less-685-6.fc44

List of Findings

Error: SHELLCHECK_WARNING (CWE-758): [#def1]
/etc/profile.d/less.sh:1:1: error[SC2148]: Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive.
#    1|-> # less initialization script (sh)
#    2|   
#    3|   # All less.*sh files should have the same semantics!

Error: COMPILER_WARNING (CWE-252): [#def2]
less-685/ch.c: scope_hint: In function ‘ch_get’
less-685/ch.c:311:33: warning[-Wunused-result]: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’
#  311 |                                 write(logfile, &bp->data[bp->datasize], (size_t) n);
#      |                                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  309|   		{
#  310|   			if (logfile >= 0 && n > 0)
#  311|-> 				write(logfile, &bp->data[bp->datasize], (size_t) n);
#  312|   		}
#  313|   #endif

Error: COMPILER_WARNING (CWE-252): [#def3]
less-685/ch.c: scope_hint: In function ‘sync_logfile’
less-685/ch.c:448:33: warning[-Wunused-result]: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’
#  448 |                                 write(logfile, bp->data, bp->datasize);
#      |                                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  446|   			if (bp->block == block)
#  447|   			{
#  448|-> 				write(logfile, bp->data, bp->datasize);
#  449|   				wrote = TRUE;
#  450|   				break;

Error: GCC_ANALYZER_WARNING (CWE-416): [#def4]
less-685/ch.c:809:17: warning[-Wanalyzer-use-after-free]: use after ‘free’ of ‘*thisfile.buflist.next’
less-685/ch.c:806:16: branch_true: following ‘true’ branch...
less-685/ch.c:809:17: branch_true: ...to here
less-685/ch.c:810:17: release_memory: freed here
less-685/ch.c:806:16: branch_true: following ‘true’ branch...
less-685/ch.c:809:17: branch_true: ...to here
less-685/ch.c:809:17: danger: use after ‘free’ of ‘*thisfile.buflist.next’; freed at [(4)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/3)
#  807|   	{
#  808|   		bn = ch_bufhead;
#  809|-> 		BUF_RM(bn);
#  810|   		free(bufnode_buf(bn));
#  811|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def5]
less-685/decode.c:471:17: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
less-685/decode.c:982:12: enter_function: entry to ‘lesskey’
less-685/decode.c:995:12: branch_false: following ‘false’ branch...
less-685/decode.c:1006:15: branch_false: ...to here
less-685/decode.c:1007:12: branch_false: following ‘false’ branch...
less-685/decode.c:1015:38: branch_false: ...to here
less-685/decode.c:1015:38: acquire_memory: allocated here
less-685/decode.c:1015:12: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
less-685/decode.c:1020:13: branch_false: ...to here
less-685/decode.c:1020:12: branch_false: following ‘false’ branch...
less-685/decode.c:1026:13: branch_false: ...to here
less-685/decode.c:1028:12: branch_false: following ‘false’ branch...
less-685/decode.c:1038:12: branch_false: ...to here
less-685/decode.c:1041:24: call_function: calling ‘old_lesskey’ from ‘lesskey’
#  469|   {
#  470|   	if (add_cmd_table(&list_fcmd_tables, buf, len) < 0)
#  471|-> 		error("Warning: some commands disabled", NULL_PARG);
#  472|   }
#  473|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def6]
less-685/decode.c:472:1: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
less-685/decode.c:982:12: enter_function: entry to ‘lesskey’
less-685/decode.c:995:12: branch_false: following ‘false’ branch...
less-685/decode.c:1006:15: branch_false: ...to here
less-685/decode.c:1007:12: branch_false: following ‘false’ branch...
less-685/decode.c:1015:38: branch_false: ...to here
less-685/decode.c:1015:38: acquire_memory: allocated here
less-685/decode.c:1015:12: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
less-685/decode.c:1020:13: branch_false: ...to here
less-685/decode.c:1020:12: branch_false: following ‘false’ branch...
less-685/decode.c:1026:13: branch_false: ...to here
less-685/decode.c:1028:12: branch_false: following ‘false’ branch...
less-685/decode.c:1038:12: branch_false: ...to here
less-685/decode.c:1038:12: branch_false: following ‘false’ branch...
less-685/decode.c:1039:13: branch_false: ...to here
less-685/decode.c:1038:13: branch_false: following ‘false’ branch...
less-685/decode.c:1039:43: branch_false: ...to here
less-685/decode.c:1038:13: branch_false: following ‘false’ branch...
less-685/decode.c:1040:13: branch_false: ...to here
less-685/decode.c:1038:13: branch_false: following ‘false’ branch...
less-685/decode.c:1040:43: branch_false: ...to here
less-685/decode.c:1038:13: branch_false: following ‘false’ branch...
less-685/decode.c:1042:16: branch_false: ...to here
less-685/decode.c:1042:16: call_function: calling ‘new_lesskey’ from ‘lesskey’
less-685/decode.c:1042:16: return_function: returning to ‘lesskey’ from ‘new_lesskey’
less-685/decode.c:472:1: danger: ‘buf’ leaks here; was allocated at [(6)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/5)
#  470|   	if (add_cmd_table(&list_fcmd_tables, buf, len) < 0)
#  471|   		error("Warning: some commands disabled", NULL_PARG);
#  472|-> }
#  473|   
#  474|   /*

Error: GCC_ANALYZER_WARNING (CWE-401): [#def7]
less-685/decode.c:480:17: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
less-685/decode.c:982:12: enter_function: entry to ‘lesskey’
less-685/decode.c:995:12: branch_false: following ‘false’ branch...
less-685/decode.c:1006:15: branch_false: ...to here
less-685/decode.c:1007:12: branch_false: following ‘false’ branch...
less-685/decode.c:1015:38: branch_false: ...to here
less-685/decode.c:1015:38: acquire_memory: allocated here
less-685/decode.c:1015:12: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
less-685/decode.c:1020:13: branch_false: ...to here
less-685/decode.c:1020:12: branch_false: following ‘false’ branch...
less-685/decode.c:1026:13: branch_false: ...to here
less-685/decode.c:1028:12: branch_false: following ‘false’ branch...
less-685/decode.c:1038:12: branch_false: ...to here
less-685/decode.c:1038:12: branch_false: following ‘false’ branch...
less-685/decode.c:1039:13: branch_false: ...to here
less-685/decode.c:1038:13: branch_false: following ‘false’ branch...
less-685/decode.c:1039:43: branch_false: ...to here
less-685/decode.c:1038:13: branch_false: following ‘false’ branch...
less-685/decode.c:1040:13: branch_false: ...to here
less-685/decode.c:1038:13: branch_false: following ‘false’ branch...
less-685/decode.c:1040:43: branch_false: ...to here
less-685/decode.c:1038:13: branch_false: following ‘false’ branch...
less-685/decode.c:1042:16: branch_false: ...to here
less-685/decode.c:1042:16: call_function: calling ‘new_lesskey’ from ‘lesskey’
#  478|   {
#  479|   	if (add_cmd_table(&list_ecmd_tables, buf, len) < 0)
#  480|-> 		error("Warning: some edit commands disabled", NULL_PARG);
#  481|   }
#  482|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def8]
less-685/decode.c:1006:15: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(filename, 0)’
less-685/decode.c:994:13: acquire_resource: opened here
less-685/decode.c:995:12: branch_false: following ‘false’ branch...
less-685/decode.c:1006:15: branch_false: ...to here
less-685/decode.c:1006:15: throw: if ‘filesize’ throws an exception...
less-685/decode.c:1006:15: danger: ‘open(filename, 0)’ leaks here; was opened at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
# 1004|   	 *    rely on the lesskey program to generate a good .less file. }}
# 1005|   	 */
# 1006|-> 	len = filesize(f);
# 1007|   	if (len == NULL_POSITION || len < 3)
# 1008|   	{

Error: GCC_ANALYZER_WARNING (CWE-401): [#def9]
less-685/decode.c:1027:9: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
less-685/decode.c:995:12: branch_false: following ‘false’ branch...
less-685/decode.c:1006:15: branch_false: ...to here
less-685/decode.c:1007:12: branch_false: following ‘false’ branch...
less-685/decode.c:1015:38: branch_false: ...to here
less-685/decode.c:1015:38: acquire_memory: allocated here
less-685/decode.c:1015:12: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
less-685/decode.c:1020:13: branch_false: ...to here
less-685/decode.c:1020:12: branch_false: following ‘false’ branch...
less-685/decode.c:1026:13: branch_false: ...to here
less-685/decode.c:1027:9: throw: if ‘close’ throws an exception...
less-685/decode.c:1027:9: danger: ‘buf’ leaks here; was allocated at [(5)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/4)
# 1025|   	}
# 1026|   	n = read(f, buf, (size_t) len);
# 1027|-> 	close(f);
# 1028|   	if (n != len)
# 1029|   	{

Error: GCC_ANALYZER_WARNING (CWE-401): [#def10]
less-685/decode.c:1041:24: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
less-685/decode.c:995:12: branch_false: following ‘false’ branch...
less-685/decode.c:1006:15: branch_false: ...to here
less-685/decode.c:1007:12: branch_false: following ‘false’ branch...
less-685/decode.c:1015:38: branch_false: ...to here
less-685/decode.c:1015:38: acquire_memory: allocated here
less-685/decode.c:1015:12: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
less-685/decode.c:1020:13: branch_false: ...to here
less-685/decode.c:1020:12: branch_false: following ‘false’ branch...
less-685/decode.c:1026:13: branch_false: ...to here
less-685/decode.c:1028:12: branch_false: following ‘false’ branch...
less-685/decode.c:1038:12: branch_false: ...to here
less-685/decode.c:1041:24: danger: ‘buf’ leaks here; was allocated at [(5)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/4)
# 1039|   	    buf[0] != C0_LESSKEY_MAGIC || buf[1] != C1_LESSKEY_MAGIC ||
# 1040|   	    buf[2] != C2_LESSKEY_MAGIC || buf[3] != C3_LESSKEY_MAGIC)
# 1041|-> 		return (old_lesskey(buf, (size_t) len));
# 1042|   	return (new_lesskey(buf, (size_t) len, sysvar));
# 1043|   }

Error: COMPILER_WARNING (CWE-457): [#def11]
less-685/edit.c:611:9: warning[-Wmaybe-uninitialized]: ‘alt_filename’ may be used uninitialized
#  611 |         set_altfilename(curr_ifile, alt_filename);
#      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
less-685/edit.c:442:15: note: ‘alt_filename’ was declared here
#  442 |         char *alt_filename;
#      |               ^~~~~~~~~~~~
#  609|   	curr_ifile = ifile;
#  610|   	soft_eof = NULL_POSITION;
#  611|-> 	set_altfilename(curr_ifile, alt_filename);
#  612|   	set_altpipe(curr_ifile, altpipe);
#  613|   	set_open(curr_ifile); /* File has been opened */

Error: COMPILER_WARNING (CWE-457): [#def12]
less-685/edit.c: scope_hint: In function ‘edit_ifile’
less-685/edit.c:615:9: warning[-Wmaybe-uninitialized]: ‘chflags’ may be used uninitialized
#  615 |         ch_init(f, chflags, nread);
#      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~
less-685/edit.c:439:13: note: ‘chflags’ was declared here
#  439 |         int chflags;
#      |             ^~~~~~~
#  613|   	set_open(curr_ifile); /* File has been opened */
#  614|   	get_pos(curr_ifile, &initial_scrpos);
#  615|-> 	ch_init(f, chflags, nread);
#  616|   	consecutive_nulls = 0;
#  617|   	check_modelines();

Error: COMPILER_WARNING (CWE-457): [#def13]
less-685/edit.c:629:21: warning[-Wmaybe-uninitialized]: ‘open_filename’ may be used uninitialized
#  629 |                 if (strcmp(open_filename, "-") != 0)
#      |                     ^~~~~~~~~~~~~~~~~~~~~~~~~~
less-685/edit.c:441:24: note: ‘open_filename’ was declared here
#  441 |         constant char *open_filename;
#      |                        ^~~~~~~~~~~~~
#  627|   #if HAVE_STAT_INO
#  628|   		/* Remember the i-number and device of the opened file. */
#  629|-> 		if (strcmp(open_filename, "-") != 0)
#  630|   		{
#  631|   			struct stat statbuf;

Error: COMPILER_WARNING (CWE-457): [#def14]
less-685/edit.c:665:21: warning[-Wmaybe-uninitialized]: ‘filename’ may be used uninitialized
#  665 |                 if (strcmp(filename, FAKE_HELPFILE) && strcmp(filename, FAKE_EMPTYFILE))
#      |                     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
less-685/edit.c:440:24: note: ‘filename’ was declared here
#  440 |         constant char *filename;
#      |                        ^~~~~~~~
#  663|   		undo_osc8();
#  664|   		hshift = 0;
#  665|-> 		if (strcmp(filename, FAKE_HELPFILE) && strcmp(filename, FAKE_EMPTYFILE))
#  666|   		{
#  667|   			char *qfilename = shell_quote(filename);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def15]
less-685/edit.c:950:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(filename, 0)’
less-685/edit.c:939:12: branch_false: following ‘false’ branch...
less-685/edit.c:948:18: branch_false: ...to here
less-685/edit.c:948:18: acquire_resource: opened here
less-685/edit.c:949:12: branch_true: following ‘true’ branch...
less-685/edit.c:950:17: branch_true: ...to here
less-685/edit.c:950:17: danger: ‘open(filename, 0)’ leaks here; was opened at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#  948|   	exists = open(filename, OPEN_READ);
#  949|   	if (exists >= 0)
#  950|-> 		close(exists);
#  951|   	exists = (exists >= 0);
#  952|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def16]
less-685/filename.c:268:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(pathname, 0)’
less-685/filename.c:253:12: branch_false: following ‘false’ branch (when ‘pathname’ is non-NULL)...
less-685/filename.c:255:9: branch_false: ...to here
less-685/filename.c:256:12: branch_true: following ‘true’ branch (when ‘must_exist != 0’)...
less-685/filename.c:261:21: branch_true: ...to here
less-685/filename.c:261:21: acquire_resource: opened here
less-685/filename.c:262:20: branch_false: following ‘false’ branch...
less-685/filename.c:268:25: branch_false: ...to here
less-685/filename.c:268:25: danger: ‘open(pathname, 0)’ leaks here; was opened at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  266|   		} else
#  267|   		{
#  268|-> 			close(f);
#  269|   		}
#  270|   	}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def17]
less-685/lesskey_parse.c:561:40: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘eq’
less-685/lesskey_parse.c:601:13: enter_function: entry to ‘parse_line’
less-685/lesskey_parse.c:608:13: call_function: calling ‘control_line’ from ‘parse_line’
less-685/lesskey_parse.c:608:13: return_function: returning to ‘parse_line’ from ‘control_line’
less-685/lesskey_parse.c:609:12: branch_false: following ‘false’ branch...
less-685/lesskey_parse.c:616:13: branch_false: ...to here
less-685/lesskey_parse.c:617:12: branch_false: following ‘false’ branch...
less-685/lesskey_parse.c:620:13: branch_false: ...to here
less-685/lesskey_parse.c:620:12: branch_true: following ‘true’ branch...
less-685/lesskey_parse.c:621:17: branch_true: ...to here
less-685/lesskey_parse.c:621:17: call_function: calling ‘parse_varline’ from ‘parse_line’
#  559|   
#  560|   	eq = strchr(line, '=');
#  561|-> 	if (eq != NULL && eq > line && eq[-1] == '+')
#  562|   	{
#  563|   		/*

Error: CPPCHECK_WARNING (CWE-457): [#def18]
less-685/line.c:1932: warning[uninitvar]: Uninitialized variable: pos
# 1930|   		if ((pos = position(sline)) != NULL_POSITION)
# 1931|   			break;
# 1932|-> 	for (; sline < sc_height && pos != NULL_POSITION; sline++)
# 1933|   	{
# 1934|   		pos = forw_line(pos, NULL, NULL);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def19]
less-685/linenum.c:197:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
less-685/linenum.c:271:16: enter_function: entry to ‘find_linenum’
less-685/linenum.c:299:12: branch_false: following ‘false’ branch...
less-685/linenum.c:314:9: call_function: inlined call to ‘start_delayed_msg’ from ‘find_linenum’
less-685/linenum.c:321:20: branch_false: following ‘false’ branch...
less-685/linenum.c:323:22: branch_false: ...to here
less-685/linenum.c:340:17: call_function: calling ‘add_lnum’ from ‘find_linenum’
#  195|   			}
#  196|   		}
#  197|-> 		spare->next->prev = spare->prev;
#  198|   		spare->prev->next = spare->next;
#  199|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def20]
less-685/lsystem.c:114:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘inp’
less-685/lsystem.c:113:15: acquire_resource: opened here
less-685/lsystem.c:114:9: throw: if ‘close’ throws an exception...
less-685/lsystem.c:114:9: danger: ‘inp’ leaks here; was opened at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  112|   	 */
#  113|   	inp = dup(0);
#  114|-> 	close(0);
#  115|   #if !MSDOS_COMPILER
#  116|   	if (open_tty() < 0)

Error: GCC_ANALYZER_WARNING (CWE-775): [#def21]
less-685/lsystem.c:116:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘inp’
less-685/lsystem.c:113:15: acquire_resource: opened here
less-685/lsystem.c:116:13: throw: if ‘open_tty’ throws an exception...
less-685/lsystem.c:116:13: danger: ‘inp’ leaks here; was opened at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  114|   	close(0);
#  115|   #if !MSDOS_COMPILER
#  116|-> 	if (open_tty() < 0)
#  117|   #endif
#  118|   		dup(inp);

Error: GCC_ANALYZER_WARNING: [#def22]
less-685/lsystem.c:118:17: warning[-Wanalyzer-fd-use-without-check]: ‘dup’ on possibly invalid file descriptor ‘inp’
less-685/lsystem.c:113:15: acquire_resource: opened here
less-685/lsystem.c:116:12: branch_true: following ‘true’ branch...
less-685/lsystem.c:118:17: branch_true: ...to here
less-685/lsystem.c:118:17: danger: ‘inp’ could be invalid: unchecked value from [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#  116|   	if (open_tty() < 0)
#  117|   #endif
#  118|-> 		dup(inp);
#  119|   #endif
#  120|   

Error: COMPILER_WARNING (CWE-252): [#def23]
less-685/lsystem.c: scope_hint: In function ‘lsystem’
less-685/lsystem.c:118:17: warning[-Wunused-result]: ignoring return value of ‘dup’ declared with attribute ‘warn_unused_result’
#  118 |                 dup(inp);
#      |                 ^~~~~~~~
#  116|   	if (open_tty() < 0)
#  117|   #endif
#  118|-> 		dup(inp);
#  119|   #endif
#  120|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def24]
less-685/lsystem.c:129:22: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘inp’
less-685/lsystem.c:113:15: acquire_resource: opened here
less-685/lsystem.c:129:22: throw: if ‘lgetenv’ throws an exception...
less-685/lsystem.c:129:22: danger: ‘inp’ leaks here; was opened at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
#  127|   #if HAVE_SHELL
#  128|   	p = NULL;
#  129|-> 	if ((shell = lgetenv("SHELL")) != NULL && *shell != '\0')
#  130|   	{
#  131|   		if (*cmd == '\0')

Error: GCC_ANALYZER_WARNING (CWE-775): [#def25]
less-685/lsystem.c:132:29: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘inp’
less-685/lsystem.c:113:15: acquire_resource: opened here
less-685/lsystem.c:129:12: branch_true: following ‘true’ branch...
less-685/lsystem.c:131:20: branch_true: following ‘true’ branch...
less-685/lsystem.c:132:29: branch_true: ...to here
less-685/lsystem.c:132:29: throw: if ‘save’ throws an exception...
less-685/lsystem.c:132:29: danger: ‘inp’ leaks here; was opened at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
#  130|   	{
#  131|   		if (*cmd == '\0')
#  132|-> 			p = save(shell);
#  133|   		else
#  134|   		{

Error: GCC_ANALYZER_WARNING (CWE-775): [#def26]
less-685/lsystem.c:135:40: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘inp’
less-685/lsystem.c:113:15: acquire_resource: opened here
less-685/lsystem.c:129:12: branch_true: following ‘true’ branch...
less-685/lsystem.c:131:20: branch_false: following ‘false’ branch...
less-685/lsystem.c:135:40: branch_false: ...to here
less-685/lsystem.c:135:40: throw: if ‘shell_quote’ throws an exception...
less-685/lsystem.c:135:40: danger: ‘inp’ leaks here; was opened at [(1)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/0)
#  133|   		else
#  134|   		{
#  135|-> 			char *esccmd = shell_quote(cmd);
#  136|   			if (esccmd != NULL)
#  137|   			{

Error: GCC_ANALYZER_WARNING (CWE-775): [#def27]
less-685/lsystem.c:139:46: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘inp’
less-685/lsystem.c:113:15: acquire_resource: opened here
less-685/lsystem.c:129:12: branch_true: following ‘true’ branch...
less-685/lsystem.c:131:20: branch_false: following ‘false’ branch...
less-685/lsystem.c:135:40: branch_false: ...to here
less-685/lsystem.c:136:28: branch_true: following ‘true’ branch...
less-685/lsystem.c:138:46: branch_true: ...to here
less-685/lsystem.c:139:46: throw: if ‘ecalloc’ throws an exception...
less-685/lsystem.c:139:46: danger: ‘inp’ leaks here; was opened at [(1)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/0)
#  137|   			{
#  138|   				size_t len = strlen(shell) + strlen(esccmd) + 5;
#  139|-> 				p = (char *) ecalloc(len, sizeof(char));
#  140|   				SNPRINTF3(p, len, "%s %s %s", shell, shell_coption(), esccmd);
#  141|   				free(esccmd);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def28]
less-685/lsystem.c:140:33: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘inp’
less-685/lsystem.c:113:15: acquire_resource: opened here
less-685/lsystem.c:129:12: branch_true: following ‘true’ branch...
less-685/lsystem.c:131:20: branch_false: following ‘false’ branch...
less-685/lsystem.c:135:40: branch_false: ...to here
less-685/lsystem.c:136:28: branch_true: following ‘true’ branch...
less-685/lsystem.c:138:46: branch_true: ...to here
less-685/lsystem.c:140:33: throw: if ‘shell_coption’ throws an exception...
less-685/lsystem.c:140:33: danger: ‘inp’ leaks here; was opened at [(1)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/0)
#  138|   				size_t len = strlen(shell) + strlen(esccmd) + 5;
#  139|   				p = (char *) ecalloc(len, sizeof(char));
#  140|-> 				SNPRINTF3(p, len, "%s %s %s", shell, shell_coption(), esccmd);
#  141|   				free(esccmd);
#  142|   			}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def29]
less-685/lsystem.c:148:29: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘inp’
less-685/lsystem.c:113:15: acquire_resource: opened here
less-685/lsystem.c:147:20: branch_true: following ‘true’ branch...
less-685/lsystem.c:148:29: branch_true: ...to here
less-685/lsystem.c:148:29: throw: if ‘save’ throws an exception...
less-685/lsystem.c:148:29: danger: ‘inp’ leaks here; was opened at [(1)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/0)
#  146|   	{
#  147|   		if (*cmd == '\0')
#  148|-> 			p = save("sh");
#  149|   		else
#  150|   			p = save(cmd);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def30]
less-685/lsystem.c:150:29: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘inp’
less-685/lsystem.c:113:15: acquire_resource: opened here
less-685/lsystem.c:147:20: branch_false: following ‘false’ branch...
less-685/lsystem.c:150:29: branch_false: ...to here
less-685/lsystem.c:150:29: throw: if ‘save’ throws an exception...
less-685/lsystem.c:150:29: danger: ‘inp’ leaks here; was opened at [(1)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/0)
#  148|   			p = save("sh");
#  149|   		else
#  150|-> 			p = save(cmd);
#  151|   	}
#  152|   	system(p);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def31]
less-685/lsystem.c:152:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘inp’
less-685/lsystem.c:113:15: acquire_resource: opened here
less-685/lsystem.c:152:9: throw: if ‘system’ throws an exception...
less-685/lsystem.c:152:9: danger: ‘inp’ leaks here; was opened at [(1)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/0)
#  150|   			p = save(cmd);
#  151|   	}
#  152|-> 	system(p);
#  153|   	free(p);
#  154|   #else

Error: COMPILER_WARNING (CWE-252): [#def32]
less-685/lsystem.c:152:9: warning[-Wunused-result]: ignoring return value of ‘system’ declared with attribute ‘warn_unused_result’
#  152 |         system(p);
#      |         ^~~~~~~~~
#  150|   			p = save(cmd);
#  151|   	}
#  152|-> 	system(p);
#  153|   	free(p);
#  154|   #else

Error: GCC_ANALYZER_WARNING (CWE-1341): [#def33]
less-685/lsystem.c:176:9: warning[-Wanalyzer-fd-double-close]: double ‘close’ of file descriptor ‘0’
less-685/lsystem.c:114:9: release_resource: first ‘close’ here
less-685/lsystem.c:176:9: danger: second ‘close’ here; first ‘close’ was at [(1)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/0)
#  174|   	 * Restore standard input, reset signals, raw mode, etc.
#  175|   	 */
#  176|-> 	close(0);
#  177|   	dup(inp);
#  178|   	close(inp);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def34]
less-685/lsystem.c:176:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘inp’
less-685/lsystem.c:113:15: acquire_resource: opened here
less-685/lsystem.c:176:9: throw: if ‘close’ throws an exception...
less-685/lsystem.c:176:9: danger: ‘inp’ leaks here; was opened at [(1)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/0)
#  174|   	 * Restore standard input, reset signals, raw mode, etc.
#  175|   	 */
#  176|-> 	close(0);
#  177|   	dup(inp);
#  178|   	close(inp);

Error: GCC_ANALYZER_WARNING: [#def35]
less-685/lsystem.c:177:9: warning[-Wanalyzer-fd-use-without-check]: ‘dup’ on possibly invalid file descriptor ‘inp’
less-685/lsystem.c:113:15: acquire_resource: opened here
less-685/lsystem.c:177:9: danger: ‘inp’ could be invalid: unchecked value from [(1)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/0)
#  175|   	 */
#  176|   	close(0);
#  177|-> 	dup(inp);
#  178|   	close(inp);
#  179|   #endif

Error: COMPILER_WARNING (CWE-252): [#def36]
less-685/lsystem.c:177:9: warning[-Wunused-result]: ignoring return value of ‘dup’ declared with attribute ‘warn_unused_result’
#  177 |         dup(inp);
#      |         ^~~~~~~~
#  175|   	 */
#  176|   	close(0);
#  177|-> 	dup(inp);
#  178|   	close(inp);
#  179|   #endif

Error: GCC_ANALYZER_WARNING (CWE-775): [#def37]
less-685/lsystem.c:178:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘inp’
less-685/lsystem.c:113:15: acquire_resource: opened here
less-685/lsystem.c:178:9: throw: if ‘close’ throws an exception...
less-685/lsystem.c:178:9: danger: ‘inp’ leaks here; was opened at [(1)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/0)
#  176|   	close(0);
#  177|   	dup(inp);
#  178|-> 	close(inp);
#  179|   #endif
#  180|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def38]
less-685/lsystem.c:303:9: warning[-Wanalyzer-malloc-leak]: leak of ‘popen(cmd, "w")’
less-685/lsystem.c:292:12: branch_false: following ‘false’ branch...
less-685/lsystem.c:298:18: branch_false: ...to here
less-685/lsystem.c:298:18: acquire_memory: allocated here
less-685/lsystem.c:298:12: branch_false: following ‘false’ branch...
less-685/lsystem.c:303:9: branch_false: ...to here
less-685/lsystem.c:303:9: throw: if ‘clear_bot’ throws an exception...
less-685/lsystem.c:303:9: danger: ‘popen(cmd, "w")’ leaks here; was allocated at [(3)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/2)
#  301|   		return (-1);
#  302|   	}
#  303|-> 	clear_bot();
#  304|   	putstr("!");
#  305|   	putstr(cmd);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def39]
less-685/lsystem.c:304:9: warning[-Wanalyzer-malloc-leak]: leak of ‘popen(cmd, "w")’
less-685/lsystem.c:292:12: branch_false: following ‘false’ branch...
less-685/lsystem.c:298:18: branch_false: ...to here
less-685/lsystem.c:298:18: acquire_memory: allocated here
less-685/lsystem.c:298:12: branch_false: following ‘false’ branch...
less-685/lsystem.c:303:9: branch_false: ...to here
less-685/lsystem.c:304:9: throw: if ‘putstr’ throws an exception...
less-685/lsystem.c:304:9: danger: ‘popen(cmd, "w")’ leaks here; was allocated at [(3)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/2)
#  302|   	}
#  303|   	clear_bot();
#  304|-> 	putstr("!");
#  305|   	putstr(cmd);
#  306|   	putstr("\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def40]
less-685/lsystem.c:305:9: warning[-Wanalyzer-malloc-leak]: leak of ‘popen(cmd, "w")’
less-685/lsystem.c:292:12: branch_false: following ‘false’ branch...
less-685/lsystem.c:298:18: branch_false: ...to here
less-685/lsystem.c:298:18: acquire_memory: allocated here
less-685/lsystem.c:298:12: branch_false: following ‘false’ branch...
less-685/lsystem.c:303:9: branch_false: ...to here
less-685/lsystem.c:305:9: throw: if ‘putstr’ throws an exception...
less-685/lsystem.c:305:9: danger: ‘popen(cmd, "w")’ leaks here; was allocated at [(3)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/2)
#  303|   	clear_bot();
#  304|   	putstr("!");
#  305|-> 	putstr(cmd);
#  306|   	putstr("\n");
#  307|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def41]
less-685/lsystem.c:306:9: warning[-Wanalyzer-malloc-leak]: leak of ‘popen(cmd, "w")’
less-685/lsystem.c:292:12: branch_false: following ‘false’ branch...
less-685/lsystem.c:298:18: branch_false: ...to here
less-685/lsystem.c:298:18: acquire_memory: allocated here
less-685/lsystem.c:298:12: branch_false: following ‘false’ branch...
less-685/lsystem.c:303:9: branch_false: ...to here
less-685/lsystem.c:306:9: throw: if ‘putstr’ throws an exception...
less-685/lsystem.c:306:9: danger: ‘popen(cmd, "w")’ leaks here; was allocated at [(3)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/2)
#  304|   	putstr("!");
#  305|   	putstr(cmd);
#  306|-> 	putstr("\n");
#  307|   
#  308|   	deinit();

Error: GCC_ANALYZER_WARNING (CWE-401): [#def42]
less-685/lsystem.c:308:9: warning[-Wanalyzer-malloc-leak]: leak of ‘popen(cmd, "w")’
less-685/lsystem.c:292:12: branch_false: following ‘false’ branch...
less-685/lsystem.c:298:18: branch_false: ...to here
less-685/lsystem.c:298:18: acquire_memory: allocated here
less-685/lsystem.c:298:12: branch_false: following ‘false’ branch...
less-685/lsystem.c:303:9: branch_false: ...to here
less-685/lsystem.c:308:9: throw: if ‘deinit’ throws an exception...
less-685/lsystem.c:308:9: danger: ‘popen(cmd, "w")’ leaks here; was allocated at [(3)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/2)
#  306|   	putstr("\n");
#  307|   
#  308|-> 	deinit();
#  309|   	flush();
#  310|   	raw_mode(0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def43]
less-685/lsystem.c:309:9: warning[-Wanalyzer-malloc-leak]: leak of ‘popen(cmd, "w")’
less-685/lsystem.c:292:12: branch_false: following ‘false’ branch...
less-685/lsystem.c:298:18: branch_false: ...to here
less-685/lsystem.c:298:18: acquire_memory: allocated here
less-685/lsystem.c:298:12: branch_false: following ‘false’ branch...
less-685/lsystem.c:303:9: branch_false: ...to here
less-685/lsystem.c:309:9: throw: if ‘flush’ throws an exception...
less-685/lsystem.c:309:9: danger: ‘popen(cmd, "w")’ leaks here; was allocated at [(3)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/2)
#  307|   
#  308|   	deinit();
#  309|-> 	flush();
#  310|   	raw_mode(0);
#  311|   	init_signals(0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def44]
less-685/lsystem.c:310:9: warning[-Wanalyzer-malloc-leak]: leak of ‘popen(cmd, "w")’
less-685/lsystem.c:292:12: branch_false: following ‘false’ branch...
less-685/lsystem.c:298:18: branch_false: ...to here
less-685/lsystem.c:298:18: acquire_memory: allocated here
less-685/lsystem.c:298:12: branch_false: following ‘false’ branch...
less-685/lsystem.c:303:9: branch_false: ...to here
less-685/lsystem.c:310:9: throw: if ‘raw_mode’ throws an exception...
less-685/lsystem.c:310:9: danger: ‘popen(cmd, "w")’ leaks here; was allocated at [(3)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/2)
#  308|   	deinit();
#  309|   	flush();
#  310|-> 	raw_mode(0);
#  311|   	init_signals(0);
#  312|   #if MSDOS_COMPILER==WIN32C

Error: GCC_ANALYZER_WARNING (CWE-401): [#def45]
less-685/lsystem.c:311:9: warning[-Wanalyzer-malloc-leak]: leak of ‘popen(cmd, "w")’
less-685/lsystem.c:292:12: branch_false: following ‘false’ branch...
less-685/lsystem.c:298:18: branch_false: ...to here
less-685/lsystem.c:298:18: acquire_memory: allocated here
less-685/lsystem.c:298:12: branch_false: following ‘false’ branch...
less-685/lsystem.c:303:9: branch_false: ...to here
less-685/lsystem.c:311:9: throw: if ‘init_signals’ throws an exception...
less-685/lsystem.c:311:9: danger: ‘popen(cmd, "w")’ leaks here; was allocated at [(3)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/2)
#  309|   	flush();
#  310|   	raw_mode(0);
#  311|-> 	init_signals(0);
#  312|   #if MSDOS_COMPILER==WIN32C
#  313|   	close_getchr();

Error: GCC_ANALYZER_WARNING (CWE-401): [#def46]
less-685/lsystem.c:325:21: warning[-Wanalyzer-malloc-leak]: leak of ‘popen(cmd, "w")’
less-685/lsystem.c:292:12: branch_false: following ‘false’ branch...
less-685/lsystem.c:298:18: branch_false: ...to here
less-685/lsystem.c:298:18: acquire_memory: allocated here
less-685/lsystem.c:298:12: branch_false: following ‘false’ branch...
less-685/lsystem.c:303:9: branch_false: ...to here
less-685/lsystem.c:320:16: branch_true: following ‘true’ branch (when ‘epos == -1’)...
less-685/lsystem.c:325:21: branch_true: ...to here
less-685/lsystem.c:325:21: throw: if ‘ch_forw_get’ throws an exception...
less-685/lsystem.c:325:21: danger: ‘popen(cmd, "w")’ leaks here; was allocated at [(3)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/2)
#  323|   		 * Read a character from the file and give it to the pipe.
#  324|   		 */
#  325|-> 		c = ch_forw_get();
#  326|   		if (c == EOI)
#  327|   			break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def47]
less-685/lsystem.c:335:16: warning[-Wanalyzer-malloc-leak]: leak of ‘popen(cmd, "w")’
less-685/lsystem.c:292:12: branch_false: following ‘false’ branch...
less-685/lsystem.c:298:18: branch_false: ...to here
less-685/lsystem.c:298:18: acquire_memory: allocated here
less-685/lsystem.c:298:12: branch_false: following ‘false’ branch...
less-685/lsystem.c:303:9: branch_false: ...to here
less-685/lsystem.c:335:16: danger: ‘popen(cmd, "w")’ leaks here; was allocated at [(3)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/2)
#  333|   	 * Finish up the last line.
#  334|   	 */
#  335|-> 	while (c != '\n' && c != EOI ) 
#  336|   	{
#  337|   		c = ch_forw_get();

Error: CPPCHECK_WARNING (CWE-909): [#def48]
less-685/position.c:127: error[uninitStructMember]: Uninitialized struct member: scrpos.ln
#  125|   	pos_clear();
#  126|   	if (scrpos.pos != NULL_POSITION)
#  127|-> 		table[scrpos.ln-1] = scrpos.pos;
#  128|   }
#  129|   

Error: GCC_ANALYZER_WARNING (CWE-416): [#def49]
less-685/tags.c:102:17: warning[-Wanalyzer-use-after-free]: use after ‘free’ of ‘tp’
less-685/tags.c:484:24: enter_function: entry to ‘findgtag’
less-685/tags.c:490:12: branch_false: following ‘false’ branch...
less-685/tags.c:493:9: branch_false: ...to here
less-685/tags.c:493:9: call_function: calling ‘cleantags’ from ‘findgtag’
#  100|   	while ((tp = taglist.tl_first) != TAG_END)
#  101|   	{
#  102|-> 		TAG_RM(tp);
#  103|   		free(tp->tag_file);
#  104|   		free(tp->tag_pattern);

Error: GCC_ANALYZER_WARNING (CWE-415): [#def50]
less-685/tags.c:103:17: warning[-Wanalyzer-double-free]: double-‘free’ of ‘*tp.tag_file’
less-685/tags.c:484:24: enter_function: entry to ‘findgtag’
less-685/tags.c:490:12: branch_false: following ‘false’ branch...
less-685/tags.c:493:9: branch_false: ...to here
less-685/tags.c:493:9: call_function: calling ‘cleantags’ from ‘findgtag’
#  101|   	{
#  102|   		TAG_RM(tp);
#  103|-> 		free(tp->tag_file);
#  104|   		free(tp->tag_pattern);
#  105|   		free(tp);

Error: GCC_ANALYZER_WARNING (CWE-415): [#def51]
less-685/tags.c:104:17: warning[-Wanalyzer-double-free]: double-‘free’ of ‘*tp.tag_pattern’
less-685/tags.c:484:24: enter_function: entry to ‘findgtag’
less-685/tags.c:490:12: branch_false: following ‘false’ branch...
less-685/tags.c:493:9: branch_false: ...to here
less-685/tags.c:493:9: call_function: calling ‘cleantags’ from ‘findgtag’
#  102|   		TAG_RM(tp);
#  103|   		free(tp->tag_file);
#  104|-> 		free(tp->tag_pattern);
#  105|   		free(tp);
#  106|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def52]
less-685/tags.c:109:1: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
less-685/tags.c:484:24: enter_function: entry to ‘findgtag’
less-685/tags.c:490:12: branch_false: following ‘false’ branch...
less-685/tags.c:493:9: branch_false: ...to here
less-685/tags.c:493:9: call_function: calling ‘cleantags’ from ‘findgtag’
less-685/tags.c:493:9: return_function: returning to ‘findgtag’ from ‘cleantags’
less-685/tags.c:500:12: branch_false: following ‘false’ branch (when ‘type != 1’)...
less-685/tags.c:513:38: branch_false: ...to here
less-685/tags.c:515:20: branch_false: following ‘false’ branch...
less-685/tags.c:518:17: branch_false: ...to here
less-685/tags.c:518:17: branch_true: following ‘true’ branch...
less-685/tags.c:518:17: branch_true: ...to here
less-685/tags.c:544:22: acquire_memory: allocated here
less-685/tags.c:548:12: branch_true: following ‘true’ branch (when ‘fp’ is non-NULL)...
less-685/tags.c:548:12: branch_true: ...to here
less-685/tags.c:550:24: branch_true: following ‘true’ branch...
less-685/tags.c:557:29: branch_true: ...to here
less-685/tags.c:557:28: branch_true: following ‘true’ branch...
less-685/tags.c:560:37: branch_true: ...to here
less-685/tags.c:560:36: branch_false: following ‘false’ branch...
less-685/tags.c:563:40: branch_false: ...to here
less-685/tags.c:109:1: danger: ‘fp’ leaks here; was allocated at [(15)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/14)
#  107|   	curtag = NULL;
#  108|   	total = curseq = 0;
#  109|-> }
#  110|   
#  111|   /*

Error: GCC_ANALYZER_WARNING (CWE-775): [#def53]
less-685/tags.c:153:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(tags, 0)’
less-685/tags.c:166:13: enter_function: entry to ‘findtag’
less-685/tags.c:168:20: call_function: calling ‘gettagtype’ from ‘findtag’
#  151|   	if (f >= 0)
#  152|   	{
#  153|-> 		close(f);
#  154|   		return T_CTAGS;
#  155|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def54]
less-685/tags.c:270:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(shell_unquote(tags), "r")’
less-685/tags.c:253:24: enter_function: entry to ‘findctag’
less-685/tags.c:269:13: acquire_resource: opened here
less-685/tags.c:271:12: branch_false: following ‘false’ branch...
less-685/tags.c:274:9: branch_false: ...to here
less-685/tags.c:274:9: call_function: calling ‘cleantags’ from ‘findctag’
less-685/tags.c:274:9: return_function: returning to ‘findctag’ from ‘cleantags’
less-685/tags.c:281:16: branch_true: following ‘true’ branch...
less-685/tags.c:283:21: branch_true: ...to here
less-685/tags.c:302:21: throw: if ‘skipsp’ throws an exception...
less-685/tags.c:270:9: danger: ‘fopen(shell_unquote(tags), "r")’ leaks here; was opened at [(2)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/1)
#  268|   	p = shell_unquote(tags);
#  269|   	f = fopen(p, "r");
#  270|-> 	free(p);
#  271|   	if (f == NULL)
#  272|   		return TAG_NOFILE;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def55]
less-685/tags.c:270:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(shell_unquote(tags), "r")’
less-685/tags.c:253:24: enter_function: entry to ‘findctag’
less-685/tags.c:269:13: acquire_memory: allocated here
less-685/tags.c:271:12: branch_false: following ‘false’ branch...
less-685/tags.c:274:9: branch_false: ...to here
less-685/tags.c:274:9: call_function: calling ‘cleantags’ from ‘findctag’
less-685/tags.c:274:9: return_function: returning to ‘findctag’ from ‘cleantags’
less-685/tags.c:281:16: branch_true: following ‘true’ branch...
less-685/tags.c:283:21: branch_true: ...to here
less-685/tags.c:302:21: throw: if ‘skipsp’ throws an exception...
less-685/tags.c:270:9: danger: ‘fopen(shell_unquote(tags), "r")’ leaks here; was allocated at [(2)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/1)
#  268|   	p = shell_unquote(tags);
#  269|   	f = fopen(p, "r");
#  270|-> 	free(p);
#  271|   	if (f == NULL)
#  272|   		return TAG_NOFILE;

Error: GCC_ANALYZER_WARNING (CWE-131): [#def56]
less-685/tags.c:357:17: warning[-Wanalyzer-allocation-size]: allocated buffer size is not a multiple of the pointee's size
less-685/tags.c:253:24: enter_function: entry to ‘findctag’
less-685/tags.c:271:12: branch_false: following ‘false’ branch...
less-685/tags.c:274:9: branch_false: ...to here
less-685/tags.c:274:9: call_function: calling ‘cleantags’ from ‘findctag’
less-685/tags.c:274:9: return_function: returning to ‘findctag’ from ‘cleantags’
less-685/tags.c:281:16: branch_true: following ‘true’ branch...
less-685/tags.c:283:21: branch_true: ...to here
less-685/tags.c:316:20: branch_false: following ‘false’ branch...
less-685/tags.c:324:30: branch_false: ...to here
less-685/tags.c:325:20: branch_false: following ‘false’ branch...
less-685/tags.c:356:22: branch_false: ...to here
less-685/tags.c:356:22: call_function: calling ‘maketagent’ from ‘findctag’
less-685/tags.c:356:22: return_function: returning to ‘findctag’ from ‘maketagent’
less-685/tags.c:357:17: danger: assigned to ‘struct tag *’ here; ‘sizeof (struct tag)’ is ‘48’
#  355|   		}
#  356|   		tp = maketagent(tagfile, taglinenum, tagpattern, tagendline);
#  357|-> 		TAG_INS(tp);
#  358|   		total++;
#  359|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def57]
less-685/tags.c:561:41: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
less-685/tags.c:484:24: enter_function: entry to ‘findgtag’
less-685/tags.c:490:12: branch_false: following ‘false’ branch...
less-685/tags.c:493:9: branch_false: ...to here
less-685/tags.c:493:9: call_function: calling ‘cleantags’ from ‘findgtag’
less-685/tags.c:493:9: return_function: returning to ‘findgtag’ from ‘cleantags’
less-685/tags.c:500:12: branch_false: following ‘false’ branch (when ‘type != 1’)...
less-685/tags.c:513:38: branch_false: ...to here
less-685/tags.c:515:20: branch_false: following ‘false’ branch...
less-685/tags.c:518:17: branch_false: ...to here
less-685/tags.c:518:17: branch_true: following ‘true’ branch...
less-685/tags.c:518:17: branch_true: ...to here
less-685/tags.c:544:22: acquire_memory: allocated here
less-685/tags.c:548:12: branch_true: following ‘true’ branch (when ‘fp’ is non-NULL)...
less-685/tags.c:548:12: branch_true: ...to here
less-685/tags.c:550:24: branch_true: following ‘true’ branch...
less-685/tags.c:557:29: branch_true: ...to here
less-685/tags.c:557:28: branch_true: following ‘true’ branch...
less-685/tags.c:560:37: branch_true: ...to here
less-685/tags.c:560:36: branch_true: following ‘true’ branch...
less-685/tags.c:561:41: branch_true: ...to here
less-685/tags.c:561:41: throw: if ‘pclose’ throws an exception...
less-685/tags.c:561:41: danger: ‘fp’ leaks here; was allocated at [(15)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/14)
#  559|   #if HAVE_POPEN
#  560|   				if (fp != stdin)
#  561|-> 					pclose(fp);
#  562|   #endif
#  563|   				return TAG_INTR;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def58]
less-685/tags.c:572:45: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
less-685/tags.c:484:24: enter_function: entry to ‘findgtag’
less-685/tags.c:490:12: branch_false: following ‘false’ branch...
less-685/tags.c:493:9: branch_false: ...to here
less-685/tags.c:493:9: call_function: calling ‘cleantags’ from ‘findgtag’
less-685/tags.c:493:9: return_function: returning to ‘findgtag’ from ‘cleantags’
less-685/tags.c:500:12: branch_false: following ‘false’ branch (when ‘type != 1’)...
less-685/tags.c:513:38: branch_false: ...to here
less-685/tags.c:515:20: branch_false: following ‘false’ branch...
less-685/tags.c:518:17: branch_false: ...to here
less-685/tags.c:518:17: branch_true: following ‘true’ branch...
less-685/tags.c:518:17: branch_true: ...to here
less-685/tags.c:544:22: acquire_memory: allocated here
less-685/tags.c:548:12: branch_true: following ‘true’ branch (when ‘fp’ is non-NULL)...
less-685/tags.c:548:12: branch_true: ...to here
less-685/tags.c:550:24: branch_true: following ‘true’ branch...
less-685/tags.c:557:29: branch_true: ...to here
less-685/tags.c:557:28: branch_false: following ‘false’ branch...
less-685/tags.c:565:31: branch_false: ...to here
less-685/tags.c:572:45: throw: if ‘fgetc’ throws an exception...
less-685/tags.c:572:45: danger: ‘fp’ leaks here; was allocated at [(15)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/14)
#  570|   				int c;
#  571|   				do {
#  572|-> 					c = fgetc(fp);
#  573|   				} while (c != '\n' && c != EOF);
#  574|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def59]
less-685/tags.c:592:29: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
less-685/tags.c:484:24: enter_function: entry to ‘findgtag’
less-685/tags.c:490:12: branch_false: following ‘false’ branch...
less-685/tags.c:493:9: branch_false: ...to here
less-685/tags.c:493:9: call_function: calling ‘cleantags’ from ‘findgtag’
less-685/tags.c:493:9: return_function: returning to ‘findgtag’ from ‘cleantags’
less-685/tags.c:500:12: branch_false: following ‘false’ branch (when ‘type != 1’)...
less-685/tags.c:513:38: branch_false: ...to here
less-685/tags.c:515:20: branch_false: following ‘false’ branch...
less-685/tags.c:518:17: branch_false: ...to here
less-685/tags.c:518:17: branch_true: following ‘true’ branch...
less-685/tags.c:518:17: branch_true: ...to here
less-685/tags.c:544:22: acquire_memory: allocated here
less-685/tags.c:548:12: branch_true: following ‘true’ branch (when ‘fp’ is non-NULL)...
less-685/tags.c:548:12: branch_true: ...to here
less-685/tags.c:550:24: branch_false: following ‘false’ branch...
less-685/tags.c:590:21: branch_false: ...to here
less-685/tags.c:590:20: branch_true: following ‘true’ branch...
less-685/tags.c:592:29: branch_true: ...to here
less-685/tags.c:592:29: throw: if ‘pclose’ throws an exception...
less-685/tags.c:592:29: danger: ‘fp’ leaks here; was allocated at [(15)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/14)
#  590|   		if (fp != stdin)
#  591|   		{
#  592|-> 			if (pclose(fp))
#  593|   			{
#  594|   				curtag = NULL;

Scan Properties