Error: GCC_ANALYZER_WARNING (CWE-476): [#def1] libcap-ng-0.8.5/bindings/python3/capng_wrap.c:724:9: warning[-Wanalyzer-null-dereference]: dereference of NULL 'iter' libcap-ng-0.8.5/bindings/python3/capng_wrap.c:3726:1: enter_function: entry to 'SWIG_FromCharPtrAndSize' libcap-ng-0.8.5/bindings/python3/capng_wrap.c:3728:6: branch_true: following 'true' branch (when 'carray' is non-NULL)... libcap-ng-0.8.5/bindings/python3/capng_wrap.c:3729:9: branch_true: ...to here libcap-ng-0.8.5/bindings/python3/capng_wrap.c:3729:8: branch_true: following 'true' branch... libcap-ng-0.8.5/bindings/python3/capng_wrap.c:3730:42: branch_true: ...to here libcap-ng-0.8.5/bindings/python3/capng_wrap.c:3730:42: call_function: calling 'SWIG_pchar_descriptor' from 'SWIG_FromCharPtrAndSize' # 722| swig_module_info *iter = start; # 723| do { # 724|-> if (iter->size) { # 725| size_t l = 0; # 726| size_t r = iter->size - 1; Error: CPPCHECK_WARNING (CWE-457): [#def2] libcap-ng-0.8.5/bindings/python3/capng_wrap.c:872: warning[uninitvar]: Uninitialized variable: buff # 870| *r = 0; # 871| } # 872|-> return buff; # 873| } # 874| Error: CPPCHECK_WARNING (CWE-476): [#def3] libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1901: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: data # 1899| SwigPyClientData *data = (SwigPyClientData *)malloc(sizeof(SwigPyClientData)); # 1900| /* the klass element */ # 1901|-> data->klass = obj; # 1902| SWIG_Py_INCREF(data->klass); # 1903| /* the newraw method and newargs arguments used to create a new raw instance */ Error: CPPCHECK_WARNING (CWE-476): [#def4] libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1902: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: data # 1900| /* the klass element */ # 1901| data->klass = obj; # 1902|-> SWIG_Py_INCREF(data->klass); # 1903| /* the newraw method and newargs arguments used to create a new raw instance */ # 1904| if (PyClass_Check(obj)) { Error: COMPILER_WARNING (CWE-252): [#def5] libcap-ng-0.8.5/utils/captest.c: scope_hint: In function ‘report’ libcap-ng-0.8.5/utils/captest.c:75:25: warning[-Wunused-result]: ignoring return value of ‘setuid’ declared with attribute ‘warn_unused_result’ # 75 | setuid(0); # | ^~~~~~~~~ # 73| CAP_SETUID)) { # 74| printf("Attempting to regain root..."); # 75|-> setuid(0); # 76| getresuid(&uid, &euid, &suid); # 77| if (uid == 0) { Error: COMPILER_WARNING (CWE-252): [#def6] libcap-ng-0.8.5/utils/captest.c:79:33: warning[-Wunused-result]: ignoring return value of ‘setgid’ declared with attribute ‘warn_unused_result’ # 79 | setgid(0); # | ^~~~~~~~~ # 77| if (uid == 0) { # 78| printf("SUCCESS - PRIVILEGE ESCALATION POSSIBLE\n"); # 79|-> setgid(0); # 80| getresgid(&gid, &egid, &sgid); # 81| escalated = 1; Error: COMPILER_WARNING (CWE-252): [#def7] libcap-ng-0.8.5/utils/captest.c:198:25: warning[-Wunused-result]: ignoring return value of ‘system’ declared with attribute ‘warn_unused_result’ # 198 | system("/usr/bin/captest --no-child --text"); # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 196| printf("FAILED\n"); # 197| if (text) # 198|-> system("/usr/bin/captest --no-child --text"); # 199| else # 200| system("/usr/bin/captest --no-child"); Error: COMPILER_WARNING (CWE-252): [#def8] libcap-ng-0.8.5/utils/captest.c:200:25: warning[-Wunused-result]: ignoring return value of ‘system’ declared with attribute ‘warn_unused_result’ # 200 | system("/usr/bin/captest --no-child"); # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 198| system("/usr/bin/captest --no-child --text"); # 199| else # 200|-> system("/usr/bin/captest --no-child"); # 201| } # 202| } Error: GCC_ANALYZER_WARNING (CWE-775): [#def9] libcap-ng-0.8.5/utils/filecap.c:65:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(fpath, 524288)’ libcap-ng-0.8.5/utils/filecap.c:60:18: acquire_resource: opened here libcap-ng-0.8.5/utils/filecap.c:61:12: branch_true: following ‘true’ branch... libcap-ng-0.8.5/utils/filecap.c:65:17: branch_true: ...to here libcap-ng-0.8.5/utils/filecap.c:65:17: throw: if ‘capng_clear’ throws an exception... libcap-ng-0.8.5/utils/filecap.c:65:17: danger: ‘open(fpath, 524288)’ leaks here; was opened at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0) # 63| int permitted = 0; # 64| # 65|-> capng_clear(CAPNG_SELECT_BOTH); # 66| if (capng_get_caps_fd(fd) < 0 && errno != ENODATA) { # 67| fprintf(stderr, Error: GCC_ANALYZER_WARNING (CWE-775): [#def10] libcap-ng-0.8.5/utils/filecap.c:66:21: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(fpath, 524288)’ libcap-ng-0.8.5/utils/filecap.c:60:18: acquire_resource: opened here libcap-ng-0.8.5/utils/filecap.c:61:12: branch_true: following ‘true’ branch... libcap-ng-0.8.5/utils/filecap.c:65:17: branch_true: ...to here libcap-ng-0.8.5/utils/filecap.c:66:21: throw: if ‘capng_get_caps_fd’ throws an exception... libcap-ng-0.8.5/utils/filecap.c:66:21: danger: ‘open(fpath, 524288)’ leaks here; was opened at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0) # 64| # 65| capng_clear(CAPNG_SELECT_BOTH); # 66|-> if (capng_get_caps_fd(fd) < 0 && errno != ENODATA) { # 67| fprintf(stderr, # 68| "Unable to get capabilities of %s: %s\n", Error: GCC_ANALYZER_WARNING (CWE-401): [#def11] libcap-ng-0.8.5/utils/filecap.c:191:33: warning[-Wanalyzer-malloc-leak]: leak of ‘path’ libcap-ng-0.8.5/utils/filecap.c:183:12: branch_true: following ‘true’ branch... libcap-ng-0.8.5/utils/filecap.c:185:20: branch_true: following ‘true’ branch (when ‘path_env’ is non-NULL)... libcap-ng-0.8.5/utils/filecap.c:186:32: branch_true: ...to here libcap-ng-0.8.5/utils/filecap.c:186:32: acquire_memory: allocated here libcap-ng-0.8.5/utils/filecap.c:187:28: branch_false: following ‘false’ branch (when ‘path’ is non-NULL)... libcap-ng-0.8.5/utils/filecap.c:189:34: branch_false: ...to here libcap-ng-0.8.5/utils/filecap.c:189:52: branch_true: following ‘true’ branch (when ‘dir’ is non-NULL)... libcap-ng-0.8.5/utils/filecap.c:191:33: branch_true: ...to here libcap-ng-0.8.5/utils/filecap.c:191:33: throw: if ‘nftw’ throws an exception... libcap-ng-0.8.5/utils/filecap.c:191:33: danger: ‘path’ leaks here; was allocated at [(5)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/4) # 189| for (dir=strtok(path,":"); dir!=NULL; # 190| dir=strtok(NULL,":")) { # 191|-> nftw(dir, check_file, 1024, nftw_flags); # 192| } # 193| free(path); Error: GCC_ANALYZER_WARNING (CWE-401): [#def12] libcap-ng-0.8.5/utils/netcap.c:58:24: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir("/proc")’ libcap-ng-0.8.5/utils/netcap.c:460:5: enter_function: entry to ‘main’ libcap-ng-0.8.5/utils/netcap.c:462:12: branch_false: following ‘false’ branch (when ‘argc <= 1’)... libcap-ng-0.8.5/utils/netcap.c:467:9: branch_false: ...to here libcap-ng-0.8.5/utils/netcap.c:468:9: call_function: calling ‘collect_process_info’ from ‘main’ # 56| return 1; # 57| } # 58|-> while (( ent = readdir(d) )) { # 59| FILE *sf; # 60| int pid, ppid; Error: GCC_ANALYZER_WARNING (CWE-401): [#def13] libcap-ng-0.8.5/utils/netcap.c:145:24: warning[-Wanalyzer-malloc-leak]: leak of ‘text’ libcap-ng-0.8.5/utils/netcap.c:460:5: enter_function: entry to ‘main’ libcap-ng-0.8.5/utils/netcap.c:462:12: branch_false: following ‘false’ branch (when ‘argc <= 1’)... libcap-ng-0.8.5/utils/netcap.c:467:9: branch_false: ...to here libcap-ng-0.8.5/utils/netcap.c:468:9: call_function: calling ‘collect_process_info’ from ‘main’ # 143| } # 144| # 145|-> caps = capng_have_capabilities(CAPNG_SELECT_AMBIENT); # 146| if (caps > CAPNG_NONE) # 147| ambient = strdup("@"); Error: GCC_ANALYZER_WARNING (CWE-401): [#def14] libcap-ng-0.8.5/utils/netcap.c:157:24: warning[-Wanalyzer-malloc-leak]: leak of ‘ambient’ libcap-ng-0.8.5/utils/netcap.c:460:5: enter_function: entry to ‘main’ libcap-ng-0.8.5/utils/netcap.c:462:12: branch_false: following ‘false’ branch (when ‘argc <= 1’)... libcap-ng-0.8.5/utils/netcap.c:467:9: branch_false: ...to here libcap-ng-0.8.5/utils/netcap.c:468:9: call_function: calling ‘collect_process_info’ from ‘main’ # 155| # 156| // Now record the bounding set information # 157|-> caps = capng_have_capabilities(CAPNG_SELECT_BOUNDS); # 158| if (caps > CAPNG_NONE) # 159| bounds = strdup("+"); Error: GCC_ANALYZER_WARNING (CWE-401): [#def15] libcap-ng-0.8.5/utils/netcap.c:157:24: warning[-Wanalyzer-malloc-leak]: leak of ‘text’ libcap-ng-0.8.5/utils/netcap.c:460:5: enter_function: entry to ‘main’ libcap-ng-0.8.5/utils/netcap.c:462:12: branch_false: following ‘false’ branch (when ‘argc <= 1’)... libcap-ng-0.8.5/utils/netcap.c:467:9: branch_false: ...to here libcap-ng-0.8.5/utils/netcap.c:468:9: call_function: calling ‘collect_process_info’ from ‘main’ # 155| # 156| // Now record the bounding set information # 157|-> caps = capng_have_capabilities(CAPNG_SELECT_BOUNDS); # 158| if (caps > CAPNG_NONE) # 159| bounds = strdup("+"); Error: GCC_ANALYZER_WARNING (CWE-401): [#def16] libcap-ng-0.8.5/utils/netcap.c:171:21: warning[-Wanalyzer-malloc-leak]: leak of ‘ambient’ libcap-ng-0.8.5/utils/netcap.c:460:5: enter_function: entry to ‘main’ libcap-ng-0.8.5/utils/netcap.c:462:12: branch_false: following ‘false’ branch (when ‘argc <= 1’)... libcap-ng-0.8.5/utils/netcap.c:467:9: branch_false: ...to here libcap-ng-0.8.5/utils/netcap.c:468:9: call_function: calling ‘collect_process_info’ from ‘main’ # 169| // Now lets get the inodes each process has open # 170| snprintf(buf, 32, "/proc/%d/fd", pid); # 171|-> f = opendir(buf); # 172| if (f == NULL) { # 173| if (errno == EACCES) { Error: GCC_ANALYZER_WARNING (CWE-401): [#def17] libcap-ng-0.8.5/utils/netcap.c:171:21: warning[-Wanalyzer-malloc-leak]: leak of ‘bounds’ libcap-ng-0.8.5/utils/netcap.c:460:5: enter_function: entry to ‘main’ libcap-ng-0.8.5/utils/netcap.c:462:12: branch_false: following ‘false’ branch (when ‘argc <= 1’)... libcap-ng-0.8.5/utils/netcap.c:467:9: branch_false: ...to here libcap-ng-0.8.5/utils/netcap.c:468:9: call_function: calling ‘collect_process_info’ from ‘main’ # 169| // Now lets get the inodes each process has open # 170| snprintf(buf, 32, "/proc/%d/fd", pid); # 171|-> f = opendir(buf); # 172| if (f == NULL) { # 173| if (errno == EACCES) { Error: GCC_ANALYZER_WARNING (CWE-401): [#def18] libcap-ng-0.8.5/utils/netcap.c:171:21: warning[-Wanalyzer-malloc-leak]: leak of ‘text’ libcap-ng-0.8.5/utils/netcap.c:460:5: enter_function: entry to ‘main’ libcap-ng-0.8.5/utils/netcap.c:462:12: branch_false: following ‘false’ branch (when ‘argc <= 1’)... libcap-ng-0.8.5/utils/netcap.c:467:9: branch_false: ...to here libcap-ng-0.8.5/utils/netcap.c:468:9: call_function: calling ‘collect_process_info’ from ‘main’ # 169| // Now lets get the inodes each process has open # 170| snprintf(buf, 32, "/proc/%d/fd", pid); # 171|-> f = opendir(buf); # 172| if (f == NULL) { # 173| if (errno == EACCES) { Error: GCC_ANALYZER_WARNING (CWE-401): [#def19] libcap-ng-0.8.5/utils/netcap.c:189:32: warning[-Wanalyzer-malloc-leak]: leak of ‘ambient’ libcap-ng-0.8.5/utils/netcap.c:460:5: enter_function: entry to ‘main’ libcap-ng-0.8.5/utils/netcap.c:462:12: branch_false: following ‘false’ branch (when ‘argc <= 1’)... libcap-ng-0.8.5/utils/netcap.c:467:9: branch_false: ...to here libcap-ng-0.8.5/utils/netcap.c:468:9: call_function: calling ‘collect_process_info’ from ‘main’ # 187| } # 188| // For each file in the fd dir... # 189|-> while (( ent = readdir(f) )) { # 190| char line[256], ln[256], *s, *e; # 191| unsigned long inode; Error: GCC_ANALYZER_WARNING (CWE-401): [#def20] libcap-ng-0.8.5/utils/netcap.c:189:32: warning[-Wanalyzer-malloc-leak]: leak of ‘bounds’ libcap-ng-0.8.5/utils/netcap.c:460:5: enter_function: entry to ‘main’ libcap-ng-0.8.5/utils/netcap.c:462:12: branch_false: following ‘false’ branch (when ‘argc <= 1’)... libcap-ng-0.8.5/utils/netcap.c:467:9: branch_false: ...to here libcap-ng-0.8.5/utils/netcap.c:468:9: call_function: calling ‘collect_process_info’ from ‘main’ # 187| } # 188| // For each file in the fd dir... # 189|-> while (( ent = readdir(f) )) { # 190| char line[256], ln[256], *s, *e; # 191| unsigned long inode; Error: GCC_ANALYZER_WARNING (CWE-401): [#def21] libcap-ng-0.8.5/utils/netcap.c:189:32: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(&buf)’ libcap-ng-0.8.5/utils/netcap.c:460:5: enter_function: entry to ‘main’ libcap-ng-0.8.5/utils/netcap.c:462:12: branch_false: following ‘false’ branch (when ‘argc <= 1’)... libcap-ng-0.8.5/utils/netcap.c:467:9: branch_false: ...to here libcap-ng-0.8.5/utils/netcap.c:468:9: call_function: calling ‘collect_process_info’ from ‘main’ # 187| } # 188| // For each file in the fd dir... # 189|-> while (( ent = readdir(f) )) { # 190| char line[256], ln[256], *s, *e; # 191| unsigned long inode; Error: GCC_ANALYZER_WARNING (CWE-401): [#def22] libcap-ng-0.8.5/utils/netcap.c:189:32: warning[-Wanalyzer-malloc-leak]: leak of ‘text’ libcap-ng-0.8.5/utils/netcap.c:460:5: enter_function: entry to ‘main’ libcap-ng-0.8.5/utils/netcap.c:462:12: branch_false: following ‘false’ branch (when ‘argc <= 1’)... libcap-ng-0.8.5/utils/netcap.c:467:9: branch_false: ...to here libcap-ng-0.8.5/utils/netcap.c:468:9: call_function: calling ‘collect_process_info’ from ‘main’ # 187| } # 188| // For each file in the fd dir... # 189|-> while (( ent = readdir(f) )) { # 190| char line[256], ln[256], *s, *e; # 191| unsigned long inode; Error: GCC_ANALYZER_WARNING (CWE-401): [#def23] libcap-ng-0.8.5/utils/netcap.c:233:33: warning[-Wanalyzer-malloc-leak]: leak of ‘ambient’ libcap-ng-0.8.5/utils/netcap.c:460:5: enter_function: entry to ‘main’ libcap-ng-0.8.5/utils/netcap.c:462:12: branch_false: following ‘false’ branch (when ‘argc <= 1’)... libcap-ng-0.8.5/utils/netcap.c:467:9: branch_false: ...to here libcap-ng-0.8.5/utils/netcap.c:468:9: call_function: calling ‘collect_process_info’ from ‘main’ # 231| node.ambient) # 232| // We make one entry for each socket inode # 233|-> list_append(&l, &node); # 234| else { # 235| free(node.cmd); Error: GCC_ANALYZER_WARNING (CWE-401): [#def24] libcap-ng-0.8.5/utils/netcap.c:233:33: warning[-Wanalyzer-malloc-leak]: leak of ‘bounds’ libcap-ng-0.8.5/utils/netcap.c:460:5: enter_function: entry to ‘main’ libcap-ng-0.8.5/utils/netcap.c:462:12: branch_false: following ‘false’ branch (when ‘argc <= 1’)... libcap-ng-0.8.5/utils/netcap.c:467:9: branch_false: ...to here libcap-ng-0.8.5/utils/netcap.c:468:9: call_function: calling ‘collect_process_info’ from ‘main’ # 231| node.ambient) # 232| // We make one entry for each socket inode # 233|-> list_append(&l, &node); # 234| else { # 235| free(node.cmd); Error: GCC_ANALYZER_WARNING (CWE-401): [#def25] libcap-ng-0.8.5/utils/netcap.c:233:33: warning[-Wanalyzer-malloc-leak]: leak of ‘node.ambient’ libcap-ng-0.8.5/utils/netcap.c:460:5: enter_function: entry to ‘main’ libcap-ng-0.8.5/utils/netcap.c:462:12: branch_false: following ‘false’ branch (when ‘argc <= 1’)... libcap-ng-0.8.5/utils/netcap.c:467:9: branch_false: ...to here libcap-ng-0.8.5/utils/netcap.c:468:9: call_function: calling ‘collect_process_info’ from ‘main’ # 231| node.ambient) # 232| // We make one entry for each socket inode # 233|-> list_append(&l, &node); # 234| else { # 235| free(node.cmd); Error: GCC_ANALYZER_WARNING (CWE-401): [#def26] libcap-ng-0.8.5/utils/netcap.c:233:33: warning[-Wanalyzer-malloc-leak]: leak of ‘node.bounds’ libcap-ng-0.8.5/utils/netcap.c:460:5: enter_function: entry to ‘main’ libcap-ng-0.8.5/utils/netcap.c:462:12: branch_false: following ‘false’ branch (when ‘argc <= 1’)... libcap-ng-0.8.5/utils/netcap.c:467:9: branch_false: ...to here libcap-ng-0.8.5/utils/netcap.c:468:9: call_function: calling ‘collect_process_info’ from ‘main’ # 231| node.ambient) # 232| // We make one entry for each socket inode # 233|-> list_append(&l, &node); # 234| else { # 235| free(node.cmd); Error: GCC_ANALYZER_WARNING (CWE-401): [#def27] libcap-ng-0.8.5/utils/netcap.c:233:33: warning[-Wanalyzer-malloc-leak]: leak of ‘node.capabilities’ libcap-ng-0.8.5/utils/netcap.c:460:5: enter_function: entry to ‘main’ libcap-ng-0.8.5/utils/netcap.c:462:12: branch_false: following ‘false’ branch (when ‘argc <= 1’)... libcap-ng-0.8.5/utils/netcap.c:467:9: branch_false: ...to here libcap-ng-0.8.5/utils/netcap.c:468:9: call_function: calling ‘collect_process_info’ from ‘main’ # 231| node.ambient) # 232| // We make one entry for each socket inode # 233|-> list_append(&l, &node); # 234| else { # 235| free(node.cmd); Error: GCC_ANALYZER_WARNING (CWE-401): [#def28] libcap-ng-0.8.5/utils/netcap.c:233:33: warning[-Wanalyzer-malloc-leak]: leak of ‘node.cmd’ libcap-ng-0.8.5/utils/netcap.c:460:5: enter_function: entry to ‘main’ libcap-ng-0.8.5/utils/netcap.c:462:12: branch_false: following ‘false’ branch (when ‘argc <= 1’)... libcap-ng-0.8.5/utils/netcap.c:467:9: branch_false: ...to here libcap-ng-0.8.5/utils/netcap.c:468:9: call_function: calling ‘collect_process_info’ from ‘main’ # 231| node.ambient) # 232| // We make one entry for each socket inode # 233|-> list_append(&l, &node); # 234| else { # 235| free(node.cmd); Error: GCC_ANALYZER_WARNING (CWE-401): [#def29] libcap-ng-0.8.5/utils/netcap.c:233:33: warning[-Wanalyzer-malloc-leak]: leak of ‘text’ libcap-ng-0.8.5/utils/netcap.c:460:5: enter_function: entry to ‘main’ libcap-ng-0.8.5/utils/netcap.c:462:12: branch_false: following ‘false’ branch (when ‘argc <= 1’)... libcap-ng-0.8.5/utils/netcap.c:467:9: branch_false: ...to here libcap-ng-0.8.5/utils/netcap.c:468:9: call_function: calling ‘collect_process_info’ from ‘main’ # 231| node.ambient) # 232| // We make one entry for each socket inode # 233|-> list_append(&l, &node); # 234| else { # 235| free(node.cmd); Error: GCC_ANALYZER_WARNING (CWE-401): [#def30] libcap-ng-0.8.5/utils/netcap.c:241:17: warning[-Wanalyzer-malloc-leak]: leak of ‘ambient’ libcap-ng-0.8.5/utils/netcap.c:460:5: enter_function: entry to ‘main’ libcap-ng-0.8.5/utils/netcap.c:462:12: branch_false: following ‘false’ branch (when ‘argc <= 1’)... libcap-ng-0.8.5/utils/netcap.c:467:9: branch_false: ...to here libcap-ng-0.8.5/utils/netcap.c:468:9: call_function: calling ‘collect_process_info’ from ‘main’ # 239| } # 240| } # 241|-> closedir(f); # 242| free(text); # 243| free(bounds); Error: GCC_ANALYZER_WARNING (CWE-401): [#def31] libcap-ng-0.8.5/utils/netcap.c:241:17: warning[-Wanalyzer-malloc-leak]: leak of ‘bounds’ libcap-ng-0.8.5/utils/netcap.c:460:5: enter_function: entry to ‘main’ libcap-ng-0.8.5/utils/netcap.c:462:12: branch_false: following ‘false’ branch (when ‘argc <= 1’)... libcap-ng-0.8.5/utils/netcap.c:467:9: branch_false: ...to here libcap-ng-0.8.5/utils/netcap.c:468:9: call_function: calling ‘collect_process_info’ from ‘main’ # 239| } # 240| } # 241|-> closedir(f); # 242| free(text); # 243| free(bounds); Error: GCC_ANALYZER_WARNING (CWE-401): [#def32] libcap-ng-0.8.5/utils/netcap.c:241:17: warning[-Wanalyzer-malloc-leak]: leak of ‘text’ libcap-ng-0.8.5/utils/netcap.c:460:5: enter_function: entry to ‘main’ libcap-ng-0.8.5/utils/netcap.c:462:12: branch_false: following ‘false’ branch (when ‘argc <= 1’)... libcap-ng-0.8.5/utils/netcap.c:467:9: branch_false: ...to here libcap-ng-0.8.5/utils/netcap.c:468:9: call_function: calling ‘collect_process_info’ from ‘main’ # 239| } # 240| } # 241|-> closedir(f); # 242| free(text); # 243| free(bounds); Error: GCC_ANALYZER_WARNING (CWE-775): [#def33] libcap-ng-0.8.5/utils/netcap.c:315:21: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(proc, "rte")’ libcap-ng-0.8.5/utils/netcap.c:460:5: enter_function: entry to ‘main’ libcap-ng-0.8.5/utils/netcap.c:462:12: branch_false: following ‘false’ branch (when ‘argc <= 1’)... libcap-ng-0.8.5/utils/netcap.c:467:9: branch_false: ...to here libcap-ng-0.8.5/utils/netcap.c:468:9: call_function: calling ‘collect_process_info’ from ‘main’ libcap-ng-0.8.5/utils/netcap.c:468:9: return_function: returning to ‘main’ from ‘collect_process_info’ libcap-ng-0.8.5/utils/netcap.c:471:9: call_function: calling ‘read_tcp’ from ‘main’ # 313| &state, &txq, &rxq, &timer_run, &time_len, &retr, # 314| &uid, &timeout, &inode, more); # 315|-> if (list_find_inode(&l, inode)) # 316| report_finding(local_port, type, NULL); # 317| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def34] libcap-ng-0.8.5/utils/netcap.c:315:21: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(proc, "rte")’ libcap-ng-0.8.5/utils/netcap.c:460:5: enter_function: entry to ‘main’ libcap-ng-0.8.5/utils/netcap.c:462:12: branch_false: following ‘false’ branch (when ‘argc <= 1’)... libcap-ng-0.8.5/utils/netcap.c:467:9: branch_false: ...to here libcap-ng-0.8.5/utils/netcap.c:468:9: call_function: calling ‘collect_process_info’ from ‘main’ libcap-ng-0.8.5/utils/netcap.c:468:9: return_function: returning to ‘main’ from ‘collect_process_info’ libcap-ng-0.8.5/utils/netcap.c:471:9: call_function: calling ‘read_tcp’ from ‘main’ # 313| &state, &txq, &rxq, &timer_run, &time_len, &retr, # 314| &uid, &timeout, &inode, more); # 315|-> if (list_find_inode(&l, inode)) # 316| report_finding(local_port, type, NULL); # 317| } Error: GCC_ANALYZER_WARNING (CWE-775): [#def35] libcap-ng-0.8.5/utils/netcap.c:350:21: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(proc, "rte")’ libcap-ng-0.8.5/utils/netcap.c:460:5: enter_function: entry to ‘main’ libcap-ng-0.8.5/utils/netcap.c:462:12: branch_false: following ‘false’ branch (when ‘argc <= 1’)... libcap-ng-0.8.5/utils/netcap.c:467:9: branch_false: ...to here libcap-ng-0.8.5/utils/netcap.c:468:9: call_function: calling ‘collect_process_info’ from ‘main’ libcap-ng-0.8.5/utils/netcap.c:468:9: return_function: returning to ‘main’ from ‘collect_process_info’ libcap-ng-0.8.5/utils/netcap.c:472:9: call_function: calling ‘read_tcp’ from ‘main’ libcap-ng-0.8.5/utils/netcap.c:472:9: return_function: returning to ‘main’ from ‘read_tcp’ libcap-ng-0.8.5/utils/netcap.c:475:9: call_function: calling ‘read_udp’ from ‘main’ # 348| &state, &txq, &rxq, &timer_run, &time_len, &retr, # 349| &uid, &timeout, &inode, more); # 350|-> if (list_find_inode(&l, inode)) # 351| report_finding(local_port, type, NULL); # 352| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def36] libcap-ng-0.8.5/utils/netcap.c:350:21: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(proc, "rte")’ libcap-ng-0.8.5/utils/netcap.c:460:5: enter_function: entry to ‘main’ libcap-ng-0.8.5/utils/netcap.c:462:12: branch_false: following ‘false’ branch (when ‘argc <= 1’)... libcap-ng-0.8.5/utils/netcap.c:467:9: branch_false: ...to here libcap-ng-0.8.5/utils/netcap.c:468:9: call_function: calling ‘collect_process_info’ from ‘main’ libcap-ng-0.8.5/utils/netcap.c:468:9: return_function: returning to ‘main’ from ‘collect_process_info’ libcap-ng-0.8.5/utils/netcap.c:472:9: call_function: calling ‘read_tcp’ from ‘main’ libcap-ng-0.8.5/utils/netcap.c:472:9: return_function: returning to ‘main’ from ‘read_tcp’ libcap-ng-0.8.5/utils/netcap.c:475:9: call_function: calling ‘read_udp’ from ‘main’ # 348| &state, &txq, &rxq, &timer_run, &time_len, &retr, # 349| &uid, &timeout, &inode, more); # 350|-> if (list_find_inode(&l, inode)) # 351| report_finding(local_port, type, NULL); # 352| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def37] libcap-ng-0.8.5/utils/pscap.c:118:24: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir("/proc")’ libcap-ng-0.8.5/utils/pscap.c:85:12: branch_false: following ‘false’ branch (when ‘argc <= 3’)... libcap-ng-0.8.5/utils/pscap.c:89:12: branch_false: ...to here libcap-ng-0.8.5/utils/pscap.c:113:13: acquire_memory: allocated here libcap-ng-0.8.5/utils/pscap.c:114:12: branch_false: following ‘false’ branch... libcap-ng-0.8.5/utils/pscap.c:114:12: branch_false: ...to here libcap-ng-0.8.5/utils/pscap.c:118:24: throw: if ‘readdir’ throws an exception... libcap-ng-0.8.5/utils/pscap.c:118:24: danger: ‘opendir("/proc")’ leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2) # 116| return 1; # 117| } # 118|-> while (( ent = readdir(d) )) { # 119| int pid, ppid, uid = -1, euid = -1; # 120| char buf[100];
| analyzer-version-clippy | 1.92.0 |
| analyzer-version-cppcheck | 2.19.1 |
| analyzer-version-gcc | 16.0.0 |
| analyzer-version-gcc-analyzer | 16.0.0 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-132.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | libcap-ng-0.8.5-8.fc44 |
| store-results-to | /tmp/tmpmki1oc7u/libcap-ng-0.8.5-8.fc44.tar.xz |
| time-created | 2026-01-08 18:37:31 |
| time-finished | 2026-01-08 18:38:56 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmpmki1oc7u/libcap-ng-0.8.5-8.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpmki1oc7u/libcap-ng-0.8.5-8.fc44.src.rpm' |
| tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |