INODE_COMPACT) {
# 1073|-> 			erofs_err("file %s cannot be in compact form",
# 1074|   				  inode->i_srcpath);
# 1075|   			return -EINVAL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def81]
erofs-utils-1.8.10/lib/inode.c:1101:22: warning[-Wanalyzer-malloc-leak]: leak of 'erofs_new_inode(sbi)'
erofs-utils-1.8.10/lib/inode.c:1926:21: enter_function: entry to 'erofs_mkfs_build_special_from_fd'
erofs-utils-1.8.10/lib/inode.c:1935:12: branch_false: following 'false' branch (when 'ret >= 0')...
erofs-utils-1.8.10/lib/inode.c:1938:15: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:1939:12: branch_false: following 'false' branch (when 'ret == 0')...
erofs-utils-1.8.10/lib/inode.c:1942:17: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:1942:17: call_function: calling 'erofs_new_inode' from 'erofs_mkfs_build_special_from_fd'
erofs-utils-1.8.10/lib/inode.c:1942:17: return_function: returning to 'erofs_mkfs_build_special_from_fd' from 'erofs_new_inode'
erofs-utils-1.8.10/lib/inode.c:1943:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/inode.c:1946:13: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:1946:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/inode.c:1951:15: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:1951:15: call_function: calling 'erofs_fill_inode' from 'erofs_mkfs_build_special_from_fd'
# 1099|   	 * the target filesystem rather than any other foreign sources.
# 1100|   	 */
# 1101|-> 	inode->dev = sbi->dev;
# 1102|   	inode->i_count = 1;
# 1103|   	inode->datalayout = EROFS_INODE_FLAT_PLAIN;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def82]
erofs-utils-1.8.10/lib/inode.c:1392:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'ctx.fd'
erofs-utils-1.8.10/lib/inode.c:1844:12: enter_function: entry to 'erofs_mkfs_build_tree'
erofs-utils-1.8.10/lib/inode.c:1852:12: branch_false: following 'false' branch (when 'q' is non-NULL)...
erofs-utils-1.8.10/lib/inode.c:1855:13: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:1864:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/inode.c:1868:9: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:1876:12: branch_false: following 'false' branch (when 'err == 0')...
erofs-utils-1.8.10/lib/inode.c:1879:15: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:1879:15: call_function: calling '__erofs_mkfs_build_tree' from 'erofs_mkfs_build_tree'
# 1390|   			return -ECHILD;
# 1391|   		}
# 1392|-> 		pthread_cond_wait(&q->full, &q->lock);
# 1393|   	}
# 1394|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def83]
erofs-utils-1.8.10/lib/inode.c:1447:22: warning[-Wanalyzer-malloc-leak]: leak of 'opendir(*dir.i_srcpath)'
erofs-utils-1.8.10/lib/inode.c:1844:12: enter_function: entry to 'erofs_mkfs_build_tree'
erofs-utils-1.8.10/lib/inode.c:1852:12: branch_false: following 'false' branch (when 'q' is non-NULL)...
erofs-utils-1.8.10/lib/inode.c:1855:13: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:1864:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/inode.c:1868:9: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:1876:12: branch_false: following 'false' branch (when 'err == 0')...
erofs-utils-1.8.10/lib/inode.c:1879:15: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:1879:15: call_function: calling '__erofs_mkfs_build_tree' from 'erofs_mkfs_build_tree'
# 1445|   		 */
# 1446|   		errno = 0;
# 1447|-> 		dp = readdir(_dir);
# 1448|   		if (!dp) {
# 1449|   			if (!errno)

Error: GCC_ANALYZER_WARNING (CWE-775): [#def84]
erofs-utils-1.8.10/lib/inode.c:1609:44: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'ctx.fd'
erofs-utils-1.8.10/lib/inode.c:1844:12: enter_function: entry to 'erofs_mkfs_build_tree'
erofs-utils-1.8.10/lib/inode.c:1852:12: branch_false: following 'false' branch (when 'q' is non-NULL)...
erofs-utils-1.8.10/lib/inode.c:1855:13: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:1864:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/inode.c:1868:9: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:1876:12: branch_false: following 'false' branch (when 'err == 0')...
erofs-utils-1.8.10/lib/inode.c:1879:15: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:1879:15: call_function: calling '__erofs_mkfs_build_tree' from 'erofs_mkfs_build_tree'
# 1607|   			if (cfg.c_compr_opts[0].alg &&
# 1608|   			    erofs_file_is_compressible(inode)) {
# 1609|-> 				ctx.ictx = erofs_begin_compressed_file(inode,
# 1610|   								ctx.fd, 0);
# 1611|   				if (IS_ERR(ctx.ictx))

Error: GCC_ANALYZER_WARNING (CWE-401): [#def85]
erofs-utils-1.8.10/lib/inode.c:1861:9: warning[-Wanalyzer-malloc-leak]: leak of 'q'
erofs-utils-1.8.10/lib/inode.c:1851:13: acquire_memory: allocated here
erofs-utils-1.8.10/lib/inode.c:1852:12: branch_false: following 'false' branch (when 'q' is non-NULL)...
erofs-utils-1.8.10/lib/inode.c:1855:13: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:1861:9: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/inode.c:1861:9: branch_true: ...to here
erofs-utils-1.8.10/lib/inode.c:1861:9: throw: if 'erofs_msg' throws an exception...
erofs-utils-1.8.10/lib/inode.c:1861:9: danger: 'q' leaks here; was allocated at [(1)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/0)
# 1859|   		q->entries = err && err < 32768 ? err : 32768;
# 1860|   	}
# 1861|-> 	erofs_dbg("Set the asynchronous queue size to %u", q->entries);
# 1862|   
# 1863|   	q->queue = malloc(q->entries * sizeof(*q->queue));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def86]
erofs-utils-1.8.10/lib/inode.c:2034:15: warning[-Wanalyzer-malloc-leak]: leak of 'ibuf'
erofs-utils-1.8.10/lib/inode.c:1988:5: enter_function: entry to 'erofs_fixup_root_inode'
erofs-utils-1.8.10/lib/inode.c:1996:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/inode.c:1999:12: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:1999:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/inode.c:2004:9: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:2006:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/inode.c:2012:13: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:2012:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/inode.c:2016:27: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:2025:12: branch_false: following 'false' branch (when 'ondisk_capacity >= ondisk_size')...
erofs-utils-1.8.10/lib/inode.c:2031:16: branch_false: ...to here
erofs-utils-1.8.10/lib/inode.c:2031:16: acquire_memory: allocated here
erofs-utils-1.8.10/lib/inode.c:2032:12: branch_false: following 'false' branch (when 'ibuf' is non-NULL)...
erofs-utils-1.8.10/lib/inode.c:2034:44: call_function: inlined call to 'erofs_iloc' from 'erofs_fixup_root_inode'
erofs-utils-1.8.10/lib/inode.c:2034:15: throw: if 'erofs_dev_read' throws an exception...
erofs-utils-1.8.10/lib/inode.c:2034:15: danger: 'ibuf' leaks here; was allocated at [(12)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/11)
# 2032|   	if (!ibuf)
# 2033|   		return -ENOMEM;
# 2034|-> 	err = erofs_dev_read(sbi, 0, ibuf, erofs_iloc(root), ondisk_size);
# 2035|   	if (err >= 0)
# 2036|   		err = erofs_dev_write(sbi, ibuf, erofs_iloc(&oi), ondisk_size);

Error: CPPCHECK_WARNING (CWE-457): [#def87]
erofs-utils-1.8.10/lib/namei.c:195: error[uninitvar]: Uninitialized variable: de->nameoff
#  193|   			return ret;
#  194|   
#  195|-> 		nameoff = le16_to_cpu(de->nameoff);
#  196|   		if (nameoff < sizeof(struct erofs_dirent) ||
#  197|   		    nameoff >= erofs_blksiz(sbi)) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def88]
erofs-utils-1.8.10/lib/rebuild.c:446:15: warning[-Wanalyzer-malloc-leak]: leak of 'inode.i_srcpath'
erofs-utils-1.8.10/lib/rebuild.c:426:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/rebuild.c:431:21: branch_false: ...to here
erofs-utils-1.8.10/lib/rebuild.c:434:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/rebuild.c:438:27: branch_false: ...to here
erofs-utils-1.8.10/lib/rebuild.c:438:27: acquire_memory: allocated here
erofs-utils-1.8.10/lib/rebuild.c:446:15: throw: if 'erofs_iterate_dir' throws an exception...
erofs-utils-1.8.10/lib/rebuild.c:446:15: danger: 'inode.i_srcpath' leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  444|   		.datamode = mode,
#  445|   	};
#  446|-> 	ret = erofs_iterate_dir(&ctx.ctx, false);
#  447|   	free(inode.i_srcpath);
#  448|   	return ret;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def89]
erofs-utils-1.8.10/lib/rebuild.c:474:13: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
erofs-utils-1.8.10/lib/rebuild.c:451:12: enter_function: entry to 'erofs_rebuild_basedir_dirent_iter'
erofs-utils-1.8.10/lib/rebuild.c:461:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/rebuild.c:464:37: branch_false: ...to here
erofs-utils-1.8.10/lib/rebuild.c:465:12: branch_false: following 'false' branch (when 'dname' is non-NULL)...
erofs-utils-1.8.10/lib/rebuild.c:467:13: branch_false: ...to here
erofs-utils-1.8.10/lib/rebuild.c:467:13: call_function: calling 'erofs_rebuild_get_dentry' from 'erofs_rebuild_basedir_dirent_iter'
erofs-utils-1.8.10/lib/rebuild.c:467:13: return_function: returning to 'erofs_rebuild_basedir_dirent_iter' from 'erofs_rebuild_get_dentry'
erofs-utils-1.8.10/lib/rebuild.c:469:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/rebuild.c:474:13: branch_false: ...to here
erofs-utils-1.8.10/lib/rebuild.c:474:13: danger: dereference of NULL 'erofs_rebuild_get_dentry(mergedir,  dname, 0, & dumb, & dumb, 0)'
#  472|   	}
#  473|   
#  474|-> 	if (d->type == EROFS_FT_UNKNOWN) {
#  475|   		d->nid = ctx->de_nid;
#  476|   		d->type = ctx->de_ftype;

Error: CPPCHECK_WARNING (CWE-758): [#def90]
erofs-utils-1.8.10/lib/super.c:50: error[shiftTooManyBits]: Shifting 64-bit value by 64 bits is undefined behaviour
#   48|   
#   49|   	sbi->extra_devices = ondisk_extradevs;
#   50|-> 	sbi->device_id_mask = roundup_pow_of_two(ondisk_extradevs + 1) - 1;
#   51|   	sbi->devs = calloc(ondisk_extradevs, sizeof(*sbi->devs));
#   52|   	if (!sbi->devs)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def91]
erofs-utils-1.8.10/lib/tar.c:157:31: warning[-Wanalyzer-malloc-leak]: leak of 'buf'
erofs-utils-1.8.10/lib/tar.c:483:5: enter_function: entry to 'tarerofs_parse_pax_header'
erofs-utils-1.8.10/lib/tar.c:489:15: acquire_memory: allocated here
erofs-utils-1.8.10/lib/tar.c:490:12: branch_false: following 'false' branch (when 'buf' is non-NULL)...
erofs-utils-1.8.10/lib/tar.c:494:15: branch_false: ...to here
erofs-utils-1.8.10/lib/tar.c:494:15: call_function: calling 'erofs_iostream_bread' from 'tarerofs_parse_pax_header'
#  155|   		if (ios->decoder == EROFS_IOS_DECODER_GZIP) {
#  156|   #if defined(HAVE_ZLIB)
#  157|-> 			ret = gzread(ios->handler, ios->buffer + rabytes,
#  158|   				     ios->bufsize - rabytes);
#  159|   			if (!ret) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def92]
erofs-utils-1.8.10/lib/tar.c:163:42: warning[-Wanalyzer-malloc-leak]: leak of 'buf'
erofs-utils-1.8.10/lib/tar.c:483:5: enter_function: entry to 'tarerofs_parse_pax_header'
erofs-utils-1.8.10/lib/tar.c:489:15: acquire_memory: allocated here
erofs-utils-1.8.10/lib/tar.c:490:12: branch_false: following 'false' branch (when 'buf' is non-NULL)...
erofs-utils-1.8.10/lib/tar.c:494:15: branch_false: ...to here
erofs-utils-1.8.10/lib/tar.c:494:15: call_function: calling 'erofs_iostream_bread' from 'tarerofs_parse_pax_header'
#  161|   				const char *errstr;
#  162|   
#  163|-> 				errstr = gzerror(ios->handler, &errnum);
#  164|   				if (errnum != Z_STREAM_END) {
#  165|   					erofs_err("failed to gzread: %s", errstr);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def93]
erofs-utils-1.8.10/lib/tar.c:165:41: warning[-Wanalyzer-malloc-leak]: leak of 'buf'
erofs-utils-1.8.10/lib/tar.c:483:5: enter_function: entry to 'tarerofs_parse_pax_header'
erofs-utils-1.8.10/lib/tar.c:489:15: acquire_memory: allocated here
erofs-utils-1.8.10/lib/tar.c:490:12: branch_false: following 'false' branch (when 'buf' is non-NULL)...
erofs-utils-1.8.10/lib/tar.c:494:15: branch_false: ...to here
erofs-utils-1.8.10/lib/tar.c:494:15: call_function: calling 'erofs_iostream_bread' from 'tarerofs_parse_pax_header'
#  163|   				errstr = gzerror(ios->handler, &errnum);
#  164|   				if (errnum != Z_STREAM_END) {
#  165|-> 					erofs_err("failed to gzread: %s", errstr);
#  166|   					return -EIO;
#  167|   				}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def94]
erofs-utils-1.8.10/lib/tar.c:206:31: warning[-Wanalyzer-malloc-leak]: leak of 'buf'
erofs-utils-1.8.10/lib/tar.c:483:5: enter_function: entry to 'tarerofs_parse_pax_header'
erofs-utils-1.8.10/lib/tar.c:489:15: acquire_memory: allocated here
erofs-utils-1.8.10/lib/tar.c:490:12: branch_false: following 'false' branch (when 'buf' is non-NULL)...
erofs-utils-1.8.10/lib/tar.c:494:15: branch_false: ...to here
erofs-utils-1.8.10/lib/tar.c:494:15: call_function: calling 'erofs_iostream_bread' from 'tarerofs_parse_pax_header'
#  204|   #endif
#  205|   		} else {
#  206|-> 			ret = erofs_io_read(&ios->vf, ios->buffer + rabytes,
#  207|   					    ios->bufsize - rabytes);
#  208|   			if (ret < 0)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def95]
erofs-utils-1.8.10/lib/tar.c:215:29: warning[-Wanalyzer-malloc-leak]: leak of 'buf'
erofs-utils-1.8.10/lib/tar.c:483:5: enter_function: entry to 'tarerofs_parse_pax_header'
erofs-utils-1.8.10/lib/tar.c:489:15: acquire_memory: allocated here
erofs-utils-1.8.10/lib/tar.c:490:12: branch_false: following 'false' branch (when 'buf' is non-NULL)...
erofs-utils-1.8.10/lib/tar.c:494:15: branch_false: ...to here
erofs-utils-1.8.10/lib/tar.c:494:15: call_function: calling 'erofs_iostream_bread' from 'tarerofs_parse_pax_header'
#  213|   		}
#  214|   		if (__erofs_unlikely(ios->dumpfd >= 0))
#  215|-> 			if (write(ios->dumpfd, ios->buffer + rabytes, ret) < ret)
#  216|   				erofs_err("failed to dump %d bytes of the raw stream: %s",
#  217|   					  ret, erofs_strerror(-errno));

Error: CPPCHECK_WARNING (CWE-476): [#def96]
erofs-utils-1.8.10/lib/tar.c:530: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: eh->path
#  528|   				free(eh->path);
#  529|   				eh->path = strdup(value);
#  530|-> 				while (eh->path[j - 1] == '/')
#  531|   					eh->path[--j] = '\0';
#  532|   			} else if (!strncmp(kv, "linkpath=",

Error: CPPCHECK_WARNING (CWE-401): [#def97]
erofs-utils-1.8.10/lib/xattr.c:361: error[memleak]: Memory leak: node
#  359|   	node->item = item;
#  360|   	list_add(&node->list, hlist);
#  361|-> 	return 0;
#  362|   }
#  363|   

Error: CPPCHECK_WARNING (CWE-476): [#def98]
erofs-utils-1.8.10/lib/xattr.c:486: warning[nullPointer]: Possible null pointer dereference: value
#  484|   
#  485|   	memcpy(kvbuf, key, EROFS_XATTR_KSIZE(len));
#  486|-> 	memcpy(kvbuf + EROFS_XATTR_KSIZE(len), value, size);
#  487|   
#  488|   	item = get_xattritem(kvbuf, len);

Error: GCC_ANALYZER_WARNING (CWE-688): [#def99]
erofs-utils-1.8.10/lib/xattr.c:1491:9: warning[-Wanalyzer-null-argument]: use of NULL 'infix' where non-null expected
erofs-utils-1.8.10/lib/xattr.c:1543:12: enter_function: entry to 'shared_listxattr'
erofs-utils-1.8.10/lib/xattr.c:1548:21: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/xattr.c:1550:45: branch_true: ...to here
erofs-utils-1.8.10/lib/xattr.c:1553:20: branch_true: following 'true' branch (when 'i == 0')...
erofs-utils-1.8.10/lib/xattr.c:1554:58: branch_true: ...to here
erofs-utils-1.8.10/lib/xattr.c:1555:28: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/xattr.c:1558:25: branch_false: ...to here
erofs-utils-1.8.10/lib/xattr.c:1562:23: call_function: calling 'xattr_foreach' from 'shared_listxattr'
# 1489|   
# 1490|   	memcpy(it->buffer + it->buffer_ofs, prefix, prefix_len);
# 1491|-> 	memcpy(it->buffer + it->buffer_ofs + prefix_len, infix, infix_len);
# 1492|   	it->buffer_ofs += prefix_len + infix_len;
# 1493|   	return 0;

Error: CPPCHECK_WARNING (CWE-401): [#def100]
erofs-utils-1.8.10/lib/xattr.c:1620: error[memleak]: Memory leak: tnode
# 1618|   	init_list_head(&tnode->list);
# 1619|   	list_add_tail(&tnode->list, &ea_name_prefixes);
# 1620|-> 	return 0;
# 1621|   }
# 1622|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def101]
erofs-utils-1.8.10/lib/xattr.c:1665:23: warning[-Wanalyzer-malloc-leak]: leak of 'pfs'
erofs-utils-1.8.10/lib/xattr.c:1654:12: branch_false: following 'false' branch...
erofs-utils-1.8.10/lib/xattr.c:1657:13: branch_false: ...to here
erofs-utils-1.8.10/lib/xattr.c:1660:15: acquire_memory: allocated here
erofs-utils-1.8.10/lib/xattr.c:1661:12: branch_false: following 'false' branch (when 'pfs' is non-NULL)...
erofs-utils-1.8.10/lib/xattr.c:1661:12: branch_false: ...to here
erofs-utils-1.8.10/lib/xattr.c:1664:21: branch_true: following 'true' branch...
erofs-utils-1.8.10/lib/xattr.c:1665:23: branch_true: ...to here
erofs-utils-1.8.10/lib/xattr.c:1665:23: throw: if 'erofs_read_metadata' throws an exception...
erofs-utils-1.8.10/lib/xattr.c:1665:23: danger: 'pfs' leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
# 1663|   
# 1664|   	for (i = 0; i < sbi->xattr_prefix_count; i++) {
# 1665|-> 		buf = erofs_read_metadata(sbi, nid, &pos, &len);
# 1666|   		if (IS_ERR(buf)) {
# 1667|   			ret = PTR_ERR(buf);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def102]
erofs-utils-1.8.10/mkfs/main.c:599:23: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(strdup(*<unknown>), 0)’
erofs-utils-1.8.10/mkfs/main.c:590:12: branch_true: following ‘true’ branch...
erofs-utils-1.8.10/mkfs/main.c:591:46: branch_true: ...to here
erofs-utils-1.8.10/mkfs/main.c:592:20: branch_false: following ‘false’ branch...
erofs-utils-1.8.10/mkfs/main.c:594:22: branch_false: ...to here
erofs-utils-1.8.10/mkfs/main.c:594:22: acquire_resource: opened here
erofs-utils-1.8.10/mkfs/main.c:595:20: branch_false: following ‘false’ branch...
erofs-utils-1.8.10/mkfs/main.c:599:23: branch_false: ...to here
erofs-utils-1.8.10/mkfs/main.c:599:23: danger: ‘open(strdup(*<unknown>), 0)’ leaks here; was opened at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  597|   			return -errno;
#  598|   		}
#  599|-> 		err = erofs_iostream_open(&erofstar.ios, fd,
#  600|   					  tarerofs_decoder);
#  601|   		if (err)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def103]
erofs-utils-1.8.10/mkfs/main.c:648:31: warning[-Wanalyzer-malloc-leak]: leak of ‘src’
erofs-utils-1.8.10/mkfs/main.c:616:20: branch_false: following ‘false’ branch (when ‘err == 0’)...
erofs-utils-1.8.10/mkfs/main.c:621:21: branch_false: ...to here
erofs-utils-1.8.10/mkfs/main.c:621:20: branch_true: following ‘true’ branch...
erofs-utils-1.8.10/mkfs/main.c:622:42: branch_true: ...to here
erofs-utils-1.8.10/mkfs/main.c:623:28: branch_false: following ‘false’ branch...
erofs-utils-1.8.10/mkfs/main.c:628:25: branch_false: ...to here
erofs-utils-1.8.10/mkfs/main.c:637:12: branch_true: following ‘true’ branch...
erofs-utils-1.8.10/mkfs/main.c:638:23: branch_true: ...to here
erofs-utils-1.8.10/mkfs/main.c:642:31: acquire_memory: allocated here
erofs-utils-1.8.10/mkfs/main.c:643:28: branch_false: following ‘false’ branch (when ‘src’ is non-NULL)...
erofs-utils-1.8.10/mkfs/main.c:648:31: branch_false: ...to here
erofs-utils-1.8.10/mkfs/main.c:648:31: throw: if ‘erofs_dev_open’ throws an exception...
erofs-utils-1.8.10/mkfs/main.c:648:31: danger: ‘src’ leaks here; was allocated at [(9)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/8)
#  646|   			}
#  647|   
#  648|-> 			err = erofs_dev_open(src, srcpath, O_RDONLY);
#  649|   			if (err) {
#  650|   				free(src);

Error: CPPCHECK_WARNING (CWE-758): [#def104]
erofs-utils-1.8.10/mkfs/main.c:835: error[shiftTooManyBits]: Shifting 32-bit value by 63 bits is undefined behaviour
#  833|   			}
#  834|   			cfg.c_chunkbits = ilog2(i);
#  835|-> 			if ((1 << cfg.c_chunkbits) != i) {
#  836|   				erofs_err("chunksize %s must be a power of two",
#  837|   					  optarg);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def105]
erofs-utils-1.8.10/mkfs/main.c:1050:23: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dupfd’
erofs-utils-1.8.10/mkfs/main.c:1025:12: branch_false: following ‘false’ branch...
erofs-utils-1.8.10/mkfs/main.c:1030:38: branch_false: ...to here
erofs-utils-1.8.10/mkfs/main.c:1031:12: branch_false: following ‘false’ branch...
erofs-utils-1.8.10/mkfs/main.c:1034:13: branch_false: ...to here
erofs-utils-1.8.10/mkfs/main.c:1034:12: branch_false: following ‘false’ branch...
erofs-utils-1.8.10/mkfs/main.c:1038:20: branch_false: ...to here
erofs-utils-1.8.10/mkfs/main.c:1038:19: branch_true: following ‘true’ branch...
erofs-utils-1.8.10/mkfs/main.c:1044:25: branch_true: ...to here
erofs-utils-1.8.10/mkfs/main.c:1044:25: acquire_resource: opened here
erofs-utils-1.8.10/mkfs/main.c:1045:20: branch_false: following ‘false’ branch (when ‘dupfd >= 0’)...
erofs-utils-1.8.10/mkfs/main.c:1050:23: branch_false: ...to here
erofs-utils-1.8.10/mkfs/main.c:1050:23: throw: if ‘erofs_iostream_open’ throws an exception...
erofs-utils-1.8.10/mkfs/main.c:1050:23: danger: ‘dupfd’ leaks here; was opened at [(9)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/8)
# 1048|   			return -errno;
# 1049|   		}
# 1050|-> 		err = erofs_iostream_open(&erofstar.ios, dupfd,
# 1051|   					  tarerofs_decoder);
# 1052|   		if (err)

Scan Properties