Error: GCC_ANALYZER_WARNING (CWE-404): [#def1] gzip-1.13/lib/fprintf.c:45:12: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end' gzip-1.13/lib/fprintf.c:44:3: acquire_resource: 'va_start' called here gzip-1.13/lib/fprintf.c:45:12: throw: if 'vasnprintf' throws an exception... gzip-1.13/lib/fprintf.c:45:12: danger: missing call to 'va_end' to match 'va_start' at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0) # 43| # 44| va_start (args, format); # 45|-> output = vasnprintf (buf, &lenbuf, format, args); # 46| len = lenbuf; # 47| va_end (args); Error: GCC_ANALYZER_WARNING (CWE-401): [#def2] gzip-1.13/lib/opendir-safer.c:69:11: warning[-Wanalyzer-malloc-leak]: leak of 'newdp' gzip-1.13/lib/opendir-safer.c:35:6: branch_true: following 'true' branch... gzip-1.13/lib/opendir-safer.c:37:16: branch_true: ...to here gzip-1.13/lib/opendir-safer.c:39:10: branch_true: following 'true' branch... gzip-1.13/lib/opendir-safer.c:52:19: branch_true: ...to here gzip-1.13/lib/opendir-safer.c:53:14: branch_false: following 'false' branch... gzip-1.13/lib/opendir-safer.c:60:23: branch_false: ...to here gzip-1.13/lib/opendir-safer.c:60:23: acquire_memory: allocated here gzip-1.13/lib/opendir-safer.c:62:18: branch_false: following 'false' branch... gzip-1.13/lib/opendir-safer.c:69:11: branch_false: ...to here gzip-1.13/lib/opendir-safer.c:69:11: throw: if 'closedir' throws an exception... gzip-1.13/lib/opendir-safer.c:69:11: danger: 'newdp' leaks here; was allocated at [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6) # 67| e = errno; # 68| #endif # 69|-> closedir (dp); # 70| errno = e; # 71| dp = newdp; Error: GCC_ANALYZER_WARNING (CWE-401): [#def3] gzip-1.13/lib/savedir.c:110:12: warning[-Wanalyzer-malloc-leak]: leak of 'opendir_safer(dir)' gzip-1.13/lib/savedir.c:177:1: enter_function: entry to 'savedir' gzip-1.13/lib/savedir.c:179:15: acquire_memory: allocated here gzip-1.13/lib/savedir.c:180:6: branch_false: following 'false' branch... gzip-1.13/lib/savedir.c:184:26: branch_false: ...to here gzip-1.13/lib/savedir.c:184:26: call_function: calling 'streamsavedir' from 'savedir' # 108| # 109| errno = 0; # 110|-> dp = readdir (dirp); # 111| if (! dp) # 112| break;
| analyzer-version-clippy | 1.92.0 |
| analyzer-version-cppcheck | 2.19.1 |
| analyzer-version-gcc | 16.0.0 |
| analyzer-version-gcc-analyzer | 16.0.0 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.92.0 |
| diffbase-analyzer-version-cppcheck | 2.19.1 |
| diffbase-analyzer-version-gcc | 16.0.0 |
| diffbase-analyzer-version-gcc-analyzer | 16.0.0 |
| diffbase-analyzer-version-shellcheck | 0.11.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-81.us-west-2.compute.internal |
| diffbase-known-false-positives | /usr/share/csmock/known-false-positives.js |
| diffbase-known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| diffbase-mock-config | fedora-rawhide-x86_64 |
| diffbase-project-name | gzip-1.14-1.fc44 |
| diffbase-store-results-to | /tmp/tmpkofnhjp5/gzip-1.14-1.fc44.tar.xz |
| diffbase-time-created | 2026-01-08 16:59:04 |
| diffbase-time-finished | 2026-01-08 17:00:55 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmpkofnhjp5/gzip-1.14-1.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpkofnhjp5/gzip-1.14-1.fc44.src.rpm' |
| diffbase-tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-81.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | gzip-1.13-4.fc43 |
| store-results-to | /tmp/tmp_cpcjmz6/gzip-1.13-4.fc43.tar.xz |
| time-created | 2026-01-08 16:56:21 |
| time-finished | 2026-01-08 16:58:38 |
| title | Fixed findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmp_cpcjmz6/gzip-1.13-4.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmp_cpcjmz6/gzip-1.13-4.fc43.src.rpm' |
| tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |