Error: GCC_ANALYZER_WARNING (CWE-401): [#def1] libarchive-3.8.1/libarchive/archive_read_disk_posix.c:2466:20: warning[-Wanalyzer-malloc-leak]: leak of '*t.d' libarchive-3.8.1/libarchive/archive_read_disk_posix.c:1122:1: enter_function: entry to '_archive_read_next_header2' libarchive-3.8.1/libarchive/archive_read_disk_posix.c:1128:9: branch_false: following 'false' branch... libarchive-3.8.1/libarchive/archive_read_disk_posix.c:1132:9: branch_false: ...to here libarchive-3.8.1/libarchive/archive_read_disk_posix.c:1141:21: call_function: calling 'next_entry' from '_archive_read_next_header2' # 2464| } # 2465| #endif /* HAVE_FDOPENDIR */ # 2466|-> if (t->d == NULL) { # 2467| r = tree_ascend(t); /* Undo "chdir" */ # 2468| tree_pop(t); Error: GCC_ANALYZER_WARNING (CWE-401): [#def2] libarchive-3.8.1/libarchive/archive_read_open_filename.c:139:21: warning[-Wanalyzer-malloc-leak]: leak of 'mine' libarchive-3.8.1/libarchive/archive_read_open_filename.c:118:12: branch_false: following 'false' branch (when 'filenames' is NULL)... libarchive-3.8.1/libarchive/archive_read_open_filename.c:121:9: branch_false: ...to here libarchive-3.8.1/libarchive/archive_read_open_filename.c:124:20: branch_true: following 'true' branch (when 'filename' is NULL)... libarchive-3.8.1/libarchive/archive_read_open_filename.c:124:20: branch_true: ...to here libarchive-3.8.1/libarchive/archive_read_open_filename.c:126:24: acquire_memory: allocated here libarchive-3.8.1/libarchive/archive_read_open_filename.c:128:20: branch_false: following 'false' branch (when 'mine' is non-NULL)... libarchive-3.8.1/libarchive/archive_read_open_filename.c:130:24: branch_false: ...to here libarchive-3.8.1/libarchive/archive_read_open_filename.c:135:21: branch_true: following 'true' branch... libarchive-3.8.1/libarchive/archive_read_open_filename.c:135:21: branch_true: ...to here libarchive-3.8.1/libarchive/archive_read_open_filename.c:139:21: throw: if 'archive_read_append_callback_data' throws an exception... libarchive-3.8.1/libarchive/archive_read_open_filename.c:139:21: danger: 'mine' leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4) # 137| } else # 138| mine->filename_type = FNT_MBS; # 139|-> if (archive_read_append_callback_data(a, mine) != (ARCHIVE_OK)) # 140| return (ARCHIVE_FATAL); # 141| if (filenames == NULL) Error: GCC_ANALYZER_WARNING (CWE-401): [#def3] libarchive-3.8.1/libarchive/archive_read_open_filename.c:219:21: warning[-Wanalyzer-malloc-leak]: leak of 'mine' libarchive-3.8.1/libarchive/archive_read_open_filename.c:171:12: branch_false: following 'false' branch (when 'wfilenames' is NULL)... libarchive-3.8.1/libarchive/archive_read_open_filename.c:174:9: branch_false: ...to here libarchive-3.8.1/libarchive/archive_read_open_filename.c:177:20: branch_true: following 'true' branch (when 'wfilename' is NULL)... libarchive-3.8.1/libarchive/archive_read_open_filename.c:177:20: branch_true: ...to here libarchive-3.8.1/libarchive/archive_read_open_filename.c:179:24: acquire_memory: allocated here libarchive-3.8.1/libarchive/archive_read_open_filename.c:181:20: branch_false: following 'false' branch (when 'mine' is non-NULL)... libarchive-3.8.1/libarchive/archive_read_open_filename.c:183:17: branch_false: ...to here libarchive-3.8.1/libarchive/archive_read_open_filename.c:186:21: branch_true: following 'true' branch... libarchive-3.8.1/libarchive/archive_read_open_filename.c:187:25: branch_true: ...to here libarchive-3.8.1/libarchive/archive_read_open_filename.c:219:21: throw: if 'archive_read_append_callback_data' throws an exception... libarchive-3.8.1/libarchive/archive_read_open_filename.c:219:21: danger: 'mine' leaks here; was allocated at [(5)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/4) # 217| #endif # 218| } # 219|-> if (archive_read_append_callback_data(a, mine) != (ARCHIVE_OK)) # 220| return (ARCHIVE_FATAL); # 221| if (wfilenames == NULL) Error: GCC_ANALYZER_WARNING (CWE-401): [#def4] libarchive-3.8.1/libarchive/archive_read_support_format_zip.c:4100:18: warning[-Wanalyzer-malloc-leak]: leak of 'metadata' libarchive-3.8.1/libarchive/archive_read_support_format_zip.c:4118:1: enter_function: entry to 'zip_read_mac_metadata' libarchive-3.8.1/libarchive/archive_read_support_format_zip.c:4151:12: branch_false: following 'false' branch... libarchive-3.8.1/libarchive/archive_read_support_format_zip.c:4157:13: branch_false: ...to here libarchive-3.8.1/libarchive/archive_read_support_format_zip.c:4157:12: branch_false: following 'false' branch... libarchive-3.8.1/libarchive/archive_read_support_format_zip.c:4164:20: branch_false: ...to here libarchive-3.8.1/libarchive/archive_read_support_format_zip.c:4164:20: acquire_memory: allocated here libarchive-3.8.1/libarchive/archive_read_support_format_zip.c:4165:12: branch_false: following 'false' branch (when 'metadata' is non-NULL)... libarchive-3.8.1/libarchive/archive_read_support_format_zip.c:4171:22: branch_false: ...to here libarchive-3.8.1/libarchive/archive_read_support_format_zip.c:4177:17: call_function: calling 'zip_get_local_file_header_size' from 'zip_read_mac_metadata' # 4098| ssize_t filename_length, extra_length; # 4099| # 4100|-> if ((p = __archive_read_ahead(a, extra + 30, NULL)) == NULL) { # 4101| archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, # 4102| "Truncated ZIP file header"); Error: CPPCHECK_WARNING (CWE-401): [#def5] libarchive-3.8.1/libarchive/archive_write_open_filename.c:113: error[memleak]: Memory leak: mine # 111| if (errno == ENOMEM) { # 112| archive_set_error(a, ENOMEM, "No memory"); # 113|-> return (ARCHIVE_FATAL); # 114| } # 115| if (mbs_fn) Error: CPPCHECK_WARNING (CWE-401): [#def6] libarchive-3.8.1/libarchive/archive_write_open_filename.c:123: error[memleak]: Memory leak: mine # 121| "Can't convert '%ls' to MBS", # 122| (const wchar_t *)filename); # 123|-> return (ARCHIVE_FAILED); # 124| } # 125| mine->fd = -1;
| analyzer-version-clippy | 1.92.0 |
| analyzer-version-cppcheck | 2.19.1 |
| analyzer-version-gcc | 16.0.0 |
| analyzer-version-gcc-analyzer | 16.0.0 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.92.0 |
| diffbase-analyzer-version-cppcheck | 2.19.1 |
| diffbase-analyzer-version-gcc | 16.0.0 |
| diffbase-analyzer-version-gcc-analyzer | 16.0.0 |
| diffbase-analyzer-version-shellcheck | 0.11.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-81.us-west-2.compute.internal |
| diffbase-known-false-positives | /usr/share/csmock/known-false-positives.js |
| diffbase-known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| diffbase-mock-config | fedora-rawhide-x86_64 |
| diffbase-project-name | libarchive-3.8.4-1.fc44 |
| diffbase-store-results-to | /tmp/tmpq011yhhe/libarchive-3.8.4-1.fc44.tar.xz |
| diffbase-time-created | 2026-01-08 18:34:41 |
| diffbase-time-finished | 2026-01-08 18:37:09 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmpq011yhhe/libarchive-3.8.4-1.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpq011yhhe/libarchive-3.8.4-1.fc44.src.rpm' |
| diffbase-tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-81.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | libarchive-3.8.1-3.fc43 |
| store-results-to | /tmp/tmp41ahhvo9/libarchive-3.8.1-3.fc43.tar.xz |
| time-created | 2026-01-08 18:31:16 |
| time-finished | 2026-01-08 18:34:11 |
| title | Fixed findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmp41ahhvo9/libarchive-3.8.1-3.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmp41ahhvo9/libarchive-3.8.1-3.fc43.src.rpm' |
| tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |