Error: GCC_ANALYZER_WARNING (CWE-401): [#def1] libconfig-1.8.2/examples/c/example4.c:73:24: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(include_path)’ libconfig-1.8.2/examples/c/example4.c:69:8: acquire_memory: allocated here libconfig-1.8.2/examples/c/example4.c:71:5: branch_true: following ‘true’ branch... libconfig-1.8.2/examples/c/example4.c:71:5: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:73:24: throw: if ‘readdir’ throws an exception... libconfig-1.8.2/examples/c/example4.c:73:24: danger: ‘opendir(include_path)’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0) # 71| if(dp) # 72| { # 73|-> while((dir_entry = readdir(dp)) != NULL) # 74| { # 75| pathbuf_append_path(path_buf, dir_entry->d_name); Error: GCC_ANALYZER_WARNING (CWE-401): [#def2] libconfig-1.8.2/examples/c/example4.c:75:7: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ libconfig-1.8.2/examples/c/example4.c:71:5: branch_true: following ‘true’ branch... libconfig-1.8.2/examples/c/example4.c:71:5: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:73:11: branch_true: following ‘true’ branch... libconfig-1.8.2/examples/c/example4.c:75:37: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:82:11: branch_true: following ‘true’ branch (when ‘result_count == result_capacity’)... libconfig-1.8.2/examples/c/example4.c:84:11: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:90:24: acquire_memory: allocated here libconfig-1.8.2/examples/c/example4.c:73:11: branch_true: following ‘true’ branch... libconfig-1.8.2/examples/c/example4.c:75:37: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:75:7: throw: if ‘pathbuf_append_path’ throws an exception... libconfig-1.8.2/examples/c/example4.c:75:7: danger: ‘<unknown>’ leaks here; was allocated at [(8)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/7) # 73| while((dir_entry = readdir(dp)) != NULL) # 74| { # 75|-> pathbuf_append_path(path_buf, dir_entry->d_name); # 76| file_path = pathbuf_get_path(path_buf); # 77| Error: GCC_ANALYZER_WARNING (CWE-401): [#def3] libconfig-1.8.2/examples/c/example4.c:75:7: warning[-Wanalyzer-malloc-leak]: leak of ‘result’ libconfig-1.8.2/examples/c/example4.c:71:5: branch_true: following ‘true’ branch... libconfig-1.8.2/examples/c/example4.c:71:5: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:73:11: branch_true: following ‘true’ branch... libconfig-1.8.2/examples/c/example4.c:75:37: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:82:11: branch_true: following ‘true’ branch (when ‘result_count == result_capacity’)... libconfig-1.8.2/examples/c/example4.c:84:11: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:73:11: branch_true: following ‘true’ branch... libconfig-1.8.2/examples/c/example4.c:75:37: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:75:7: throw: if ‘pathbuf_append_path’ throws an exception... libconfig-1.8.2/examples/c/example4.c:75:7: danger: ‘result’ leaks here; was allocated at [(7)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/6) # 73| while((dir_entry = readdir(dp)) != NULL) # 74| { # 75|-> pathbuf_append_path(path_buf, dir_entry->d_name); # 76| file_path = pathbuf_get_path(path_buf); # 77| Error: GCC_ANALYZER_WARNING (CWE-401): [#def4] libconfig-1.8.2/examples/c/example4.c:80:13: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ libconfig-1.8.2/examples/c/example4.c:71:5: branch_true: following ‘true’ branch... libconfig-1.8.2/examples/c/example4.c:71:5: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:73:11: branch_true: following ‘true’ branch... libconfig-1.8.2/examples/c/example4.c:75:37: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:82:11: branch_true: following ‘true’ branch (when ‘result_count == result_capacity’)... libconfig-1.8.2/examples/c/example4.c:84:11: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:90:24: acquire_memory: allocated here libconfig-1.8.2/examples/c/example4.c:73:11: branch_true: following ‘true’ branch... libconfig-1.8.2/examples/c/example4.c:75:37: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:78:9: branch_true: following ‘true’ branch... libconfig-1.8.2/examples/c/example4.c:79:13: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:78:10: branch_true: following ‘true’ branch... libconfig-1.8.2/examples/c/example4.c:80:13: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:80:13: throw: if ‘fnmatch’ throws an exception... libconfig-1.8.2/examples/c/example4.c:80:13: danger: ‘<unknown>’ leaks here; was allocated at [(8)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/7) # 78| if((lstat(file_path, &stat_buf) == 0) # 79| && S_ISREG(stat_buf.st_mode) # 80|-> && fnmatch(path, file_path, FNM_PATHNAME) == 0) # 81| { # 82| if(result_count == result_capacity) Error: GCC_ANALYZER_WARNING (CWE-401): [#def5] libconfig-1.8.2/examples/c/example4.c:80:13: warning[-Wanalyzer-malloc-leak]: leak of ‘result’ libconfig-1.8.2/examples/c/example4.c:71:5: branch_true: following ‘true’ branch... libconfig-1.8.2/examples/c/example4.c:71:5: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:73:11: branch_true: following ‘true’ branch... libconfig-1.8.2/examples/c/example4.c:75:37: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:82:11: branch_true: following ‘true’ branch (when ‘result_count == result_capacity’)... libconfig-1.8.2/examples/c/example4.c:84:11: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:73:11: branch_true: following ‘true’ branch... libconfig-1.8.2/examples/c/example4.c:75:37: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:78:9: branch_true: following ‘true’ branch... libconfig-1.8.2/examples/c/example4.c:79:13: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:78:10: branch_true: following ‘true’ branch... libconfig-1.8.2/examples/c/example4.c:80:13: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:80:13: throw: if ‘fnmatch’ throws an exception... libconfig-1.8.2/examples/c/example4.c:80:13: danger: ‘result’ leaks here; was allocated at [(7)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/6) # 78| if((lstat(file_path, &stat_buf) == 0) # 79| && S_ISREG(stat_buf.st_mode) # 80|-> && fnmatch(path, file_path, FNM_PATHNAME) == 0) # 81| { # 82| if(result_count == result_capacity) Error: GCC_ANALYZER_WARNING (CWE-401): [#def6] libconfig-1.8.2/examples/c/example4.c:97:7: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ libconfig-1.8.2/examples/c/example4.c:71:5: branch_true: following ‘true’ branch... libconfig-1.8.2/examples/c/example4.c:71:5: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:73:11: branch_true: following ‘true’ branch... libconfig-1.8.2/examples/c/example4.c:75:37: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:82:11: branch_true: following ‘true’ branch (when ‘result_count == result_capacity’)... libconfig-1.8.2/examples/c/example4.c:84:11: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:90:24: acquire_memory: allocated here libconfig-1.8.2/examples/c/example4.c:97:7: throw: if ‘pathbuf_remove_last_component’ throws an exception... libconfig-1.8.2/examples/c/example4.c:97:7: danger: ‘<unknown>’ leaks here; was allocated at [(8)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/7) # 95| } # 96| # 97|-> pathbuf_remove_last_component(path_buf); # 98| } # 99| closedir(dp); Error: GCC_ANALYZER_WARNING (CWE-401): [#def7] libconfig-1.8.2/examples/c/example4.c:97:7: warning[-Wanalyzer-malloc-leak]: leak of ‘result’ libconfig-1.8.2/examples/c/example4.c:71:5: branch_true: following ‘true’ branch... libconfig-1.8.2/examples/c/example4.c:71:5: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:73:11: branch_true: following ‘true’ branch... libconfig-1.8.2/examples/c/example4.c:75:37: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:82:11: branch_true: following ‘true’ branch (when ‘result_count == result_capacity’)... libconfig-1.8.2/examples/c/example4.c:84:11: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:97:7: throw: if ‘pathbuf_remove_last_component’ throws an exception... libconfig-1.8.2/examples/c/example4.c:97:7: danger: ‘result’ leaks here; was allocated at [(7)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/6) # 95| } # 96| # 97|-> pathbuf_remove_last_component(path_buf); # 98| } # 99| closedir(dp); Error: GCC_ANALYZER_WARNING (CWE-401): [#def8] libconfig-1.8.2/examples/c/example4.c:104:3: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ libconfig-1.8.2/examples/c/example4.c:71:5: branch_true: following ‘true’ branch... libconfig-1.8.2/examples/c/example4.c:71:5: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:73:11: branch_true: following ‘true’ branch... libconfig-1.8.2/examples/c/example4.c:75:37: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:82:11: branch_true: following ‘true’ branch (when ‘result_count == result_capacity’)... libconfig-1.8.2/examples/c/example4.c:84:11: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:90:24: acquire_memory: allocated here libconfig-1.8.2/examples/c/example4.c:73:11: branch_false: following ‘false’ branch... libconfig-1.8.2/examples/c/example4.c:99:5: branch_false: ...to here libconfig-1.8.2/examples/c/example4.c:104:3: throw: if ‘pathbuf_destroy’ throws an exception... libconfig-1.8.2/examples/c/example4.c:104:3: danger: ‘<unknown>’ leaks here; was allocated at [(8)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/7) # 102| *result_next = NULL; # 103| # 104|-> pathbuf_destroy(path_buf); # 105| # 106| return((const char **)result); Error: GCC_ANALYZER_WARNING (CWE-401): [#def9] libconfig-1.8.2/examples/c/example4.c:104:3: warning[-Wanalyzer-malloc-leak]: leak of ‘result’ libconfig-1.8.2/examples/c/example4.c:71:5: branch_true: following ‘true’ branch... libconfig-1.8.2/examples/c/example4.c:71:5: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:73:11: branch_true: following ‘true’ branch... libconfig-1.8.2/examples/c/example4.c:75:37: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:82:11: branch_true: following ‘true’ branch (when ‘result_count == result_capacity’)... libconfig-1.8.2/examples/c/example4.c:84:11: branch_true: ...to here libconfig-1.8.2/examples/c/example4.c:73:11: branch_false: following ‘false’ branch... libconfig-1.8.2/examples/c/example4.c:99:5: branch_false: ...to here libconfig-1.8.2/examples/c/example4.c:104:3: throw: if ‘pathbuf_destroy’ throws an exception... libconfig-1.8.2/examples/c/example4.c:104:3: danger: ‘result’ leaks here; was allocated at [(7)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/6) # 102| *result_next = NULL; # 103| # 104|-> pathbuf_destroy(path_buf); # 105| # 106| return((const char **)result); Error: CPPCHECK_WARNING (CWE-476): [#def10] libconfig-1.8.2/examples/c/pathbuf.c:45: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: buf # 43| { # 44| pathbuf_t *buf = (pathbuf_t *)malloc(sizeof(pathbuf_t)); # 45|-> buf->path = (char *)malloc(PATHBUF_BLOCK_SIZE * sizeof(char)); # 46| *(buf->path) = 0; # 47| buf->length = 0; Error: GCC_ANALYZER_WARNING (CWE-476): [#def11] libconfig-1.8.2/examples/c/pathbuf.c:45:3: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘buf’ libconfig-1.8.2/examples/c/pathbuf.c:44:33: acquire_memory: this call could return NULL libconfig-1.8.2/examples/c/pathbuf.c:45:3: danger: ‘buf’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0) # 43| { # 44| pathbuf_t *buf = (pathbuf_t *)malloc(sizeof(pathbuf_t)); # 45|-> buf->path = (char *)malloc(PATHBUF_BLOCK_SIZE * sizeof(char)); # 46| *(buf->path) = 0; # 47| buf->length = 0; Error: CPPCHECK_WARNING (CWE-476): [#def12] libconfig-1.8.2/examples/c/pathbuf.c:46: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: buf # 44| pathbuf_t *buf = (pathbuf_t *)malloc(sizeof(pathbuf_t)); # 45| buf->path = (char *)malloc(PATHBUF_BLOCK_SIZE * sizeof(char)); # 46|-> *(buf->path) = 0; # 47| buf->length = 0; # 48| buf->capacity = PATHBUF_BLOCK_SIZE; Error: GCC_ANALYZER_WARNING (CWE-476): [#def13] libconfig-1.8.2/examples/c/pathbuf.c:46:3: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘malloc(128)’ libconfig-1.8.2/examples/c/pathbuf.c:45:23: acquire_memory: this call could return NULL libconfig-1.8.2/examples/c/pathbuf.c:46:3: danger: ‘malloc(128)’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0) # 44| pathbuf_t *buf = (pathbuf_t *)malloc(sizeof(pathbuf_t)); # 45| buf->path = (char *)malloc(PATHBUF_BLOCK_SIZE * sizeof(char)); # 46|-> *(buf->path) = 0; # 47| buf->length = 0; # 48| buf->capacity = PATHBUF_BLOCK_SIZE; Error: CPPCHECK_WARNING (CWE-476): [#def14] libconfig-1.8.2/examples/c/pathbuf.c:47: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: buf # 45| buf->path = (char *)malloc(PATHBUF_BLOCK_SIZE * sizeof(char)); # 46| *(buf->path) = 0; # 47|-> buf->length = 0; # 48| buf->capacity = PATHBUF_BLOCK_SIZE; # 49| Error: CPPCHECK_WARNING (CWE-476): [#def15] libconfig-1.8.2/examples/c/pathbuf.c:48: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: buf # 46| *(buf->path) = 0; # 47| buf->length = 0; # 48|-> buf->capacity = PATHBUF_BLOCK_SIZE; # 49| # 50| return(buf); Error: CPPCHECK_WARNING (CWE-401): [#def16] libconfig-1.8.2/examples/c/pathbuf.c:50: error[memleak]: Memory leak: buf.path # 48| buf->capacity = PATHBUF_BLOCK_SIZE; # 49| # 50|-> return(buf); # 51| } # 52| Error: GCC_ANALYZER_WARNING (CWE-401): [#def17] libconfig-1.8.2/lib/libconfig.c:2069:26: warning[-Wanalyzer-malloc-leak]: leak of 'file' libconfig-1.8.2/lib/libconfig.c:2065:12: acquire_memory: allocated here libconfig-1.8.2/lib/libconfig.c:2069:26: throw: if 'libconfig_malloc' throws an exception... libconfig-1.8.2/lib/libconfig.c:2069:26: danger: 'file' leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0) # 2067| *error = NULL; # 2068| # 2069|-> files = (const char **)libconfig_malloc(sizeof(char **) * 2); # 2070| files[0] = file; # 2071| files[1] = NULL; Error: GCC_ANALYZER_WARNING (CWE-775): [#def18] libconfig-1.8.2/tests/tests.c:657:3: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen("testdata/nesting.cfg", "rt")’ libconfig-1.8.2/tests/tests.c:656:12: acquire_resource: opened here libconfig-1.8.2/tests/tests.c:657:3: throw: if ‘tt_expect’ throws an exception... libconfig-1.8.2/tests/tests.c:657:3: danger: ‘fopen("testdata/nesting.cfg", "rt")’ leaks here; was opened at [(1)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/0) # 655| # 656| stream = fopen("testdata/nesting.cfg", "rt"); # 657|-> TT_ASSERT_PTR_NOTNULL(stream); # 658| # 659| ok = config_read(&cfg, stream); Error: GCC_ANALYZER_WARNING (CWE-401): [#def19] libconfig-1.8.2/tests/tests.c:657:3: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen("testdata/nesting.cfg", "rt")’ libconfig-1.8.2/tests/tests.c:656:12: acquire_memory: allocated here libconfig-1.8.2/tests/tests.c:657:3: throw: if ‘tt_expect’ throws an exception... libconfig-1.8.2/tests/tests.c:657:3: danger: ‘fopen("testdata/nesting.cfg", "rt")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/0) # 655| # 656| stream = fopen("testdata/nesting.cfg", "rt"); # 657|-> TT_ASSERT_PTR_NOTNULL(stream); # 658| # 659| ok = config_read(&cfg, stream); Error: CPPCHECK_WARNING (CWE-476): [#def20] libconfig-1.8.2/tests/tests.c:661: warning[nullPointerOutOfResources]: If resource allocation fails, then there is a possible null pointer dereference: stream # 659| ok = config_read(&cfg, stream); # 660| # 661|-> fclose(stream); # 662| # 663| if(!ok)
| analyzer-version-clippy | 1.92.0 |
| analyzer-version-cppcheck | 2.19.1 |
| analyzer-version-gcc | 16.0.0 |
| analyzer-version-gcc-analyzer | 16.0.0 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.92.0 |
| diffbase-analyzer-version-cppcheck | 2.19.1 |
| diffbase-analyzer-version-gcc | 16.0.0 |
| diffbase-analyzer-version-gcc-analyzer | 16.0.0 |
| diffbase-analyzer-version-shellcheck | 0.11.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-238.us-west-2.compute.internal |
| diffbase-known-false-positives | /usr/share/csmock/known-false-positives.js |
| diffbase-known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| diffbase-mock-config | fedora-rawhide-x86_64 |
| diffbase-project-name | libconfig-1.7.3-12.fc43 |
| diffbase-store-results-to | /tmp/tmprkr5dt13/libconfig-1.7.3-12.fc43.tar.xz |
| diffbase-time-created | 2026-01-08 18:35:59 |
| diffbase-time-finished | 2026-01-08 18:37:58 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmprkr5dt13/libconfig-1.7.3-12.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmprkr5dt13/libconfig-1.7.3-12.fc43.src.rpm' |
| diffbase-tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-238.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | libconfig-1.8.2-1.fc44 |
| store-results-to | /tmp/tmpdtrn8856/libconfig-1.8.2-1.fc44.tar.xz |
| time-created | 2026-01-08 18:38:22 |
| time-finished | 2026-01-08 18:39:50 |
| title | Newly introduced findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmpdtrn8856/libconfig-1.8.2-1.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpdtrn8856/libconfig-1.8.2-1.fc44.src.rpm' |
| tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |