libfido2-1.16.0-4.fc44

List of Findings

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1]
libfido2-1.16.0/examples/select.c:39:20: warning[-Wanalyzer-malloc-leak]: leak of ‘devtab’
libfido2-1.16.0/examples/select.c:59:1: enter_function: entry to ‘select_dev’
libfido2-1.16.0/examples/select.c:78:12: branch_false: following ‘false’ branch (when ‘ndevs != 0’)...
libfido2-1.16.0/examples/select.c:81:23: branch_false: ...to here
libfido2-1.16.0/examples/select.c:81:23: acquire_memory: allocated here
libfido2-1.16.0/examples/select.c:81:12: branch_false: following ‘false’ branch (when ‘devtab’ is non-NULL)...
libfido2-1.16.0/examples/select.c:81:12: branch_false: ...to here
libfido2-1.16.0/examples/select.c:86:28: branch_true: following ‘true’ branch (when ‘i < ndevs’)...
libfido2-1.16.0/examples/select.c:87:22: branch_true: ...to here
libfido2-1.16.0/examples/select.c:88:34: call_function: calling ‘open_dev’ from ‘select_dev’
#   37|   	int		 r;
#   38|   
#   39|-> 	if ((dev = fido_dev_new()) == NULL) {
#   40|   		warnx("%s: fido_dev_new", __func__);
#   41|   		return (NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def2]
libfido2-1.16.0/examples/select.c:40:17: warning[-Wanalyzer-malloc-leak]: leak of ‘devtab’
libfido2-1.16.0/examples/select.c:59:1: enter_function: entry to ‘select_dev’
libfido2-1.16.0/examples/select.c:78:12: branch_false: following ‘false’ branch (when ‘ndevs != 0’)...
libfido2-1.16.0/examples/select.c:81:23: branch_false: ...to here
libfido2-1.16.0/examples/select.c:81:23: acquire_memory: allocated here
libfido2-1.16.0/examples/select.c:81:12: branch_false: following ‘false’ branch (when ‘devtab’ is non-NULL)...
libfido2-1.16.0/examples/select.c:81:12: branch_false: ...to here
libfido2-1.16.0/examples/select.c:86:28: branch_true: following ‘true’ branch (when ‘i < ndevs’)...
libfido2-1.16.0/examples/select.c:87:22: branch_true: ...to here
libfido2-1.16.0/examples/select.c:88:34: call_function: calling ‘open_dev’ from ‘select_dev’
#   38|   
#   39|   	if ((dev = fido_dev_new()) == NULL) {
#   40|-> 		warnx("%s: fido_dev_new", __func__);
#   41|   		return (NULL);
#   42|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def3]
libfido2-1.16.0/examples/select.c:44:18: warning[-Wanalyzer-malloc-leak]: leak of ‘devtab’
libfido2-1.16.0/examples/select.c:59:1: enter_function: entry to ‘select_dev’
libfido2-1.16.0/examples/select.c:78:12: branch_false: following ‘false’ branch (when ‘ndevs != 0’)...
libfido2-1.16.0/examples/select.c:81:23: branch_false: ...to here
libfido2-1.16.0/examples/select.c:81:23: acquire_memory: allocated here
libfido2-1.16.0/examples/select.c:81:12: branch_false: following ‘false’ branch (when ‘devtab’ is non-NULL)...
libfido2-1.16.0/examples/select.c:81:12: branch_false: ...to here
libfido2-1.16.0/examples/select.c:86:28: branch_true: following ‘true’ branch (when ‘i < ndevs’)...
libfido2-1.16.0/examples/select.c:87:22: branch_true: ...to here
libfido2-1.16.0/examples/select.c:88:34: call_function: calling ‘open_dev’ from ‘select_dev’
#   42|   	}
#   43|   
#   44|-> 	if ((r = fido_dev_open(dev, fido_dev_info_path(di))) != FIDO_OK) {
#   45|   		warnx("%s: fido_dev_open %s: %s", __func__,
#   46|   		    fido_dev_info_path(di), fido_strerr(r));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def4]
libfido2-1.16.0/examples/select.c:45:17: warning[-Wanalyzer-malloc-leak]: leak of ‘devtab’
libfido2-1.16.0/examples/select.c:59:1: enter_function: entry to ‘select_dev’
libfido2-1.16.0/examples/select.c:78:12: branch_false: following ‘false’ branch (when ‘ndevs != 0’)...
libfido2-1.16.0/examples/select.c:81:23: branch_false: ...to here
libfido2-1.16.0/examples/select.c:81:23: acquire_memory: allocated here
libfido2-1.16.0/examples/select.c:81:12: branch_false: following ‘false’ branch (when ‘devtab’ is non-NULL)...
libfido2-1.16.0/examples/select.c:81:12: branch_false: ...to here
libfido2-1.16.0/examples/select.c:86:28: branch_true: following ‘true’ branch (when ‘i < ndevs’)...
libfido2-1.16.0/examples/select.c:87:22: branch_true: ...to here
libfido2-1.16.0/examples/select.c:88:34: call_function: calling ‘open_dev’ from ‘select_dev’
#   43|   
#   44|   	if ((r = fido_dev_open(dev, fido_dev_info_path(di))) != FIDO_OK) {
#   45|-> 		warnx("%s: fido_dev_open %s: %s", __func__,
#   46|   		    fido_dev_info_path(di), fido_strerr(r));
#   47|   		fido_dev_free(&dev);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def5]
libfido2-1.16.0/examples/select.c:47:17: warning[-Wanalyzer-malloc-leak]: leak of ‘devtab’
libfido2-1.16.0/examples/select.c:59:1: enter_function: entry to ‘select_dev’
libfido2-1.16.0/examples/select.c:78:12: branch_false: following ‘false’ branch (when ‘ndevs != 0’)...
libfido2-1.16.0/examples/select.c:81:23: branch_false: ...to here
libfido2-1.16.0/examples/select.c:81:23: acquire_memory: allocated here
libfido2-1.16.0/examples/select.c:81:12: branch_false: following ‘false’ branch (when ‘devtab’ is non-NULL)...
libfido2-1.16.0/examples/select.c:81:12: branch_false: ...to here
libfido2-1.16.0/examples/select.c:86:28: branch_true: following ‘true’ branch (when ‘i < ndevs’)...
libfido2-1.16.0/examples/select.c:87:22: branch_true: ...to here
libfido2-1.16.0/examples/select.c:88:34: call_function: calling ‘open_dev’ from ‘select_dev’
#   45|   		warnx("%s: fido_dev_open %s: %s", __func__,
#   46|   		    fido_dev_info_path(di), fido_strerr(r));
#   47|-> 		fido_dev_free(&dev);
#   48|   		return (NULL);
#   49|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def6]
libfido2-1.16.0/examples/select.c:87:22: warning[-Wanalyzer-malloc-leak]: leak of ‘devtab’
libfido2-1.16.0/examples/select.c:78:12: branch_false: following ‘false’ branch (when ‘ndevs != 0’)...
libfido2-1.16.0/examples/select.c:81:23: branch_false: ...to here
libfido2-1.16.0/examples/select.c:81:23: acquire_memory: allocated here
libfido2-1.16.0/examples/select.c:81:12: branch_false: following ‘false’ branch (when ‘devtab’ is non-NULL)...
libfido2-1.16.0/examples/select.c:81:12: branch_false: ...to here
libfido2-1.16.0/examples/select.c:86:28: branch_true: following ‘true’ branch (when ‘i < ndevs’)...
libfido2-1.16.0/examples/select.c:87:22: branch_true: ...to here
libfido2-1.16.0/examples/select.c:87:22: throw: if ‘fido_dev_info_ptr’ throws an exception...
libfido2-1.16.0/examples/select.c:87:22: danger: ‘devtab’ leaks here; was allocated at [(3)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/2)
#   85|   
#   86|   	for (size_t i = 0; i < ndevs; i++) {
#   87|-> 		di = fido_dev_info_ptr(devlist, i);
#   88|   		if ((devtab[i] = open_dev(di)) != NULL) {
#   89|   			*idx = i;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def7]
libfido2-1.16.0/examples/util.c:142:21: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(path, "r")’
libfido2-1.16.0/examples/util.c:137:19: acquire_resource: opened here
libfido2-1.16.0/examples/util.c:137:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:142:21: branch_false: ...to here
libfido2-1.16.0/examples/util.c:142:21: throw: if ‘PEM_read_PUBKEY’ throws an exception...
libfido2-1.16.0/examples/util.c:142:21: danger: ‘fopen(path, "r")’ leaks here; was opened at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  140|   	}
#  141|   
#  142|-> 	if ((pkey = PEM_read_PUBKEY(fp, NULL, NULL, NULL)) == NULL) {
#  143|   		warnx("PEM_read_PUBKEY");
#  144|   		goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def8]
libfido2-1.16.0/examples/util.c:142:21: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(path, "r")’
libfido2-1.16.0/examples/util.c:137:19: acquire_memory: allocated here
libfido2-1.16.0/examples/util.c:137:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:142:21: branch_false: ...to here
libfido2-1.16.0/examples/util.c:142:21: throw: if ‘PEM_read_PUBKEY’ throws an exception...
libfido2-1.16.0/examples/util.c:142:21: danger: ‘fopen(path, "r")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  140|   	}
#  141|   
#  142|-> 	if ((pkey = PEM_read_PUBKEY(fp, NULL, NULL, NULL)) == NULL) {
#  143|   		warnx("PEM_read_PUBKEY");
#  144|   		goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def9]
libfido2-1.16.0/examples/util.c:192:21: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
libfido2-1.16.0/examples/util.c:171:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:176:13: branch_false: ...to here
libfido2-1.16.0/examples/util.c:176:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:181:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:181:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:186:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:186:19: acquire_memory: allocated here
libfido2-1.16.0/examples/util.c:186:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
libfido2-1.16.0/examples/util.c:192:21: branch_false: ...to here
libfido2-1.16.0/examples/util.c:192:21: throw: if ‘es256_pk_to_EVP_PKEY’ throws an exception...
libfido2-1.16.0/examples/util.c:192:21: danger: ‘fp’ leaks here; was allocated at [(7)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/6)
#  190|   	fd = -1; /* owned by fp now */
#  191|   
#  192|-> 	if ((pkey = es256_pk_to_EVP_PKEY(pk)) == NULL) {
#  193|   		warnx("es256_pk_to_EVP_PKEY");
#  194|   		goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def10]
libfido2-1.16.0/examples/util.c:193:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
libfido2-1.16.0/examples/util.c:171:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:176:13: branch_false: ...to here
libfido2-1.16.0/examples/util.c:176:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:181:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:181:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:186:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:186:19: acquire_memory: allocated here
libfido2-1.16.0/examples/util.c:186:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
libfido2-1.16.0/examples/util.c:192:21: branch_false: ...to here
libfido2-1.16.0/examples/util.c:192:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/examples/util.c:193:17: branch_true: ...to here
libfido2-1.16.0/examples/util.c:193:17: throw: if ‘warnx’ throws an exception...
libfido2-1.16.0/examples/util.c:193:17: danger: ‘fp’ leaks here; was allocated at [(7)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/6)
#  191|   
#  192|   	if ((pkey = es256_pk_to_EVP_PKEY(pk)) == NULL) {
#  193|-> 		warnx("es256_pk_to_EVP_PKEY");
#  194|   		goto fail;
#  195|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def11]
libfido2-1.16.0/examples/util.c:197:13: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
libfido2-1.16.0/examples/util.c:171:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:176:13: branch_false: ...to here
libfido2-1.16.0/examples/util.c:176:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:181:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:181:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:186:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:186:19: acquire_memory: allocated here
libfido2-1.16.0/examples/util.c:186:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
libfido2-1.16.0/examples/util.c:192:21: branch_false: ...to here
libfido2-1.16.0/examples/util.c:192:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:197:13: branch_false: ...to here
libfido2-1.16.0/examples/util.c:197:13: throw: if ‘PEM_write_PUBKEY’ throws an exception...
libfido2-1.16.0/examples/util.c:197:13: danger: ‘fp’ leaks here; was allocated at [(7)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/6)
#  195|   	}
#  196|   
#  197|-> 	if (PEM_write_PUBKEY(fp, pkey) == 0) {
#  198|   		warnx("PEM_write_PUBKEY");
#  199|   		goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def12]
libfido2-1.16.0/examples/util.c:204:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
libfido2-1.16.0/examples/util.c:171:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:176:13: branch_false: ...to here
libfido2-1.16.0/examples/util.c:176:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:181:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:181:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:186:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:186:19: acquire_memory: allocated here
libfido2-1.16.0/examples/util.c:186:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
libfido2-1.16.0/examples/util.c:192:21: branch_false: ...to here
libfido2-1.16.0/examples/util.c:192:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/examples/util.c:193:17: branch_true: ...to here
libfido2-1.16.0/examples/util.c:204:9: throw: if ‘es256_pk_free’ throws an exception...
libfido2-1.16.0/examples/util.c:204:9: danger: ‘fp’ leaks here; was allocated at [(7)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/6)
#  202|   	ok = 0;
#  203|   fail:
#  204|-> 	es256_pk_free(&pk);
#  205|   
#  206|   	if (fp != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def13]
libfido2-1.16.0/examples/util.c:249:21: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
libfido2-1.16.0/examples/util.c:228:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:233:13: branch_false: ...to here
libfido2-1.16.0/examples/util.c:233:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:238:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:238:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:243:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:243:19: acquire_memory: allocated here
libfido2-1.16.0/examples/util.c:243:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
libfido2-1.16.0/examples/util.c:249:21: branch_false: ...to here
libfido2-1.16.0/examples/util.c:249:21: throw: if ‘es384_pk_to_EVP_PKEY’ throws an exception...
libfido2-1.16.0/examples/util.c:249:21: danger: ‘fp’ leaks here; was allocated at [(7)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/6)
#  247|   	fd = -1; /* owned by fp now */
#  248|   
#  249|-> 	if ((pkey = es384_pk_to_EVP_PKEY(pk)) == NULL) {
#  250|   		warnx("es384_pk_to_EVP_PKEY");
#  251|   		goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def14]
libfido2-1.16.0/examples/util.c:250:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
libfido2-1.16.0/examples/util.c:228:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:233:13: branch_false: ...to here
libfido2-1.16.0/examples/util.c:233:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:238:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:238:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:243:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:243:19: acquire_memory: allocated here
libfido2-1.16.0/examples/util.c:243:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
libfido2-1.16.0/examples/util.c:249:21: branch_false: ...to here
libfido2-1.16.0/examples/util.c:249:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/examples/util.c:250:17: branch_true: ...to here
libfido2-1.16.0/examples/util.c:250:17: throw: if ‘warnx’ throws an exception...
libfido2-1.16.0/examples/util.c:250:17: danger: ‘fp’ leaks here; was allocated at [(7)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/6)
#  248|   
#  249|   	if ((pkey = es384_pk_to_EVP_PKEY(pk)) == NULL) {
#  250|-> 		warnx("es384_pk_to_EVP_PKEY");
#  251|   		goto fail;
#  252|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def15]
libfido2-1.16.0/examples/util.c:254:13: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
libfido2-1.16.0/examples/util.c:228:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:233:13: branch_false: ...to here
libfido2-1.16.0/examples/util.c:233:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:238:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:238:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:243:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:243:19: acquire_memory: allocated here
libfido2-1.16.0/examples/util.c:243:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
libfido2-1.16.0/examples/util.c:249:21: branch_false: ...to here
libfido2-1.16.0/examples/util.c:249:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:254:13: branch_false: ...to here
libfido2-1.16.0/examples/util.c:254:13: throw: if ‘PEM_write_PUBKEY’ throws an exception...
libfido2-1.16.0/examples/util.c:254:13: danger: ‘fp’ leaks here; was allocated at [(7)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/6)
#  252|   	}
#  253|   
#  254|-> 	if (PEM_write_PUBKEY(fp, pkey) == 0) {
#  255|   		warnx("PEM_write_PUBKEY");
#  256|   		goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def16]
libfido2-1.16.0/examples/util.c:261:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
libfido2-1.16.0/examples/util.c:228:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:233:13: branch_false: ...to here
libfido2-1.16.0/examples/util.c:233:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:238:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:238:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:243:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:243:19: acquire_memory: allocated here
libfido2-1.16.0/examples/util.c:243:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
libfido2-1.16.0/examples/util.c:249:21: branch_false: ...to here
libfido2-1.16.0/examples/util.c:249:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/examples/util.c:250:17: branch_true: ...to here
libfido2-1.16.0/examples/util.c:261:9: throw: if ‘es384_pk_free’ throws an exception...
libfido2-1.16.0/examples/util.c:261:9: danger: ‘fp’ leaks here; was allocated at [(7)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/6)
#  259|   	ok = 0;
#  260|   fail:
#  261|-> 	es384_pk_free(&pk);
#  262|   
#  263|   	if (fp != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def17]
libfido2-1.16.0/examples/util.c:288:21: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(path, "r")’
libfido2-1.16.0/examples/util.c:283:19: acquire_resource: opened here
libfido2-1.16.0/examples/util.c:283:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:288:21: branch_false: ...to here
libfido2-1.16.0/examples/util.c:288:21: throw: if ‘PEM_read_PUBKEY’ throws an exception...
libfido2-1.16.0/examples/util.c:288:21: danger: ‘fopen(path, "r")’ leaks here; was opened at [(1)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/0)
#  286|   	}
#  287|   
#  288|-> 	if ((pkey = PEM_read_PUBKEY(fp, NULL, NULL, NULL)) == NULL) {
#  289|   		warnx("PEM_read_PUBKEY");
#  290|   		goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def18]
libfido2-1.16.0/examples/util.c:288:21: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(path, "r")’
libfido2-1.16.0/examples/util.c:283:19: acquire_memory: allocated here
libfido2-1.16.0/examples/util.c:283:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:288:21: branch_false: ...to here
libfido2-1.16.0/examples/util.c:288:21: throw: if ‘PEM_read_PUBKEY’ throws an exception...
libfido2-1.16.0/examples/util.c:288:21: danger: ‘fopen(path, "r")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/0)
#  286|   	}
#  287|   
#  288|-> 	if ((pkey = PEM_read_PUBKEY(fp, NULL, NULL, NULL)) == NULL) {
#  289|   		warnx("PEM_read_PUBKEY");
#  290|   		goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def19]
libfido2-1.16.0/examples/util.c:338:21: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
libfido2-1.16.0/examples/util.c:317:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:322:13: branch_false: ...to here
libfido2-1.16.0/examples/util.c:322:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:327:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:327:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:332:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:332:19: acquire_memory: allocated here
libfido2-1.16.0/examples/util.c:332:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
libfido2-1.16.0/examples/util.c:338:21: branch_false: ...to here
libfido2-1.16.0/examples/util.c:338:21: throw: if ‘rs256_pk_to_EVP_PKEY’ throws an exception...
libfido2-1.16.0/examples/util.c:338:21: danger: ‘fp’ leaks here; was allocated at [(7)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/6)
#  336|   	fd = -1; /* owned by fp now */
#  337|   
#  338|-> 	if ((pkey = rs256_pk_to_EVP_PKEY(pk)) == NULL) {
#  339|   		warnx("rs256_pk_to_EVP_PKEY");
#  340|   		goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def20]
libfido2-1.16.0/examples/util.c:339:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
libfido2-1.16.0/examples/util.c:317:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:322:13: branch_false: ...to here
libfido2-1.16.0/examples/util.c:322:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:327:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:327:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:332:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:332:19: acquire_memory: allocated here
libfido2-1.16.0/examples/util.c:332:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
libfido2-1.16.0/examples/util.c:338:21: branch_false: ...to here
libfido2-1.16.0/examples/util.c:338:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/examples/util.c:339:17: branch_true: ...to here
libfido2-1.16.0/examples/util.c:339:17: throw: if ‘warnx’ throws an exception...
libfido2-1.16.0/examples/util.c:339:17: danger: ‘fp’ leaks here; was allocated at [(7)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/6)
#  337|   
#  338|   	if ((pkey = rs256_pk_to_EVP_PKEY(pk)) == NULL) {
#  339|-> 		warnx("rs256_pk_to_EVP_PKEY");
#  340|   		goto fail;
#  341|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def21]
libfido2-1.16.0/examples/util.c:343:13: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
libfido2-1.16.0/examples/util.c:317:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:322:13: branch_false: ...to here
libfido2-1.16.0/examples/util.c:322:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:327:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:327:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:332:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:332:19: acquire_memory: allocated here
libfido2-1.16.0/examples/util.c:332:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
libfido2-1.16.0/examples/util.c:338:21: branch_false: ...to here
libfido2-1.16.0/examples/util.c:338:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:343:13: branch_false: ...to here
libfido2-1.16.0/examples/util.c:343:13: throw: if ‘PEM_write_PUBKEY’ throws an exception...
libfido2-1.16.0/examples/util.c:343:13: danger: ‘fp’ leaks here; was allocated at [(7)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/6)
#  341|   	}
#  342|   
#  343|-> 	if (PEM_write_PUBKEY(fp, pkey) == 0) {
#  344|   		warnx("PEM_write_PUBKEY");
#  345|   		goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def22]
libfido2-1.16.0/examples/util.c:350:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
libfido2-1.16.0/examples/util.c:317:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:322:13: branch_false: ...to here
libfido2-1.16.0/examples/util.c:322:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:327:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:327:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:332:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:332:19: acquire_memory: allocated here
libfido2-1.16.0/examples/util.c:332:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
libfido2-1.16.0/examples/util.c:338:21: branch_false: ...to here
libfido2-1.16.0/examples/util.c:338:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/examples/util.c:339:17: branch_true: ...to here
libfido2-1.16.0/examples/util.c:350:9: throw: if ‘rs256_pk_free’ throws an exception...
libfido2-1.16.0/examples/util.c:350:9: danger: ‘fp’ leaks here; was allocated at [(7)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/6)
#  348|   	ok = 0;
#  349|   fail:
#  350|-> 	rs256_pk_free(&pk);
#  351|   
#  352|   	if (fp != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def23]
libfido2-1.16.0/examples/util.c:376:21: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(path, "r")’
libfido2-1.16.0/examples/util.c:371:19: acquire_resource: opened here
libfido2-1.16.0/examples/util.c:371:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:376:21: branch_false: ...to here
libfido2-1.16.0/examples/util.c:376:21: throw: if ‘PEM_read_PUBKEY’ throws an exception...
libfido2-1.16.0/examples/util.c:376:21: danger: ‘fopen(path, "r")’ leaks here; was opened at [(1)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/0)
#  374|   	}
#  375|   
#  376|-> 	if ((pkey = PEM_read_PUBKEY(fp, NULL, NULL, NULL)) == NULL) {
#  377|   		warnx("PEM_read_PUBKEY");
#  378|   		goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def24]
libfido2-1.16.0/examples/util.c:376:21: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(path, "r")’
libfido2-1.16.0/examples/util.c:371:19: acquire_memory: allocated here
libfido2-1.16.0/examples/util.c:371:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:376:21: branch_false: ...to here
libfido2-1.16.0/examples/util.c:376:21: throw: if ‘PEM_read_PUBKEY’ throws an exception...
libfido2-1.16.0/examples/util.c:376:21: danger: ‘fopen(path, "r")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/0)
#  374|   	}
#  375|   
#  376|-> 	if ((pkey = PEM_read_PUBKEY(fp, NULL, NULL, NULL)) == NULL) {
#  377|   		warnx("PEM_read_PUBKEY");
#  378|   		goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def25]
libfido2-1.16.0/examples/util.c:419:21: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
libfido2-1.16.0/examples/util.c:398:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:403:13: branch_false: ...to here
libfido2-1.16.0/examples/util.c:403:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:408:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:408:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:413:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:413:19: acquire_memory: allocated here
libfido2-1.16.0/examples/util.c:413:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
libfido2-1.16.0/examples/util.c:419:21: branch_false: ...to here
libfido2-1.16.0/examples/util.c:419:21: throw: if ‘eddsa_pk_to_EVP_PKEY’ throws an exception...
libfido2-1.16.0/examples/util.c:419:21: danger: ‘fp’ leaks here; was allocated at [(7)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/6)
#  417|   	fd = -1; /* owned by fp now */
#  418|   
#  419|-> 	if ((pkey = eddsa_pk_to_EVP_PKEY(pk)) == NULL) {
#  420|   		warnx("eddsa_pk_to_EVP_PKEY");
#  421|   		goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def26]
libfido2-1.16.0/examples/util.c:420:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
libfido2-1.16.0/examples/util.c:398:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:403:13: branch_false: ...to here
libfido2-1.16.0/examples/util.c:403:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:408:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:408:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:413:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:413:19: acquire_memory: allocated here
libfido2-1.16.0/examples/util.c:413:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
libfido2-1.16.0/examples/util.c:419:21: branch_false: ...to here
libfido2-1.16.0/examples/util.c:419:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/examples/util.c:420:17: branch_true: ...to here
libfido2-1.16.0/examples/util.c:420:17: throw: if ‘warnx’ throws an exception...
libfido2-1.16.0/examples/util.c:420:17: danger: ‘fp’ leaks here; was allocated at [(7)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/6)
#  418|   
#  419|   	if ((pkey = eddsa_pk_to_EVP_PKEY(pk)) == NULL) {
#  420|-> 		warnx("eddsa_pk_to_EVP_PKEY");
#  421|   		goto fail;
#  422|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def27]
libfido2-1.16.0/examples/util.c:424:13: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
libfido2-1.16.0/examples/util.c:398:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:403:13: branch_false: ...to here
libfido2-1.16.0/examples/util.c:403:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:408:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:408:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:413:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:413:19: acquire_memory: allocated here
libfido2-1.16.0/examples/util.c:413:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
libfido2-1.16.0/examples/util.c:419:21: branch_false: ...to here
libfido2-1.16.0/examples/util.c:419:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:424:13: branch_false: ...to here
libfido2-1.16.0/examples/util.c:424:13: throw: if ‘PEM_write_PUBKEY’ throws an exception...
libfido2-1.16.0/examples/util.c:424:13: danger: ‘fp’ leaks here; was allocated at [(7)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/6)
#  422|   	}
#  423|   
#  424|-> 	if (PEM_write_PUBKEY(fp, pkey) == 0) {
#  425|   		warnx("PEM_write_PUBKEY");
#  426|   		goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def28]
libfido2-1.16.0/examples/util.c:431:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
libfido2-1.16.0/examples/util.c:398:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:403:13: branch_false: ...to here
libfido2-1.16.0/examples/util.c:403:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:408:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:408:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/examples/util.c:413:19: branch_false: ...to here
libfido2-1.16.0/examples/util.c:413:19: acquire_memory: allocated here
libfido2-1.16.0/examples/util.c:413:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
libfido2-1.16.0/examples/util.c:419:21: branch_false: ...to here
libfido2-1.16.0/examples/util.c:419:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/examples/util.c:420:17: branch_true: ...to here
libfido2-1.16.0/examples/util.c:431:9: throw: if ‘eddsa_pk_free’ throws an exception...
libfido2-1.16.0/examples/util.c:431:9: danger: ‘fp’ leaks here; was allocated at [(7)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/6)
#  429|   	ok = 0;
#  430|   fail:
#  431|-> 	eddsa_pk_free(&pk);
#  432|   
#  433|   	if (fp != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def29]
libfido2-1.16.0/openbsd-compat/readpassphrase.c:98:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/dev/tty", 2)’
libfido2-1.16.0/openbsd-compat/readpassphrase.c:70:12: branch_false: following ‘false’ branch (when ‘bufsiz != 0’)...
libfido2-1.16.0/openbsd-compat/readpassphrase.c:70:12: branch_false: ...to here
libfido2-1.16.0/openbsd-compat/readpassphrase.c:76:21: branch_true: following ‘true’ branch (when ‘i != 65’)...
libfido2-1.16.0/openbsd-compat/readpassphrase.c:77:17: branch_true: ...to here
libfido2-1.16.0/openbsd-compat/readpassphrase.c:83:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/openbsd-compat/readpassphrase.c:84:31: branch_false: ...to here
libfido2-1.16.0/openbsd-compat/readpassphrase.c:84:31: acquire_resource: opened here
libfido2-1.16.0/openbsd-compat/readpassphrase.c:83:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/openbsd-compat/readpassphrase.c:98:12: branch_false: ...to here
libfido2-1.16.0/openbsd-compat/readpassphrase.c:98:12: danger: ‘open("/dev/tty", 2)’ leaks here; was opened at [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6)
#   96|   	 * generate SIGTTOU, so do it *before* installing the signal handlers.
#   97|   	 */
#   98|-> 	if (input != STDIN_FILENO && tcgetattr(input, &oterm) == 0) {
#   99|   		memcpy(&term, &oterm, sizeof(term));
#  100|   		if (!(flags & RPP_ECHO_ON))

Error: COMPILER_WARNING: [#def30] [important]
libfido2-1.16.0/redhat-linux-build/CMakeFiles/CMakeScratch/TryCompile-189n34/CheckSymbolExists.c:8:19: error[error]: ‘freezero’ undeclared (first use in this function)

Error: COMPILER_WARNING: [#def31] [important]
libfido2-1.16.0/redhat-linux-build/CMakeFiles/CMakeScratch/TryCompile-pWeXJM/CheckSymbolExists.c:8:19: error[error]: ‘timingsafe_bcmp’ undeclared (first use in this function)

Error: COMPILER_WARNING: [#def32] [important]
libfido2-1.16.0/redhat-linux-build/CMakeFiles/CMakeScratch/TryCompile-pyJ8qB/CheckSymbolExists.c:8:19: error[error]: ‘memset_s’ undeclared (first use in this function); did you mean ‘memset’?

Error: COMPILER_WARNING: [#def33] [important]
libfido2-1.16.0/redhat-linux-build/CMakeFiles/CMakeScratch/TryCompile-vMuOXH/CheckSymbolExists.c:8:19: error[error]: ‘recallocarray’ undeclared (first use in this function); did you mean ‘reallocarray’?

Error: GCC_ANALYZER_WARNING (CWE-401): [#def34]
libfido2-1.16.0/regress/assert.c:138:13: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/assert.c:510:1: enter_function: entry to ‘junk_sig’
libfido2-1.16.0/regress/assert.c:516:16: acquire_memory: allocated here
libfido2-1.16.0/regress/assert.c:517:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/assert.c:518:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:521:13: call_function: calling ‘alloc_assert’ from ‘junk_sig’
#  136|   	fido_assert_t *a;
#  137|   
#  138|-> 	a = fido_assert_new();
#  139|   	assert(a != NULL);
#  140|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def35]
libfido2-1.16.0/regress/assert.c:147:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/assert.c:487:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/assert.c:492:16: acquire_memory: allocated here
libfido2-1.16.0/regress/assert.c:493:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/assert.c:494:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:497:13: call_function: calling ‘alloc_assert’ from ‘junk_authdata’
libfido2-1.16.0/regress/assert.c:497:13: return_function: returning to ‘junk_authdata’ from ‘alloc_assert’
libfido2-1.16.0/regress/assert.c:498:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:499:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:499:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:501:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:501:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:502:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:502:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:503:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:503:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:504:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:504:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:505:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:505:9: call_function: calling ‘free_assert’ from ‘junk_authdata’
#  145|   free_assert(fido_assert_t *a)
#  146|   {
#  147|-> 	fido_assert_free(&a);
#  148|   	assert(a == NULL);
#  149|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def36]
libfido2-1.16.0/regress/assert.c:174:14: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/assert.c:510:1: enter_function: entry to ‘junk_sig’
libfido2-1.16.0/regress/assert.c:516:16: acquire_memory: allocated here
libfido2-1.16.0/regress/assert.c:517:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/assert.c:518:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:521:13: call_function: calling ‘alloc_assert’ from ‘junk_sig’
libfido2-1.16.0/regress/assert.c:521:13: return_function: returning to ‘junk_sig’ from ‘alloc_assert’
libfido2-1.16.0/regress/assert.c:522:14: call_function: calling ‘alloc_es256_pk’ from ‘junk_sig’
#  172|   	es256_pk_t *pk;
#  173|   
#  174|-> 	pk = es256_pk_new();
#  175|   	assert(pk != NULL);
#  176|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def37]
libfido2-1.16.0/regress/assert.c:183:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/assert.c:510:1: enter_function: entry to ‘junk_sig’
libfido2-1.16.0/regress/assert.c:516:16: acquire_memory: allocated here
libfido2-1.16.0/regress/assert.c:517:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/assert.c:518:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:521:13: call_function: calling ‘alloc_assert’ from ‘junk_sig’
libfido2-1.16.0/regress/assert.c:521:13: return_function: returning to ‘junk_sig’ from ‘alloc_assert’
libfido2-1.16.0/regress/assert.c:522:14: call_function: calling ‘alloc_es256_pk’ from ‘junk_sig’
libfido2-1.16.0/regress/assert.c:522:14: return_function: returning to ‘junk_sig’ from ‘alloc_es256_pk’
libfido2-1.16.0/regress/assert.c:523:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:524:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:524:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:525:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:525:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:526:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:526:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:527:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:527:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:529:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:529:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:530:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:530:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:531:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:531:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:532:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:532:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:533:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:533:9: call_function: calling ‘free_assert’ from ‘junk_sig’
libfido2-1.16.0/regress/assert.c:533:9: return_function: returning to ‘junk_sig’ from ‘free_assert’
libfido2-1.16.0/regress/assert.c:534:9: call_function: calling ‘free_es256_pk’ from ‘junk_sig’
#  181|   free_es256_pk(es256_pk_t *pk)
#  182|   {
#  183|-> 	es256_pk_free(&pk);
#  184|   	assert(pk == NULL);
#  185|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def38]
libfido2-1.16.0/regress/assert.c:448:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/assert.c:435:1: enter_function: entry to ‘junk_cdh’
libfido2-1.16.0/regress/assert.c:441:16: acquire_memory: allocated here
libfido2-1.16.0/regress/assert.c:442:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/assert.c:443:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:446:13: call_function: calling ‘alloc_assert’ from ‘junk_cdh’
libfido2-1.16.0/regress/assert.c:446:13: return_function: returning to ‘junk_cdh’ from ‘alloc_assert’
libfido2-1.16.0/regress/assert.c:447:14: call_function: calling ‘alloc_es256_pk’ from ‘junk_cdh’
libfido2-1.16.0/regress/assert.c:447:14: return_function: returning to ‘junk_cdh’ from ‘alloc_es256_pk’
libfido2-1.16.0/regress/assert.c:448:9: throw: if ‘es256_pk_from_ptr’ throws an exception...
libfido2-1.16.0/regress/assert.c:448:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/1)
#  446|   	a = alloc_assert();
#  447|   	pk = alloc_es256_pk();
#  448|-> 	assert(es256_pk_from_ptr(pk, es256_pk, sizeof(es256_pk)) == FIDO_OK);
#  449|   	assert(fido_assert_set_clientdata_hash(a, junk, sizeof(cdh)) == FIDO_OK);
#  450|   	assert(fido_assert_set_rp(a, "localhost") == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def39]
libfido2-1.16.0/regress/assert.c:449:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/assert.c:435:1: enter_function: entry to ‘junk_cdh’
libfido2-1.16.0/regress/assert.c:441:16: acquire_memory: allocated here
libfido2-1.16.0/regress/assert.c:442:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/assert.c:443:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:446:13: call_function: calling ‘alloc_assert’ from ‘junk_cdh’
libfido2-1.16.0/regress/assert.c:446:13: return_function: returning to ‘junk_cdh’ from ‘alloc_assert’
libfido2-1.16.0/regress/assert.c:447:14: call_function: calling ‘alloc_es256_pk’ from ‘junk_cdh’
libfido2-1.16.0/regress/assert.c:447:14: return_function: returning to ‘junk_cdh’ from ‘alloc_es256_pk’
libfido2-1.16.0/regress/assert.c:448:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:449:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:449:9: throw: if ‘fido_assert_set_clientdata_hash’ throws an exception...
libfido2-1.16.0/regress/assert.c:449:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/1)
#  447|   	pk = alloc_es256_pk();
#  448|   	assert(es256_pk_from_ptr(pk, es256_pk, sizeof(es256_pk)) == FIDO_OK);
#  449|-> 	assert(fido_assert_set_clientdata_hash(a, junk, sizeof(cdh)) == FIDO_OK);
#  450|   	assert(fido_assert_set_rp(a, "localhost") == FIDO_OK);
#  451|   	assert(fido_assert_set_count(a, 1) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def40]
libfido2-1.16.0/regress/assert.c:450:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/assert.c:435:1: enter_function: entry to ‘junk_cdh’
libfido2-1.16.0/regress/assert.c:441:16: acquire_memory: allocated here
libfido2-1.16.0/regress/assert.c:442:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/assert.c:443:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:446:13: call_function: calling ‘alloc_assert’ from ‘junk_cdh’
libfido2-1.16.0/regress/assert.c:446:13: return_function: returning to ‘junk_cdh’ from ‘alloc_assert’
libfido2-1.16.0/regress/assert.c:447:14: call_function: calling ‘alloc_es256_pk’ from ‘junk_cdh’
libfido2-1.16.0/regress/assert.c:447:14: return_function: returning to ‘junk_cdh’ from ‘alloc_es256_pk’
libfido2-1.16.0/regress/assert.c:448:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:449:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:449:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:450:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:450:9: throw: if ‘fido_assert_set_rp’ throws an exception...
libfido2-1.16.0/regress/assert.c:450:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/1)
#  448|   	assert(es256_pk_from_ptr(pk, es256_pk, sizeof(es256_pk)) == FIDO_OK);
#  449|   	assert(fido_assert_set_clientdata_hash(a, junk, sizeof(cdh)) == FIDO_OK);
#  450|-> 	assert(fido_assert_set_rp(a, "localhost") == FIDO_OK);
#  451|   	assert(fido_assert_set_count(a, 1) == FIDO_OK);
#  452|   	assert(fido_assert_set_authdata(a, 0, authdata,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def41]
libfido2-1.16.0/regress/assert.c:451:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/assert.c:435:1: enter_function: entry to ‘junk_cdh’
libfido2-1.16.0/regress/assert.c:441:16: acquire_memory: allocated here
libfido2-1.16.0/regress/assert.c:442:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/assert.c:443:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:446:13: call_function: calling ‘alloc_assert’ from ‘junk_cdh’
libfido2-1.16.0/regress/assert.c:446:13: return_function: returning to ‘junk_cdh’ from ‘alloc_assert’
libfido2-1.16.0/regress/assert.c:447:14: call_function: calling ‘alloc_es256_pk’ from ‘junk_cdh’
libfido2-1.16.0/regress/assert.c:447:14: return_function: returning to ‘junk_cdh’ from ‘alloc_es256_pk’
libfido2-1.16.0/regress/assert.c:448:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:449:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:449:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:450:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:450:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:451:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:451:9: throw: if ‘fido_assert_set_count’ throws an exception...
libfido2-1.16.0/regress/assert.c:451:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/1)
#  449|   	assert(fido_assert_set_clientdata_hash(a, junk, sizeof(cdh)) == FIDO_OK);
#  450|   	assert(fido_assert_set_rp(a, "localhost") == FIDO_OK);
#  451|-> 	assert(fido_assert_set_count(a, 1) == FIDO_OK);
#  452|   	assert(fido_assert_set_authdata(a, 0, authdata,
#  453|   	    sizeof(authdata)) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def42]
libfido2-1.16.0/regress/assert.c:452:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/assert.c:435:1: enter_function: entry to ‘junk_cdh’
libfido2-1.16.0/regress/assert.c:441:16: acquire_memory: allocated here
libfido2-1.16.0/regress/assert.c:442:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/assert.c:443:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:446:13: call_function: calling ‘alloc_assert’ from ‘junk_cdh’
libfido2-1.16.0/regress/assert.c:446:13: return_function: returning to ‘junk_cdh’ from ‘alloc_assert’
libfido2-1.16.0/regress/assert.c:447:14: call_function: calling ‘alloc_es256_pk’ from ‘junk_cdh’
libfido2-1.16.0/regress/assert.c:447:14: return_function: returning to ‘junk_cdh’ from ‘alloc_es256_pk’
libfido2-1.16.0/regress/assert.c:448:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:449:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:449:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:450:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:450:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:451:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:451:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:452:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:452:9: throw: if ‘fido_assert_set_authdata’ throws an exception...
libfido2-1.16.0/regress/assert.c:452:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/1)
#  450|   	assert(fido_assert_set_rp(a, "localhost") == FIDO_OK);
#  451|   	assert(fido_assert_set_count(a, 1) == FIDO_OK);
#  452|-> 	assert(fido_assert_set_authdata(a, 0, authdata,
#  453|   	    sizeof(authdata)) == FIDO_OK);
#  454|   	assert(fido_assert_set_up(a, FIDO_OPT_FALSE) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def43]
libfido2-1.16.0/regress/assert.c:454:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/assert.c:435:1: enter_function: entry to ‘junk_cdh’
libfido2-1.16.0/regress/assert.c:441:16: acquire_memory: allocated here
libfido2-1.16.0/regress/assert.c:442:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/assert.c:443:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:446:13: call_function: calling ‘alloc_assert’ from ‘junk_cdh’
libfido2-1.16.0/regress/assert.c:446:13: return_function: returning to ‘junk_cdh’ from ‘alloc_assert’
libfido2-1.16.0/regress/assert.c:447:14: call_function: calling ‘alloc_es256_pk’ from ‘junk_cdh’
libfido2-1.16.0/regress/assert.c:447:14: return_function: returning to ‘junk_cdh’ from ‘alloc_es256_pk’
libfido2-1.16.0/regress/assert.c:448:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:449:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:449:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:450:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:450:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:451:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:451:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:452:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:452:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:454:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:454:9: throw: if ‘fido_assert_set_up’ throws an exception...
libfido2-1.16.0/regress/assert.c:454:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/1)
#  452|   	assert(fido_assert_set_authdata(a, 0, authdata,
#  453|   	    sizeof(authdata)) == FIDO_OK);
#  454|-> 	assert(fido_assert_set_up(a, FIDO_OPT_FALSE) == FIDO_OK);
#  455|   	assert(fido_assert_set_uv(a, FIDO_OPT_FALSE) == FIDO_OK);
#  456|   	assert(fido_assert_set_sig(a, 0, sig, sizeof(sig)) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def44]
libfido2-1.16.0/regress/assert.c:455:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/assert.c:435:1: enter_function: entry to ‘junk_cdh’
libfido2-1.16.0/regress/assert.c:441:16: acquire_memory: allocated here
libfido2-1.16.0/regress/assert.c:442:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/assert.c:443:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:446:13: call_function: calling ‘alloc_assert’ from ‘junk_cdh’
libfido2-1.16.0/regress/assert.c:446:13: return_function: returning to ‘junk_cdh’ from ‘alloc_assert’
libfido2-1.16.0/regress/assert.c:447:14: call_function: calling ‘alloc_es256_pk’ from ‘junk_cdh’
libfido2-1.16.0/regress/assert.c:447:14: return_function: returning to ‘junk_cdh’ from ‘alloc_es256_pk’
libfido2-1.16.0/regress/assert.c:448:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:449:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:449:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:450:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:450:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:451:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:451:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:452:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:452:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:454:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:454:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:455:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:455:9: throw: if ‘fido_assert_set_uv’ throws an exception...
libfido2-1.16.0/regress/assert.c:455:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/1)
#  453|   	    sizeof(authdata)) == FIDO_OK);
#  454|   	assert(fido_assert_set_up(a, FIDO_OPT_FALSE) == FIDO_OK);
#  455|-> 	assert(fido_assert_set_uv(a, FIDO_OPT_FALSE) == FIDO_OK);
#  456|   	assert(fido_assert_set_sig(a, 0, sig, sizeof(sig)) == FIDO_OK);
#  457|   	assert(fido_assert_verify(a, 0, COSE_ES256, pk) == FIDO_ERR_INVALID_SIG);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def45]
libfido2-1.16.0/regress/assert.c:456:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/assert.c:435:1: enter_function: entry to ‘junk_cdh’
libfido2-1.16.0/regress/assert.c:441:16: acquire_memory: allocated here
libfido2-1.16.0/regress/assert.c:442:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/assert.c:443:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:446:13: call_function: calling ‘alloc_assert’ from ‘junk_cdh’
libfido2-1.16.0/regress/assert.c:446:13: return_function: returning to ‘junk_cdh’ from ‘alloc_assert’
libfido2-1.16.0/regress/assert.c:447:14: call_function: calling ‘alloc_es256_pk’ from ‘junk_cdh’
libfido2-1.16.0/regress/assert.c:447:14: return_function: returning to ‘junk_cdh’ from ‘alloc_es256_pk’
libfido2-1.16.0/regress/assert.c:448:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:449:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:449:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:450:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:450:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:451:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:451:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:452:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:452:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:454:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:454:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:455:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:455:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:456:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:456:9: throw: if ‘fido_assert_set_sig’ throws an exception...
libfido2-1.16.0/regress/assert.c:456:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/1)
#  454|   	assert(fido_assert_set_up(a, FIDO_OPT_FALSE) == FIDO_OK);
#  455|   	assert(fido_assert_set_uv(a, FIDO_OPT_FALSE) == FIDO_OK);
#  456|-> 	assert(fido_assert_set_sig(a, 0, sig, sizeof(sig)) == FIDO_OK);
#  457|   	assert(fido_assert_verify(a, 0, COSE_ES256, pk) == FIDO_ERR_INVALID_SIG);
#  458|   	free_assert(a);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def46]
libfido2-1.16.0/regress/assert.c:457:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/assert.c:435:1: enter_function: entry to ‘junk_cdh’
libfido2-1.16.0/regress/assert.c:441:16: acquire_memory: allocated here
libfido2-1.16.0/regress/assert.c:442:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/assert.c:443:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:446:13: call_function: calling ‘alloc_assert’ from ‘junk_cdh’
libfido2-1.16.0/regress/assert.c:446:13: return_function: returning to ‘junk_cdh’ from ‘alloc_assert’
libfido2-1.16.0/regress/assert.c:447:14: call_function: calling ‘alloc_es256_pk’ from ‘junk_cdh’
libfido2-1.16.0/regress/assert.c:447:14: return_function: returning to ‘junk_cdh’ from ‘alloc_es256_pk’
libfido2-1.16.0/regress/assert.c:448:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:449:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:449:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:450:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:450:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:451:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:451:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:452:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:452:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:454:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:454:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:455:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:455:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:456:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:456:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:457:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:457:9: throw: if ‘fido_assert_verify’ throws an exception...
libfido2-1.16.0/regress/assert.c:457:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/1)
#  455|   	assert(fido_assert_set_uv(a, FIDO_OPT_FALSE) == FIDO_OK);
#  456|   	assert(fido_assert_set_sig(a, 0, sig, sizeof(sig)) == FIDO_OK);
#  457|-> 	assert(fido_assert_verify(a, 0, COSE_ES256, pk) == FIDO_ERR_INVALID_SIG);
#  458|   	free_assert(a);
#  459|   	free_es256_pk(pk);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def47]
libfido2-1.16.0/regress/assert.c:498:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/assert.c:487:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/assert.c:492:16: acquire_memory: allocated here
libfido2-1.16.0/regress/assert.c:493:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/assert.c:494:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:497:13: call_function: calling ‘alloc_assert’ from ‘junk_authdata’
libfido2-1.16.0/regress/assert.c:497:13: return_function: returning to ‘junk_authdata’ from ‘alloc_assert’
libfido2-1.16.0/regress/assert.c:498:9: throw: if ‘fido_assert_set_count’ throws an exception...
libfido2-1.16.0/regress/assert.c:498:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/1)
#  496|   
#  497|   	a = alloc_assert();
#  498|-> 	assert(fido_assert_set_count(a, 1) == FIDO_OK);
#  499|   	assert(fido_assert_set_authdata(a, 0, junk,
#  500|   	    sizeof(authdata)) == FIDO_ERR_INVALID_ARGUMENT);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def48]
libfido2-1.16.0/regress/assert.c:499:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/assert.c:487:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/assert.c:492:16: acquire_memory: allocated here
libfido2-1.16.0/regress/assert.c:493:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/assert.c:494:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:497:13: call_function: calling ‘alloc_assert’ from ‘junk_authdata’
libfido2-1.16.0/regress/assert.c:497:13: return_function: returning to ‘junk_authdata’ from ‘alloc_assert’
libfido2-1.16.0/regress/assert.c:498:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:499:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:499:9: throw: if ‘fido_assert_set_authdata’ throws an exception...
libfido2-1.16.0/regress/assert.c:499:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/1)
#  497|   	a = alloc_assert();
#  498|   	assert(fido_assert_set_count(a, 1) == FIDO_OK);
#  499|-> 	assert(fido_assert_set_authdata(a, 0, junk,
#  500|   	    sizeof(authdata)) == FIDO_ERR_INVALID_ARGUMENT);
#  501|   	assert(fido_assert_authdata_ptr(a, 0) == NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def49]
libfido2-1.16.0/regress/assert.c:501:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/assert.c:487:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/assert.c:492:16: acquire_memory: allocated here
libfido2-1.16.0/regress/assert.c:493:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/assert.c:494:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:497:13: call_function: calling ‘alloc_assert’ from ‘junk_authdata’
libfido2-1.16.0/regress/assert.c:497:13: return_function: returning to ‘junk_authdata’ from ‘alloc_assert’
libfido2-1.16.0/regress/assert.c:498:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:499:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:499:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:501:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:501:9: throw: if ‘fido_assert_authdata_ptr’ throws an exception...
libfido2-1.16.0/regress/assert.c:501:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/1)
#  499|   	assert(fido_assert_set_authdata(a, 0, junk,
#  500|   	    sizeof(authdata)) == FIDO_ERR_INVALID_ARGUMENT);
#  501|-> 	assert(fido_assert_authdata_ptr(a, 0) == NULL);
#  502|   	assert(fido_assert_authdata_len(a, 0) == 0);
#  503|   	assert(fido_assert_authdata_raw_ptr(a, 0) == NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def50]
libfido2-1.16.0/regress/assert.c:502:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/assert.c:487:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/assert.c:492:16: acquire_memory: allocated here
libfido2-1.16.0/regress/assert.c:493:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/assert.c:494:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:497:13: call_function: calling ‘alloc_assert’ from ‘junk_authdata’
libfido2-1.16.0/regress/assert.c:497:13: return_function: returning to ‘junk_authdata’ from ‘alloc_assert’
libfido2-1.16.0/regress/assert.c:498:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:499:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:499:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:501:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:501:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:502:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:502:9: throw: if ‘fido_assert_authdata_len’ throws an exception...
libfido2-1.16.0/regress/assert.c:502:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/1)
#  500|   	    sizeof(authdata)) == FIDO_ERR_INVALID_ARGUMENT);
#  501|   	assert(fido_assert_authdata_ptr(a, 0) == NULL);
#  502|-> 	assert(fido_assert_authdata_len(a, 0) == 0);
#  503|   	assert(fido_assert_authdata_raw_ptr(a, 0) == NULL);
#  504|   	assert(fido_assert_authdata_raw_len(a, 0) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def51]
libfido2-1.16.0/regress/assert.c:503:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/assert.c:487:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/assert.c:492:16: acquire_memory: allocated here
libfido2-1.16.0/regress/assert.c:493:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/assert.c:494:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:497:13: call_function: calling ‘alloc_assert’ from ‘junk_authdata’
libfido2-1.16.0/regress/assert.c:497:13: return_function: returning to ‘junk_authdata’ from ‘alloc_assert’
libfido2-1.16.0/regress/assert.c:498:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:499:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:499:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:501:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:501:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:502:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:502:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:503:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:503:9: throw: if ‘fido_assert_authdata_raw_ptr’ throws an exception...
libfido2-1.16.0/regress/assert.c:503:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/1)
#  501|   	assert(fido_assert_authdata_ptr(a, 0) == NULL);
#  502|   	assert(fido_assert_authdata_len(a, 0) == 0);
#  503|-> 	assert(fido_assert_authdata_raw_ptr(a, 0) == NULL);
#  504|   	assert(fido_assert_authdata_raw_len(a, 0) == 0);
#  505|   	free_assert(a);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def52]
libfido2-1.16.0/regress/assert.c:504:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/assert.c:487:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/assert.c:492:16: acquire_memory: allocated here
libfido2-1.16.0/regress/assert.c:493:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/assert.c:494:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:497:13: call_function: calling ‘alloc_assert’ from ‘junk_authdata’
libfido2-1.16.0/regress/assert.c:497:13: return_function: returning to ‘junk_authdata’ from ‘alloc_assert’
libfido2-1.16.0/regress/assert.c:498:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:499:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:499:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:501:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:501:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:502:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:502:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:503:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:503:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:504:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:504:9: throw: if ‘fido_assert_authdata_raw_len’ throws an exception...
libfido2-1.16.0/regress/assert.c:504:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/1)
#  502|   	assert(fido_assert_authdata_len(a, 0) == 0);
#  503|   	assert(fido_assert_authdata_raw_ptr(a, 0) == NULL);
#  504|-> 	assert(fido_assert_authdata_raw_len(a, 0) == 0);
#  505|   	free_assert(a);
#  506|   	free(junk);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def53]
libfido2-1.16.0/regress/assert.c:523:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/assert.c:510:1: enter_function: entry to ‘junk_sig’
libfido2-1.16.0/regress/assert.c:516:16: acquire_memory: allocated here
libfido2-1.16.0/regress/assert.c:517:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/assert.c:518:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:521:13: call_function: calling ‘alloc_assert’ from ‘junk_sig’
libfido2-1.16.0/regress/assert.c:521:13: return_function: returning to ‘junk_sig’ from ‘alloc_assert’
libfido2-1.16.0/regress/assert.c:522:14: call_function: calling ‘alloc_es256_pk’ from ‘junk_sig’
libfido2-1.16.0/regress/assert.c:522:14: return_function: returning to ‘junk_sig’ from ‘alloc_es256_pk’
libfido2-1.16.0/regress/assert.c:523:9: throw: if ‘es256_pk_from_ptr’ throws an exception...
libfido2-1.16.0/regress/assert.c:523:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/1)
#  521|   	a = alloc_assert();
#  522|   	pk = alloc_es256_pk();
#  523|-> 	assert(es256_pk_from_ptr(pk, es256_pk, sizeof(es256_pk)) == FIDO_OK);
#  524|   	assert(fido_assert_set_clientdata_hash(a, cdh, sizeof(cdh)) == FIDO_OK);
#  525|   	assert(fido_assert_set_rp(a, "localhost") == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def54]
libfido2-1.16.0/regress/assert.c:524:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/assert.c:510:1: enter_function: entry to ‘junk_sig’
libfido2-1.16.0/regress/assert.c:516:16: acquire_memory: allocated here
libfido2-1.16.0/regress/assert.c:517:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/assert.c:518:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:521:13: call_function: calling ‘alloc_assert’ from ‘junk_sig’
libfido2-1.16.0/regress/assert.c:521:13: return_function: returning to ‘junk_sig’ from ‘alloc_assert’
libfido2-1.16.0/regress/assert.c:522:14: call_function: calling ‘alloc_es256_pk’ from ‘junk_sig’
libfido2-1.16.0/regress/assert.c:522:14: return_function: returning to ‘junk_sig’ from ‘alloc_es256_pk’
libfido2-1.16.0/regress/assert.c:523:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:524:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:524:9: throw: if ‘fido_assert_set_clientdata_hash’ throws an exception...
libfido2-1.16.0/regress/assert.c:524:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/1)
#  522|   	pk = alloc_es256_pk();
#  523|   	assert(es256_pk_from_ptr(pk, es256_pk, sizeof(es256_pk)) == FIDO_OK);
#  524|-> 	assert(fido_assert_set_clientdata_hash(a, cdh, sizeof(cdh)) == FIDO_OK);
#  525|   	assert(fido_assert_set_rp(a, "localhost") == FIDO_OK);
#  526|   	assert(fido_assert_set_count(a, 1) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def55]
libfido2-1.16.0/regress/assert.c:525:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/assert.c:510:1: enter_function: entry to ‘junk_sig’
libfido2-1.16.0/regress/assert.c:516:16: acquire_memory: allocated here
libfido2-1.16.0/regress/assert.c:517:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/assert.c:518:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:521:13: call_function: calling ‘alloc_assert’ from ‘junk_sig’
libfido2-1.16.0/regress/assert.c:521:13: return_function: returning to ‘junk_sig’ from ‘alloc_assert’
libfido2-1.16.0/regress/assert.c:522:14: call_function: calling ‘alloc_es256_pk’ from ‘junk_sig’
libfido2-1.16.0/regress/assert.c:522:14: return_function: returning to ‘junk_sig’ from ‘alloc_es256_pk’
libfido2-1.16.0/regress/assert.c:523:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:524:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:524:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:525:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:525:9: throw: if ‘fido_assert_set_rp’ throws an exception...
libfido2-1.16.0/regress/assert.c:525:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/27/codeFlows/0/threadFlows/0/locations/1)
#  523|   	assert(es256_pk_from_ptr(pk, es256_pk, sizeof(es256_pk)) == FIDO_OK);
#  524|   	assert(fido_assert_set_clientdata_hash(a, cdh, sizeof(cdh)) == FIDO_OK);
#  525|-> 	assert(fido_assert_set_rp(a, "localhost") == FIDO_OK);
#  526|   	assert(fido_assert_set_count(a, 1) == FIDO_OK);
#  527|   	assert(fido_assert_set_authdata(a, 0, authdata,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def56]
libfido2-1.16.0/regress/assert.c:526:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/assert.c:510:1: enter_function: entry to ‘junk_sig’
libfido2-1.16.0/regress/assert.c:516:16: acquire_memory: allocated here
libfido2-1.16.0/regress/assert.c:517:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/assert.c:518:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:521:13: call_function: calling ‘alloc_assert’ from ‘junk_sig’
libfido2-1.16.0/regress/assert.c:521:13: return_function: returning to ‘junk_sig’ from ‘alloc_assert’
libfido2-1.16.0/regress/assert.c:522:14: call_function: calling ‘alloc_es256_pk’ from ‘junk_sig’
libfido2-1.16.0/regress/assert.c:522:14: return_function: returning to ‘junk_sig’ from ‘alloc_es256_pk’
libfido2-1.16.0/regress/assert.c:523:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:524:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:524:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:525:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:525:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:526:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:526:9: throw: if ‘fido_assert_set_count’ throws an exception...
libfido2-1.16.0/regress/assert.c:526:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/28/codeFlows/0/threadFlows/0/locations/1)
#  524|   	assert(fido_assert_set_clientdata_hash(a, cdh, sizeof(cdh)) == FIDO_OK);
#  525|   	assert(fido_assert_set_rp(a, "localhost") == FIDO_OK);
#  526|-> 	assert(fido_assert_set_count(a, 1) == FIDO_OK);
#  527|   	assert(fido_assert_set_authdata(a, 0, authdata,
#  528|   	    sizeof(authdata)) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def57]
libfido2-1.16.0/regress/assert.c:527:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/assert.c:510:1: enter_function: entry to ‘junk_sig’
libfido2-1.16.0/regress/assert.c:516:16: acquire_memory: allocated here
libfido2-1.16.0/regress/assert.c:517:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/assert.c:518:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:521:13: call_function: calling ‘alloc_assert’ from ‘junk_sig’
libfido2-1.16.0/regress/assert.c:521:13: return_function: returning to ‘junk_sig’ from ‘alloc_assert’
libfido2-1.16.0/regress/assert.c:522:14: call_function: calling ‘alloc_es256_pk’ from ‘junk_sig’
libfido2-1.16.0/regress/assert.c:522:14: return_function: returning to ‘junk_sig’ from ‘alloc_es256_pk’
libfido2-1.16.0/regress/assert.c:523:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:524:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:524:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:525:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:525:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:526:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:526:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:527:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:527:9: throw: if ‘fido_assert_set_authdata’ throws an exception...
libfido2-1.16.0/regress/assert.c:527:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/29/codeFlows/0/threadFlows/0/locations/1)
#  525|   	assert(fido_assert_set_rp(a, "localhost") == FIDO_OK);
#  526|   	assert(fido_assert_set_count(a, 1) == FIDO_OK);
#  527|-> 	assert(fido_assert_set_authdata(a, 0, authdata,
#  528|   	    sizeof(authdata)) == FIDO_OK);
#  529|   	assert(fido_assert_set_up(a, FIDO_OPT_FALSE) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def58]
libfido2-1.16.0/regress/assert.c:529:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/assert.c:510:1: enter_function: entry to ‘junk_sig’
libfido2-1.16.0/regress/assert.c:516:16: acquire_memory: allocated here
libfido2-1.16.0/regress/assert.c:517:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/assert.c:518:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:521:13: call_function: calling ‘alloc_assert’ from ‘junk_sig’
libfido2-1.16.0/regress/assert.c:521:13: return_function: returning to ‘junk_sig’ from ‘alloc_assert’
libfido2-1.16.0/regress/assert.c:522:14: call_function: calling ‘alloc_es256_pk’ from ‘junk_sig’
libfido2-1.16.0/regress/assert.c:522:14: return_function: returning to ‘junk_sig’ from ‘alloc_es256_pk’
libfido2-1.16.0/regress/assert.c:523:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:524:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:524:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:525:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:525:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:526:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:526:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:527:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:527:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:529:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:529:9: throw: if ‘fido_assert_set_up’ throws an exception...
libfido2-1.16.0/regress/assert.c:529:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/1)
#  527|   	assert(fido_assert_set_authdata(a, 0, authdata,
#  528|   	    sizeof(authdata)) == FIDO_OK);
#  529|-> 	assert(fido_assert_set_up(a, FIDO_OPT_FALSE) == FIDO_OK);
#  530|   	assert(fido_assert_set_uv(a, FIDO_OPT_FALSE) == FIDO_OK);
#  531|   	assert(fido_assert_set_sig(a, 0, junk, sizeof(sig)) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def59]
libfido2-1.16.0/regress/assert.c:530:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/assert.c:510:1: enter_function: entry to ‘junk_sig’
libfido2-1.16.0/regress/assert.c:516:16: acquire_memory: allocated here
libfido2-1.16.0/regress/assert.c:517:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/assert.c:518:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:521:13: call_function: calling ‘alloc_assert’ from ‘junk_sig’
libfido2-1.16.0/regress/assert.c:521:13: return_function: returning to ‘junk_sig’ from ‘alloc_assert’
libfido2-1.16.0/regress/assert.c:522:14: call_function: calling ‘alloc_es256_pk’ from ‘junk_sig’
libfido2-1.16.0/regress/assert.c:522:14: return_function: returning to ‘junk_sig’ from ‘alloc_es256_pk’
libfido2-1.16.0/regress/assert.c:523:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:524:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:524:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:525:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:525:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:526:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:526:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:527:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:527:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:529:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:529:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:530:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:530:9: throw: if ‘fido_assert_set_uv’ throws an exception...
libfido2-1.16.0/regress/assert.c:530:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/31/codeFlows/0/threadFlows/0/locations/1)
#  528|   	    sizeof(authdata)) == FIDO_OK);
#  529|   	assert(fido_assert_set_up(a, FIDO_OPT_FALSE) == FIDO_OK);
#  530|-> 	assert(fido_assert_set_uv(a, FIDO_OPT_FALSE) == FIDO_OK);
#  531|   	assert(fido_assert_set_sig(a, 0, junk, sizeof(sig)) == FIDO_OK);
#  532|   	assert(fido_assert_verify(a, 0, COSE_ES256, pk) == FIDO_ERR_INVALID_SIG);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def60]
libfido2-1.16.0/regress/assert.c:531:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/assert.c:510:1: enter_function: entry to ‘junk_sig’
libfido2-1.16.0/regress/assert.c:516:16: acquire_memory: allocated here
libfido2-1.16.0/regress/assert.c:517:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/assert.c:518:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:521:13: call_function: calling ‘alloc_assert’ from ‘junk_sig’
libfido2-1.16.0/regress/assert.c:521:13: return_function: returning to ‘junk_sig’ from ‘alloc_assert’
libfido2-1.16.0/regress/assert.c:522:14: call_function: calling ‘alloc_es256_pk’ from ‘junk_sig’
libfido2-1.16.0/regress/assert.c:522:14: return_function: returning to ‘junk_sig’ from ‘alloc_es256_pk’
libfido2-1.16.0/regress/assert.c:523:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:524:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:524:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:525:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:525:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:526:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:526:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:527:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:527:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:529:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:529:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:530:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:530:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:531:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:531:9: throw: if ‘fido_assert_set_sig’ throws an exception...
libfido2-1.16.0/regress/assert.c:531:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/32/codeFlows/0/threadFlows/0/locations/1)
#  529|   	assert(fido_assert_set_up(a, FIDO_OPT_FALSE) == FIDO_OK);
#  530|   	assert(fido_assert_set_uv(a, FIDO_OPT_FALSE) == FIDO_OK);
#  531|-> 	assert(fido_assert_set_sig(a, 0, junk, sizeof(sig)) == FIDO_OK);
#  532|   	assert(fido_assert_verify(a, 0, COSE_ES256, pk) == FIDO_ERR_INVALID_SIG);
#  533|   	free_assert(a);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def61]
libfido2-1.16.0/regress/assert.c:532:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/assert.c:510:1: enter_function: entry to ‘junk_sig’
libfido2-1.16.0/regress/assert.c:516:16: acquire_memory: allocated here
libfido2-1.16.0/regress/assert.c:517:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/assert.c:518:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:521:13: call_function: calling ‘alloc_assert’ from ‘junk_sig’
libfido2-1.16.0/regress/assert.c:521:13: return_function: returning to ‘junk_sig’ from ‘alloc_assert’
libfido2-1.16.0/regress/assert.c:522:14: call_function: calling ‘alloc_es256_pk’ from ‘junk_sig’
libfido2-1.16.0/regress/assert.c:522:14: return_function: returning to ‘junk_sig’ from ‘alloc_es256_pk’
libfido2-1.16.0/regress/assert.c:523:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:524:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:524:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:525:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:525:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:526:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:526:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:527:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:527:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:529:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:529:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:530:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:530:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:531:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:531:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/assert.c:532:9: branch_false: ...to here
libfido2-1.16.0/regress/assert.c:532:9: throw: if ‘fido_assert_verify’ throws an exception...
libfido2-1.16.0/regress/assert.c:532:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/33/codeFlows/0/threadFlows/0/locations/1)
#  530|   	assert(fido_assert_set_uv(a, FIDO_OPT_FALSE) == FIDO_OK);
#  531|   	assert(fido_assert_set_sig(a, 0, junk, sizeof(sig)) == FIDO_OK);
#  532|-> 	assert(fido_assert_verify(a, 0, COSE_ES256, pk) == FIDO_ERR_INVALID_SIG);
#  533|   	free_assert(a);
#  534|   	free_es256_pk(pk);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def62]
libfido2-1.16.0/regress/cred.c:2178:13: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2655:1: enter_function: entry to ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2660:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2661:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2662:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2665:13: call_function: calling ‘alloc_cred’ from ‘junk_x509’
# 2176|   	fido_cred_t *c;
# 2177|   
# 2178|-> 	c = fido_cred_new();
# 2179|   	assert(c != NULL);
# 2180|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def63]
libfido2-1.16.0/regress/cred.c:2178:13: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2688:1: enter_function: entry to ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2693:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2694:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2696:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2696:13: call_function: calling ‘alloc_cred’ from ‘invalid_type’
# 2176|   	fido_cred_t *c;
# 2177|   
# 2178|-> 	c = fido_cred_new();
# 2179|   	assert(c != NULL);
# 2180|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def64]
libfido2-1.16.0/regress/cred.c:2187:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2655:1: enter_function: entry to ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2660:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2661:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2662:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2665:13: call_function: calling ‘alloc_cred’ from ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2665:13: return_function: returning to ‘junk_x509’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2666:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2668:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2668:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2669:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2669:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2670:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2670:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2671:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2671:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2672:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2672:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2673:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2673:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2674:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2674:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2675:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2675:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2676:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2676:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2677:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2677:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2678:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2678:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2679:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2679:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2680:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2680:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2681:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2681:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2682:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2682:9: call_function: calling ‘free_cred’ from ‘junk_x509’
# 2185|   free_cred(fido_cred_t *c)
# 2186|   {
# 2187|-> 	fido_cred_free(&c);
# 2188|   	assert(c == NULL);
# 2189|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def65]
libfido2-1.16.0/regress/cred.c:2187:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2354:1: enter_function: entry to ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2359:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2360:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2362:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2362:13: call_function: calling ‘alloc_cred’ from ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2362:13: return_function: returning to ‘no_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2363:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2364:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2364:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2365:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2365:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2366:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2366:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2367:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2367:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2368:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2368:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2369:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2369:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2370:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2370:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2371:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2371:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2372:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2372:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2373:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2373:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2374:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2374:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2375:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2375:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2376:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2376:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2377:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2377:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2378:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2378:9: call_function: calling ‘free_cred’ from ‘no_authdata’
# 2185|   free_cred(fido_cred_t *c)
# 2186|   {
# 2187|-> 	fido_cred_free(&c);
# 2188|   	assert(c == NULL);
# 2189|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def66]
libfido2-1.16.0/regress/cred.c:2363:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2354:1: enter_function: entry to ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2359:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2360:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2362:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2362:13: call_function: calling ‘alloc_cred’ from ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2362:13: return_function: returning to ‘no_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2363:9: throw: if ‘fido_cred_set_type’ throws an exception...
libfido2-1.16.0/regress/cred.c:2363:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/1)
# 2361|   
# 2362|   	c = alloc_cred();
# 2363|-> 	assert(fido_cred_set_type(c, COSE_ES256) == FIDO_OK);
# 2364|   	assert(fido_cred_set_clientdata_hash(c, cdh, sizeof(cdh)) == FIDO_OK);
# 2365|   	assert(fido_cred_set_rp(c, rp_id, rp_name) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def67]
libfido2-1.16.0/regress/cred.c:2364:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2354:1: enter_function: entry to ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2359:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2360:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2362:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2362:13: call_function: calling ‘alloc_cred’ from ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2362:13: return_function: returning to ‘no_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2363:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2364:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2364:9: throw: if ‘fido_cred_set_clientdata_hash’ throws an exception...
libfido2-1.16.0/regress/cred.c:2364:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/1)
# 2362|   	c = alloc_cred();
# 2363|   	assert(fido_cred_set_type(c, COSE_ES256) == FIDO_OK);
# 2364|-> 	assert(fido_cred_set_clientdata_hash(c, cdh, sizeof(cdh)) == FIDO_OK);
# 2365|   	assert(fido_cred_set_rp(c, rp_id, rp_name) == FIDO_OK);
# 2366|   	assert(fido_cred_set_rk(c, FIDO_OPT_FALSE) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def68]
libfido2-1.16.0/regress/cred.c:2365:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2354:1: enter_function: entry to ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2359:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2360:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2362:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2362:13: call_function: calling ‘alloc_cred’ from ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2362:13: return_function: returning to ‘no_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2363:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2364:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2364:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2365:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2365:9: throw: if ‘fido_cred_set_rp’ throws an exception...
libfido2-1.16.0/regress/cred.c:2365:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/1)
# 2363|   	assert(fido_cred_set_type(c, COSE_ES256) == FIDO_OK);
# 2364|   	assert(fido_cred_set_clientdata_hash(c, cdh, sizeof(cdh)) == FIDO_OK);
# 2365|-> 	assert(fido_cred_set_rp(c, rp_id, rp_name) == FIDO_OK);
# 2366|   	assert(fido_cred_set_rk(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2367|   	assert(fido_cred_set_uv(c, FIDO_OPT_FALSE) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def69]
libfido2-1.16.0/regress/cred.c:2366:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2354:1: enter_function: entry to ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2359:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2360:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2362:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2362:13: call_function: calling ‘alloc_cred’ from ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2362:13: return_function: returning to ‘no_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2363:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2364:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2364:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2365:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2365:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2366:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2366:9: throw: if ‘fido_cred_set_rk’ throws an exception...
libfido2-1.16.0/regress/cred.c:2366:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/1)
# 2364|   	assert(fido_cred_set_clientdata_hash(c, cdh, sizeof(cdh)) == FIDO_OK);
# 2365|   	assert(fido_cred_set_rp(c, rp_id, rp_name) == FIDO_OK);
# 2366|-> 	assert(fido_cred_set_rk(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2367|   	assert(fido_cred_set_uv(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2368|   	assert(fido_cred_set_x509(c, x509, sizeof(x509)) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def70]
libfido2-1.16.0/regress/cred.c:2367:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2354:1: enter_function: entry to ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2359:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2360:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2362:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2362:13: call_function: calling ‘alloc_cred’ from ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2362:13: return_function: returning to ‘no_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2363:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2364:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2364:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2365:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2365:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2366:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2366:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2367:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2367:9: throw: if ‘fido_cred_set_uv’ throws an exception...
libfido2-1.16.0/regress/cred.c:2367:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/1)
# 2365|   	assert(fido_cred_set_rp(c, rp_id, rp_name) == FIDO_OK);
# 2366|   	assert(fido_cred_set_rk(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2367|-> 	assert(fido_cred_set_uv(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2368|   	assert(fido_cred_set_x509(c, x509, sizeof(x509)) == FIDO_OK);
# 2369|   	assert(fido_cred_set_sig(c, sig, sizeof(sig)) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def71]
libfido2-1.16.0/regress/cred.c:2368:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2354:1: enter_function: entry to ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2359:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2360:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2362:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2362:13: call_function: calling ‘alloc_cred’ from ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2362:13: return_function: returning to ‘no_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2363:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2364:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2364:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2365:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2365:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2366:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2366:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2367:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2367:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2368:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2368:9: throw: if ‘fido_cred_set_x509’ throws an exception...
libfido2-1.16.0/regress/cred.c:2368:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/1)
# 2366|   	assert(fido_cred_set_rk(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2367|   	assert(fido_cred_set_uv(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2368|-> 	assert(fido_cred_set_x509(c, x509, sizeof(x509)) == FIDO_OK);
# 2369|   	assert(fido_cred_set_sig(c, sig, sizeof(sig)) == FIDO_OK);
# 2370|   	assert(fido_cred_set_fmt(c, "packed") == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def72]
libfido2-1.16.0/regress/cred.c:2369:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2354:1: enter_function: entry to ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2359:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2360:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2362:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2362:13: call_function: calling ‘alloc_cred’ from ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2362:13: return_function: returning to ‘no_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2363:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2364:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2364:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2365:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2365:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2366:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2366:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2367:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2367:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2368:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2368:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2369:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2369:9: throw: if ‘fido_cred_set_sig’ throws an exception...
libfido2-1.16.0/regress/cred.c:2369:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/1)
# 2367|   	assert(fido_cred_set_uv(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2368|   	assert(fido_cred_set_x509(c, x509, sizeof(x509)) == FIDO_OK);
# 2369|-> 	assert(fido_cred_set_sig(c, sig, sizeof(sig)) == FIDO_OK);
# 2370|   	assert(fido_cred_set_fmt(c, "packed") == FIDO_OK);
# 2371|   	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_ARGUMENT);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def73]
libfido2-1.16.0/regress/cred.c:2370:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2354:1: enter_function: entry to ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2359:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2360:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2362:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2362:13: call_function: calling ‘alloc_cred’ from ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2362:13: return_function: returning to ‘no_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2363:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2364:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2364:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2365:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2365:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2366:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2366:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2367:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2367:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2368:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2368:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2369:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2369:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2370:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2370:9: throw: if ‘fido_cred_set_fmt’ throws an exception...
libfido2-1.16.0/regress/cred.c:2370:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/1)
# 2368|   	assert(fido_cred_set_x509(c, x509, sizeof(x509)) == FIDO_OK);
# 2369|   	assert(fido_cred_set_sig(c, sig, sizeof(sig)) == FIDO_OK);
# 2370|-> 	assert(fido_cred_set_fmt(c, "packed") == FIDO_OK);
# 2371|   	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_ARGUMENT);
# 2372|   	assert(fido_cred_pubkey_len(c) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def74]
libfido2-1.16.0/regress/cred.c:2371:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2354:1: enter_function: entry to ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2359:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2360:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2362:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2362:13: call_function: calling ‘alloc_cred’ from ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2362:13: return_function: returning to ‘no_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2363:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2364:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2364:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2365:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2365:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2366:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2366:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2367:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2367:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2368:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2368:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2369:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2369:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2370:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2370:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2371:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2371:9: throw: if ‘fido_cred_verify’ throws an exception...
libfido2-1.16.0/regress/cred.c:2371:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/1)
# 2369|   	assert(fido_cred_set_sig(c, sig, sizeof(sig)) == FIDO_OK);
# 2370|   	assert(fido_cred_set_fmt(c, "packed") == FIDO_OK);
# 2371|-> 	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_ARGUMENT);
# 2372|   	assert(fido_cred_pubkey_len(c) == 0);
# 2373|   	assert(fido_cred_pubkey_ptr(c) == NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def75]
libfido2-1.16.0/regress/cred.c:2372:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2354:1: enter_function: entry to ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2359:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2360:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2362:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2362:13: call_function: calling ‘alloc_cred’ from ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2362:13: return_function: returning to ‘no_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2363:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2364:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2364:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2365:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2365:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2366:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2366:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2367:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2367:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2368:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2368:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2369:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2369:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2370:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2370:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2371:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2371:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2372:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2372:9: throw: if ‘fido_cred_pubkey_len’ throws an exception...
libfido2-1.16.0/regress/cred.c:2372:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/1)
# 2370|   	assert(fido_cred_set_fmt(c, "packed") == FIDO_OK);
# 2371|   	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_ARGUMENT);
# 2372|-> 	assert(fido_cred_pubkey_len(c) == 0);
# 2373|   	assert(fido_cred_pubkey_ptr(c) == NULL);
# 2374|   	assert(fido_cred_id_len(c) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def76]
libfido2-1.16.0/regress/cred.c:2373:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2354:1: enter_function: entry to ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2359:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2360:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2362:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2362:13: call_function: calling ‘alloc_cred’ from ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2362:13: return_function: returning to ‘no_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2363:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2364:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2364:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2365:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2365:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2366:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2366:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2367:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2367:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2368:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2368:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2369:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2369:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2370:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2370:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2371:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2371:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2372:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2372:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2373:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2373:9: throw: if ‘fido_cred_pubkey_ptr’ throws an exception...
libfido2-1.16.0/regress/cred.c:2373:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/1)
# 2371|   	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_ARGUMENT);
# 2372|   	assert(fido_cred_pubkey_len(c) == 0);
# 2373|-> 	assert(fido_cred_pubkey_ptr(c) == NULL);
# 2374|   	assert(fido_cred_id_len(c) == 0);
# 2375|   	assert(fido_cred_id_ptr(c) == NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def77]
libfido2-1.16.0/regress/cred.c:2374:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2354:1: enter_function: entry to ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2359:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2360:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2362:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2362:13: call_function: calling ‘alloc_cred’ from ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2362:13: return_function: returning to ‘no_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2363:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2364:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2364:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2365:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2365:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2366:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2366:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2367:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2367:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2368:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2368:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2369:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2369:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2370:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2370:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2371:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2371:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2372:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2372:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2373:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2373:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2374:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2374:9: throw: if ‘fido_cred_id_len’ throws an exception...
libfido2-1.16.0/regress/cred.c:2374:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/1)
# 2372|   	assert(fido_cred_pubkey_len(c) == 0);
# 2373|   	assert(fido_cred_pubkey_ptr(c) == NULL);
# 2374|-> 	assert(fido_cred_id_len(c) == 0);
# 2375|   	assert(fido_cred_id_ptr(c) == NULL);
# 2376|   	assert(fido_cred_aaguid_len(c) == sizeof(aaguid));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def78]
libfido2-1.16.0/regress/cred.c:2375:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2354:1: enter_function: entry to ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2359:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2360:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2362:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2362:13: call_function: calling ‘alloc_cred’ from ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2362:13: return_function: returning to ‘no_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2363:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2364:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2364:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2365:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2365:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2366:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2366:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2367:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2367:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2368:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2368:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2369:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2369:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2370:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2370:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2371:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2371:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2372:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2372:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2373:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2373:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2374:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2374:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2375:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2375:9: throw: if ‘fido_cred_id_ptr’ throws an exception...
libfido2-1.16.0/regress/cred.c:2375:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/1)
# 2373|   	assert(fido_cred_pubkey_ptr(c) == NULL);
# 2374|   	assert(fido_cred_id_len(c) == 0);
# 2375|-> 	assert(fido_cred_id_ptr(c) == NULL);
# 2376|   	assert(fido_cred_aaguid_len(c) == sizeof(aaguid));
# 2377|   	assert(memcmp(fido_cred_aaguid_ptr(c), unset, sizeof(aaguid)) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def79]
libfido2-1.16.0/regress/cred.c:2376:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2354:1: enter_function: entry to ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2359:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2360:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2362:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2362:13: call_function: calling ‘alloc_cred’ from ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2362:13: return_function: returning to ‘no_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2363:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2364:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2364:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2365:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2365:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2366:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2366:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2367:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2367:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2368:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2368:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2369:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2369:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2370:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2370:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2371:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2371:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2372:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2372:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2373:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2373:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2374:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2374:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2375:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2375:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2376:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2376:9: throw: if ‘fido_cred_aaguid_len’ throws an exception...
libfido2-1.16.0/regress/cred.c:2376:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/27/codeFlows/0/threadFlows/0/locations/1)
# 2374|   	assert(fido_cred_id_len(c) == 0);
# 2375|   	assert(fido_cred_id_ptr(c) == NULL);
# 2376|-> 	assert(fido_cred_aaguid_len(c) == sizeof(aaguid));
# 2377|   	assert(memcmp(fido_cred_aaguid_ptr(c), unset, sizeof(aaguid)) == 0);
# 2378|   	free_cred(c);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def80]
libfido2-1.16.0/regress/cred.c:2377:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2354:1: enter_function: entry to ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2359:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2360:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2362:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2362:13: call_function: calling ‘alloc_cred’ from ‘no_authdata’
libfido2-1.16.0/regress/cred.c:2362:13: return_function: returning to ‘no_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2363:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2364:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2364:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2365:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2365:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2366:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2366:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2367:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2367:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2368:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2368:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2369:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2369:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2370:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2370:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2371:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2371:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2372:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2372:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2373:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2373:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2374:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2374:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2375:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2375:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2376:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2376:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2377:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2377:9: throw: if ‘fido_cred_aaguid_ptr’ throws an exception...
libfido2-1.16.0/regress/cred.c:2377:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/28/codeFlows/0/threadFlows/0/locations/1)
# 2375|   	assert(fido_cred_id_ptr(c) == NULL);
# 2376|   	assert(fido_cred_aaguid_len(c) == sizeof(aaguid));
# 2377|-> 	assert(memcmp(fido_cred_aaguid_ptr(c), unset, sizeof(aaguid)) == 0);
# 2378|   	free_cred(c);
# 2379|   	free(unset);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def81]
libfido2-1.16.0/regress/cred.c:2491:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2480:1: enter_function: entry to ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2485:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2486:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2487:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2490:13: call_function: calling ‘alloc_cred’ from ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2490:13: return_function: returning to ‘junk_cdh’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2491:9: throw: if ‘fido_cred_set_type’ throws an exception...
libfido2-1.16.0/regress/cred.c:2491:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/29/codeFlows/0/threadFlows/0/locations/1)
# 2489|   
# 2490|   	c = alloc_cred();
# 2491|-> 	assert(fido_cred_set_type(c, COSE_ES256) == FIDO_OK);
# 2492|   	assert(fido_cred_set_clientdata_hash(c, junk, sizeof(cdh)) == FIDO_OK);
# 2493|   	assert(fido_cred_set_rp(c, rp_id, rp_name) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def82]
libfido2-1.16.0/regress/cred.c:2492:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2480:1: enter_function: entry to ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2485:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2486:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2487:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2490:13: call_function: calling ‘alloc_cred’ from ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2490:13: return_function: returning to ‘junk_cdh’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2491:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2492:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2492:9: throw: if ‘fido_cred_set_clientdata_hash’ throws an exception...
libfido2-1.16.0/regress/cred.c:2492:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/1)
# 2490|   	c = alloc_cred();
# 2491|   	assert(fido_cred_set_type(c, COSE_ES256) == FIDO_OK);
# 2492|-> 	assert(fido_cred_set_clientdata_hash(c, junk, sizeof(cdh)) == FIDO_OK);
# 2493|   	assert(fido_cred_set_rp(c, rp_id, rp_name) == FIDO_OK);
# 2494|   	assert(fido_cred_set_authdata(c, authdata, sizeof(authdata)) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def83]
libfido2-1.16.0/regress/cred.c:2493:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2480:1: enter_function: entry to ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2485:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2486:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2487:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2490:13: call_function: calling ‘alloc_cred’ from ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2490:13: return_function: returning to ‘junk_cdh’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2491:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2492:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2492:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2493:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2493:9: throw: if ‘fido_cred_set_rp’ throws an exception...
libfido2-1.16.0/regress/cred.c:2493:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/31/codeFlows/0/threadFlows/0/locations/1)
# 2491|   	assert(fido_cred_set_type(c, COSE_ES256) == FIDO_OK);
# 2492|   	assert(fido_cred_set_clientdata_hash(c, junk, sizeof(cdh)) == FIDO_OK);
# 2493|-> 	assert(fido_cred_set_rp(c, rp_id, rp_name) == FIDO_OK);
# 2494|   	assert(fido_cred_set_authdata(c, authdata, sizeof(authdata)) == FIDO_OK);
# 2495|   	assert(fido_cred_set_rk(c, FIDO_OPT_FALSE) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def84]
libfido2-1.16.0/regress/cred.c:2494:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2480:1: enter_function: entry to ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2485:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2486:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2487:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2490:13: call_function: calling ‘alloc_cred’ from ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2490:13: return_function: returning to ‘junk_cdh’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2491:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2492:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2492:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2493:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2493:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2494:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2494:9: throw: if ‘fido_cred_set_authdata’ throws an exception...
libfido2-1.16.0/regress/cred.c:2494:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/32/codeFlows/0/threadFlows/0/locations/1)
# 2492|   	assert(fido_cred_set_clientdata_hash(c, junk, sizeof(cdh)) == FIDO_OK);
# 2493|   	assert(fido_cred_set_rp(c, rp_id, rp_name) == FIDO_OK);
# 2494|-> 	assert(fido_cred_set_authdata(c, authdata, sizeof(authdata)) == FIDO_OK);
# 2495|   	assert(fido_cred_set_rk(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2496|   	assert(fido_cred_set_uv(c, FIDO_OPT_FALSE) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def85]
libfido2-1.16.0/regress/cred.c:2495:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2480:1: enter_function: entry to ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2485:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2486:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2487:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2490:13: call_function: calling ‘alloc_cred’ from ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2490:13: return_function: returning to ‘junk_cdh’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2491:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2492:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2492:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2493:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2493:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2494:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2494:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2495:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2495:9: throw: if ‘fido_cred_set_rk’ throws an exception...
libfido2-1.16.0/regress/cred.c:2495:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/33/codeFlows/0/threadFlows/0/locations/1)
# 2493|   	assert(fido_cred_set_rp(c, rp_id, rp_name) == FIDO_OK);
# 2494|   	assert(fido_cred_set_authdata(c, authdata, sizeof(authdata)) == FIDO_OK);
# 2495|-> 	assert(fido_cred_set_rk(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2496|   	assert(fido_cred_set_uv(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2497|   	assert(fido_cred_set_x509(c, x509, sizeof(x509)) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def86]
libfido2-1.16.0/regress/cred.c:2496:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2480:1: enter_function: entry to ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2485:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2486:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2487:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2490:13: call_function: calling ‘alloc_cred’ from ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2490:13: return_function: returning to ‘junk_cdh’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2491:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2492:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2492:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2493:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2493:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2494:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2494:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2495:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2495:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2496:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2496:9: throw: if ‘fido_cred_set_uv’ throws an exception...
libfido2-1.16.0/regress/cred.c:2496:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/34/codeFlows/0/threadFlows/0/locations/1)
# 2494|   	assert(fido_cred_set_authdata(c, authdata, sizeof(authdata)) == FIDO_OK);
# 2495|   	assert(fido_cred_set_rk(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2496|-> 	assert(fido_cred_set_uv(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2497|   	assert(fido_cred_set_x509(c, x509, sizeof(x509)) == FIDO_OK);
# 2498|   	assert(fido_cred_set_sig(c, sig, sizeof(sig)) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def87]
libfido2-1.16.0/regress/cred.c:2497:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2480:1: enter_function: entry to ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2485:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2486:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2487:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2490:13: call_function: calling ‘alloc_cred’ from ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2490:13: return_function: returning to ‘junk_cdh’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2491:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2492:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2492:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2493:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2493:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2494:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2494:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2495:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2495:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2496:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2496:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2497:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2497:9: throw: if ‘fido_cred_set_x509’ throws an exception...
libfido2-1.16.0/regress/cred.c:2497:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/35/codeFlows/0/threadFlows/0/locations/1)
# 2495|   	assert(fido_cred_set_rk(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2496|   	assert(fido_cred_set_uv(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2497|-> 	assert(fido_cred_set_x509(c, x509, sizeof(x509)) == FIDO_OK);
# 2498|   	assert(fido_cred_set_sig(c, sig, sizeof(sig)) == FIDO_OK);
# 2499|   	assert(fido_cred_set_fmt(c, "packed") == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def88]
libfido2-1.16.0/regress/cred.c:2498:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2480:1: enter_function: entry to ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2485:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2486:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2487:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2490:13: call_function: calling ‘alloc_cred’ from ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2490:13: return_function: returning to ‘junk_cdh’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2491:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2492:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2492:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2493:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2493:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2494:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2494:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2495:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2495:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2496:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2496:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2497:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2497:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2498:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2498:9: throw: if ‘fido_cred_set_sig’ throws an exception...
libfido2-1.16.0/regress/cred.c:2498:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/36/codeFlows/0/threadFlows/0/locations/1)
# 2496|   	assert(fido_cred_set_uv(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2497|   	assert(fido_cred_set_x509(c, x509, sizeof(x509)) == FIDO_OK);
# 2498|-> 	assert(fido_cred_set_sig(c, sig, sizeof(sig)) == FIDO_OK);
# 2499|   	assert(fido_cred_set_fmt(c, "packed") == FIDO_OK);
# 2500|   	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_SIG);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def89]
libfido2-1.16.0/regress/cred.c:2499:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2480:1: enter_function: entry to ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2485:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2486:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2487:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2490:13: call_function: calling ‘alloc_cred’ from ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2490:13: return_function: returning to ‘junk_cdh’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2491:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2492:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2492:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2493:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2493:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2494:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2494:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2495:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2495:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2496:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2496:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2497:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2497:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2498:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2498:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2499:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2499:9: throw: if ‘fido_cred_set_fmt’ throws an exception...
libfido2-1.16.0/regress/cred.c:2499:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/37/codeFlows/0/threadFlows/0/locations/1)
# 2497|   	assert(fido_cred_set_x509(c, x509, sizeof(x509)) == FIDO_OK);
# 2498|   	assert(fido_cred_set_sig(c, sig, sizeof(sig)) == FIDO_OK);
# 2499|-> 	assert(fido_cred_set_fmt(c, "packed") == FIDO_OK);
# 2500|   	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_SIG);
# 2501|   	assert(fido_cred_pubkey_len(c) == sizeof(pubkey));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def90]
libfido2-1.16.0/regress/cred.c:2500:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2480:1: enter_function: entry to ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2485:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2486:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2487:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2490:13: call_function: calling ‘alloc_cred’ from ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2490:13: return_function: returning to ‘junk_cdh’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2491:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2492:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2492:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2493:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2493:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2494:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2494:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2495:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2495:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2496:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2496:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2497:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2497:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2498:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2498:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2499:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2499:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2500:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2500:9: throw: if ‘fido_cred_verify’ throws an exception...
libfido2-1.16.0/regress/cred.c:2500:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/38/codeFlows/0/threadFlows/0/locations/1)
# 2498|   	assert(fido_cred_set_sig(c, sig, sizeof(sig)) == FIDO_OK);
# 2499|   	assert(fido_cred_set_fmt(c, "packed") == FIDO_OK);
# 2500|-> 	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_SIG);
# 2501|   	assert(fido_cred_pubkey_len(c) == sizeof(pubkey));
# 2502|   	assert(memcmp(fido_cred_pubkey_ptr(c), pubkey, sizeof(pubkey)) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def91]
libfido2-1.16.0/regress/cred.c:2501:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2480:1: enter_function: entry to ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2485:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2486:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2487:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2490:13: call_function: calling ‘alloc_cred’ from ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2490:13: return_function: returning to ‘junk_cdh’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2491:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2492:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2492:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2493:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2493:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2494:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2494:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2495:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2495:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2496:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2496:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2497:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2497:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2498:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2498:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2499:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2499:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2500:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2500:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2501:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2501:9: throw: if ‘fido_cred_pubkey_len’ throws an exception...
libfido2-1.16.0/regress/cred.c:2501:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/39/codeFlows/0/threadFlows/0/locations/1)
# 2499|   	assert(fido_cred_set_fmt(c, "packed") == FIDO_OK);
# 2500|   	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_SIG);
# 2501|-> 	assert(fido_cred_pubkey_len(c) == sizeof(pubkey));
# 2502|   	assert(memcmp(fido_cred_pubkey_ptr(c), pubkey, sizeof(pubkey)) == 0);
# 2503|   	assert(fido_cred_id_len(c) == sizeof(id));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def92]
libfido2-1.16.0/regress/cred.c:2502:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2480:1: enter_function: entry to ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2485:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2486:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2487:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2490:13: call_function: calling ‘alloc_cred’ from ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2490:13: return_function: returning to ‘junk_cdh’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2491:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2492:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2492:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2493:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2493:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2494:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2494:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2495:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2495:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2496:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2496:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2497:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2497:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2498:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2498:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2499:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2499:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2500:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2500:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2501:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2501:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2502:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2502:9: throw: if ‘fido_cred_pubkey_ptr’ throws an exception...
libfido2-1.16.0/regress/cred.c:2502:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/40/codeFlows/0/threadFlows/0/locations/1)
# 2500|   	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_SIG);
# 2501|   	assert(fido_cred_pubkey_len(c) == sizeof(pubkey));
# 2502|-> 	assert(memcmp(fido_cred_pubkey_ptr(c), pubkey, sizeof(pubkey)) == 0);
# 2503|   	assert(fido_cred_id_len(c) == sizeof(id));
# 2504|   	assert(memcmp(fido_cred_id_ptr(c), id, sizeof(id)) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def93]
libfido2-1.16.0/regress/cred.c:2503:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2480:1: enter_function: entry to ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2485:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2486:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2487:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2490:13: call_function: calling ‘alloc_cred’ from ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2490:13: return_function: returning to ‘junk_cdh’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2491:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2492:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2492:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2493:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2493:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2494:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2494:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2495:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2495:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2496:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2496:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2497:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2497:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2498:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2498:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2499:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2499:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2500:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2500:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2501:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2501:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2502:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2502:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2503:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2503:9: throw: if ‘fido_cred_id_len’ throws an exception...
libfido2-1.16.0/regress/cred.c:2503:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/41/codeFlows/0/threadFlows/0/locations/1)
# 2501|   	assert(fido_cred_pubkey_len(c) == sizeof(pubkey));
# 2502|   	assert(memcmp(fido_cred_pubkey_ptr(c), pubkey, sizeof(pubkey)) == 0);
# 2503|-> 	assert(fido_cred_id_len(c) == sizeof(id));
# 2504|   	assert(memcmp(fido_cred_id_ptr(c), id, sizeof(id)) == 0);
# 2505|   	assert(fido_cred_aaguid_len(c) == sizeof(aaguid));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def94]
libfido2-1.16.0/regress/cred.c:2504:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2480:1: enter_function: entry to ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2485:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2486:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2487:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2490:13: call_function: calling ‘alloc_cred’ from ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2490:13: return_function: returning to ‘junk_cdh’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2491:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2492:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2492:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2493:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2493:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2494:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2494:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2495:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2495:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2496:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2496:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2497:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2497:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2498:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2498:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2499:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2499:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2500:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2500:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2501:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2501:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2502:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2502:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2503:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2503:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2504:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2504:9: throw: if ‘fido_cred_id_ptr’ throws an exception...
libfido2-1.16.0/regress/cred.c:2504:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/42/codeFlows/0/threadFlows/0/locations/1)
# 2502|   	assert(memcmp(fido_cred_pubkey_ptr(c), pubkey, sizeof(pubkey)) == 0);
# 2503|   	assert(fido_cred_id_len(c) == sizeof(id));
# 2504|-> 	assert(memcmp(fido_cred_id_ptr(c), id, sizeof(id)) == 0);
# 2505|   	assert(fido_cred_aaguid_len(c) == sizeof(aaguid));
# 2506|   	assert(memcmp(fido_cred_aaguid_ptr(c), aaguid, sizeof(aaguid)) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def95]
libfido2-1.16.0/regress/cred.c:2505:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2480:1: enter_function: entry to ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2485:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2486:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2487:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2490:13: call_function: calling ‘alloc_cred’ from ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2490:13: return_function: returning to ‘junk_cdh’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2491:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2492:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2492:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2493:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2493:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2494:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2494:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2495:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2495:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2496:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2496:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2497:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2497:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2498:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2498:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2499:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2499:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2500:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2500:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2501:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2501:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2502:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2502:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2503:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2503:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2504:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2504:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2505:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2505:9: throw: if ‘fido_cred_aaguid_len’ throws an exception...
libfido2-1.16.0/regress/cred.c:2505:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/43/codeFlows/0/threadFlows/0/locations/1)
# 2503|   	assert(fido_cred_id_len(c) == sizeof(id));
# 2504|   	assert(memcmp(fido_cred_id_ptr(c), id, sizeof(id)) == 0);
# 2505|-> 	assert(fido_cred_aaguid_len(c) == sizeof(aaguid));
# 2506|   	assert(memcmp(fido_cred_aaguid_ptr(c), aaguid, sizeof(aaguid)) == 0);
# 2507|   	free_cred(c);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def96]
libfido2-1.16.0/regress/cred.c:2506:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2480:1: enter_function: entry to ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2485:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2486:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2487:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2490:13: call_function: calling ‘alloc_cred’ from ‘junk_cdh’
libfido2-1.16.0/regress/cred.c:2490:13: return_function: returning to ‘junk_cdh’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2491:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2492:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2492:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2493:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2493:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2494:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2494:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2495:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2495:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2496:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2496:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2497:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2497:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2498:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2498:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2499:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2499:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2500:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2500:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2501:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2501:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2502:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2502:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2503:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2503:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2504:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2504:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2505:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2505:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2506:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2506:9: throw: if ‘fido_cred_aaguid_ptr’ throws an exception...
libfido2-1.16.0/regress/cred.c:2506:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/44/codeFlows/0/threadFlows/0/locations/1)
# 2504|   	assert(memcmp(fido_cred_id_ptr(c), id, sizeof(id)) == 0);
# 2505|   	assert(fido_cred_aaguid_len(c) == sizeof(aaguid));
# 2506|-> 	assert(memcmp(fido_cred_aaguid_ptr(c), aaguid, sizeof(aaguid)) == 0);
# 2507|   	free_cred(c);
# 2508|   	free(junk);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def97]
libfido2-1.16.0/regress/cred.c:2596:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2587:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: throw: if ‘fido_cred_set_authdata’ throws an exception...
libfido2-1.16.0/regress/cred.c:2596:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/45/codeFlows/0/threadFlows/0/locations/1)
# 2594|   
# 2595|   	c = alloc_cred();
# 2596|-> 	assert(fido_cred_set_authdata(c, junk,
# 2597|   	    sizeof(authdata)) == FIDO_ERR_INVALID_ARGUMENT);
# 2598|   	assert(fido_cred_authdata_len(c) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def98]
libfido2-1.16.0/regress/cred.c:2596:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2592:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: throw: if ‘fido_cred_set_authdata’ throws an exception...
libfido2-1.16.0/regress/cred.c:2596:9: danger: ‘unset’ leaks here; was allocated at [(4)](sarif:/runs/0/results/46/codeFlows/0/threadFlows/0/locations/3)
# 2594|   
# 2595|   	c = alloc_cred();
# 2596|-> 	assert(fido_cred_set_authdata(c, junk,
# 2597|   	    sizeof(authdata)) == FIDO_ERR_INVALID_ARGUMENT);
# 2598|   	assert(fido_cred_authdata_len(c) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def99]
libfido2-1.16.0/regress/cred.c:2598:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2587:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: throw: if ‘fido_cred_authdata_len’ throws an exception...
libfido2-1.16.0/regress/cred.c:2598:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/47/codeFlows/0/threadFlows/0/locations/1)
# 2596|   	assert(fido_cred_set_authdata(c, junk,
# 2597|   	    sizeof(authdata)) == FIDO_ERR_INVALID_ARGUMENT);
# 2598|-> 	assert(fido_cred_authdata_len(c) == 0);
# 2599|   	assert(fido_cred_authdata_ptr(c) == NULL);
# 2600|   	assert(fido_cred_authdata_raw_len(c) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def100]
libfido2-1.16.0/regress/cred.c:2598:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2592:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: throw: if ‘fido_cred_authdata_len’ throws an exception...
libfido2-1.16.0/regress/cred.c:2598:9: danger: ‘unset’ leaks here; was allocated at [(4)](sarif:/runs/0/results/48/codeFlows/0/threadFlows/0/locations/3)
# 2596|   	assert(fido_cred_set_authdata(c, junk,
# 2597|   	    sizeof(authdata)) == FIDO_ERR_INVALID_ARGUMENT);
# 2598|-> 	assert(fido_cred_authdata_len(c) == 0);
# 2599|   	assert(fido_cred_authdata_ptr(c) == NULL);
# 2600|   	assert(fido_cred_authdata_raw_len(c) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def101]
libfido2-1.16.0/regress/cred.c:2599:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2587:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: throw: if ‘fido_cred_authdata_ptr’ throws an exception...
libfido2-1.16.0/regress/cred.c:2599:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/49/codeFlows/0/threadFlows/0/locations/1)
# 2597|   	    sizeof(authdata)) == FIDO_ERR_INVALID_ARGUMENT);
# 2598|   	assert(fido_cred_authdata_len(c) == 0);
# 2599|-> 	assert(fido_cred_authdata_ptr(c) == NULL);
# 2600|   	assert(fido_cred_authdata_raw_len(c) == 0);
# 2601|   	assert(fido_cred_authdata_raw_ptr(c) == NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def102]
libfido2-1.16.0/regress/cred.c:2599:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2592:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: throw: if ‘fido_cred_authdata_ptr’ throws an exception...
libfido2-1.16.0/regress/cred.c:2599:9: danger: ‘unset’ leaks here; was allocated at [(4)](sarif:/runs/0/results/50/codeFlows/0/threadFlows/0/locations/3)
# 2597|   	    sizeof(authdata)) == FIDO_ERR_INVALID_ARGUMENT);
# 2598|   	assert(fido_cred_authdata_len(c) == 0);
# 2599|-> 	assert(fido_cred_authdata_ptr(c) == NULL);
# 2600|   	assert(fido_cred_authdata_raw_len(c) == 0);
# 2601|   	assert(fido_cred_authdata_raw_ptr(c) == NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def103]
libfido2-1.16.0/regress/cred.c:2600:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2587:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: throw: if ‘fido_cred_authdata_raw_len’ throws an exception...
libfido2-1.16.0/regress/cred.c:2600:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/51/codeFlows/0/threadFlows/0/locations/1)
# 2598|   	assert(fido_cred_authdata_len(c) == 0);
# 2599|   	assert(fido_cred_authdata_ptr(c) == NULL);
# 2600|-> 	assert(fido_cred_authdata_raw_len(c) == 0);
# 2601|   	assert(fido_cred_authdata_raw_ptr(c) == NULL);
# 2602|   	assert(fido_cred_flags(c) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def104]
libfido2-1.16.0/regress/cred.c:2600:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2592:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: throw: if ‘fido_cred_authdata_raw_len’ throws an exception...
libfido2-1.16.0/regress/cred.c:2600:9: danger: ‘unset’ leaks here; was allocated at [(4)](sarif:/runs/0/results/52/codeFlows/0/threadFlows/0/locations/3)
# 2598|   	assert(fido_cred_authdata_len(c) == 0);
# 2599|   	assert(fido_cred_authdata_ptr(c) == NULL);
# 2600|-> 	assert(fido_cred_authdata_raw_len(c) == 0);
# 2601|   	assert(fido_cred_authdata_raw_ptr(c) == NULL);
# 2602|   	assert(fido_cred_flags(c) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def105]
libfido2-1.16.0/regress/cred.c:2601:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2587:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: throw: if ‘fido_cred_authdata_raw_ptr’ throws an exception...
libfido2-1.16.0/regress/cred.c:2601:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/53/codeFlows/0/threadFlows/0/locations/1)
# 2599|   	assert(fido_cred_authdata_ptr(c) == NULL);
# 2600|   	assert(fido_cred_authdata_raw_len(c) == 0);
# 2601|-> 	assert(fido_cred_authdata_raw_ptr(c) == NULL);
# 2602|   	assert(fido_cred_flags(c) == 0);
# 2603|   	assert(fido_cred_fmt(c) == NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def106]
libfido2-1.16.0/regress/cred.c:2601:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2592:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: throw: if ‘fido_cred_authdata_raw_ptr’ throws an exception...
libfido2-1.16.0/regress/cred.c:2601:9: danger: ‘unset’ leaks here; was allocated at [(4)](sarif:/runs/0/results/54/codeFlows/0/threadFlows/0/locations/3)
# 2599|   	assert(fido_cred_authdata_ptr(c) == NULL);
# 2600|   	assert(fido_cred_authdata_raw_len(c) == 0);
# 2601|-> 	assert(fido_cred_authdata_raw_ptr(c) == NULL);
# 2602|   	assert(fido_cred_flags(c) == 0);
# 2603|   	assert(fido_cred_fmt(c) == NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def107]
libfido2-1.16.0/regress/cred.c:2602:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2587:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2602:9: throw: if ‘fido_cred_flags’ throws an exception...
libfido2-1.16.0/regress/cred.c:2602:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/55/codeFlows/0/threadFlows/0/locations/1)
# 2600|   	assert(fido_cred_authdata_raw_len(c) == 0);
# 2601|   	assert(fido_cred_authdata_raw_ptr(c) == NULL);
# 2602|-> 	assert(fido_cred_flags(c) == 0);
# 2603|   	assert(fido_cred_fmt(c) == NULL);
# 2604|   	assert(fido_cred_id_len(c) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def108]
libfido2-1.16.0/regress/cred.c:2602:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2592:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2602:9: throw: if ‘fido_cred_flags’ throws an exception...
libfido2-1.16.0/regress/cred.c:2602:9: danger: ‘unset’ leaks here; was allocated at [(4)](sarif:/runs/0/results/56/codeFlows/0/threadFlows/0/locations/3)
# 2600|   	assert(fido_cred_authdata_raw_len(c) == 0);
# 2601|   	assert(fido_cred_authdata_raw_ptr(c) == NULL);
# 2602|-> 	assert(fido_cred_flags(c) == 0);
# 2603|   	assert(fido_cred_fmt(c) == NULL);
# 2604|   	assert(fido_cred_id_len(c) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def109]
libfido2-1.16.0/regress/cred.c:2603:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2587:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2603:9: throw: if ‘fido_cred_fmt’ throws an exception...
libfido2-1.16.0/regress/cred.c:2603:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/57/codeFlows/0/threadFlows/0/locations/1)
# 2601|   	assert(fido_cred_authdata_raw_ptr(c) == NULL);
# 2602|   	assert(fido_cred_flags(c) == 0);
# 2603|-> 	assert(fido_cred_fmt(c) == NULL);
# 2604|   	assert(fido_cred_id_len(c) == 0);
# 2605|   	assert(fido_cred_id_ptr(c) == NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def110]
libfido2-1.16.0/regress/cred.c:2603:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2592:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2603:9: throw: if ‘fido_cred_fmt’ throws an exception...
libfido2-1.16.0/regress/cred.c:2603:9: danger: ‘unset’ leaks here; was allocated at [(4)](sarif:/runs/0/results/58/codeFlows/0/threadFlows/0/locations/3)
# 2601|   	assert(fido_cred_authdata_raw_ptr(c) == NULL);
# 2602|   	assert(fido_cred_flags(c) == 0);
# 2603|-> 	assert(fido_cred_fmt(c) == NULL);
# 2604|   	assert(fido_cred_id_len(c) == 0);
# 2605|   	assert(fido_cred_id_ptr(c) == NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def111]
libfido2-1.16.0/regress/cred.c:2604:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2587:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2604:9: throw: if ‘fido_cred_id_len’ throws an exception...
libfido2-1.16.0/regress/cred.c:2604:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/59/codeFlows/0/threadFlows/0/locations/1)
# 2602|   	assert(fido_cred_flags(c) == 0);
# 2603|   	assert(fido_cred_fmt(c) == NULL);
# 2604|-> 	assert(fido_cred_id_len(c) == 0);
# 2605|   	assert(fido_cred_id_ptr(c) == NULL);
# 2606|   	assert(fido_cred_pubkey_len(c) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def112]
libfido2-1.16.0/regress/cred.c:2604:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2592:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2604:9: throw: if ‘fido_cred_id_len’ throws an exception...
libfido2-1.16.0/regress/cred.c:2604:9: danger: ‘unset’ leaks here; was allocated at [(4)](sarif:/runs/0/results/60/codeFlows/0/threadFlows/0/locations/3)
# 2602|   	assert(fido_cred_flags(c) == 0);
# 2603|   	assert(fido_cred_fmt(c) == NULL);
# 2604|-> 	assert(fido_cred_id_len(c) == 0);
# 2605|   	assert(fido_cred_id_ptr(c) == NULL);
# 2606|   	assert(fido_cred_pubkey_len(c) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def113]
libfido2-1.16.0/regress/cred.c:2605:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2587:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2605:9: throw: if ‘fido_cred_id_ptr’ throws an exception...
libfido2-1.16.0/regress/cred.c:2605:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/61/codeFlows/0/threadFlows/0/locations/1)
# 2603|   	assert(fido_cred_fmt(c) == NULL);
# 2604|   	assert(fido_cred_id_len(c) == 0);
# 2605|-> 	assert(fido_cred_id_ptr(c) == NULL);
# 2606|   	assert(fido_cred_pubkey_len(c) == 0);
# 2607|   	assert(fido_cred_pubkey_ptr(c) == NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def114]
libfido2-1.16.0/regress/cred.c:2605:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2592:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2605:9: throw: if ‘fido_cred_id_ptr’ throws an exception...
libfido2-1.16.0/regress/cred.c:2605:9: danger: ‘unset’ leaks here; was allocated at [(4)](sarif:/runs/0/results/62/codeFlows/0/threadFlows/0/locations/3)
# 2603|   	assert(fido_cred_fmt(c) == NULL);
# 2604|   	assert(fido_cred_id_len(c) == 0);
# 2605|-> 	assert(fido_cred_id_ptr(c) == NULL);
# 2606|   	assert(fido_cred_pubkey_len(c) == 0);
# 2607|   	assert(fido_cred_pubkey_ptr(c) == NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def115]
libfido2-1.16.0/regress/cred.c:2606:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2587:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2606:9: throw: if ‘fido_cred_pubkey_len’ throws an exception...
libfido2-1.16.0/regress/cred.c:2606:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/63/codeFlows/0/threadFlows/0/locations/1)
# 2604|   	assert(fido_cred_id_len(c) == 0);
# 2605|   	assert(fido_cred_id_ptr(c) == NULL);
# 2606|-> 	assert(fido_cred_pubkey_len(c) == 0);
# 2607|   	assert(fido_cred_pubkey_ptr(c) == NULL);
# 2608|   	assert(fido_cred_rp_id(c) == NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def116]
libfido2-1.16.0/regress/cred.c:2606:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2592:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2606:9: throw: if ‘fido_cred_pubkey_len’ throws an exception...
libfido2-1.16.0/regress/cred.c:2606:9: danger: ‘unset’ leaks here; was allocated at [(4)](sarif:/runs/0/results/64/codeFlows/0/threadFlows/0/locations/3)
# 2604|   	assert(fido_cred_id_len(c) == 0);
# 2605|   	assert(fido_cred_id_ptr(c) == NULL);
# 2606|-> 	assert(fido_cred_pubkey_len(c) == 0);
# 2607|   	assert(fido_cred_pubkey_ptr(c) == NULL);
# 2608|   	assert(fido_cred_rp_id(c) == NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def117]
libfido2-1.16.0/regress/cred.c:2607:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2587:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2607:9: throw: if ‘fido_cred_pubkey_ptr’ throws an exception...
libfido2-1.16.0/regress/cred.c:2607:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/65/codeFlows/0/threadFlows/0/locations/1)
# 2605|   	assert(fido_cred_id_ptr(c) == NULL);
# 2606|   	assert(fido_cred_pubkey_len(c) == 0);
# 2607|-> 	assert(fido_cred_pubkey_ptr(c) == NULL);
# 2608|   	assert(fido_cred_rp_id(c) == NULL);
# 2609|   	assert(fido_cred_rp_name(c) == NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def118]
libfido2-1.16.0/regress/cred.c:2607:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2592:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2607:9: throw: if ‘fido_cred_pubkey_ptr’ throws an exception...
libfido2-1.16.0/regress/cred.c:2607:9: danger: ‘unset’ leaks here; was allocated at [(4)](sarif:/runs/0/results/66/codeFlows/0/threadFlows/0/locations/3)
# 2605|   	assert(fido_cred_id_ptr(c) == NULL);
# 2606|   	assert(fido_cred_pubkey_len(c) == 0);
# 2607|-> 	assert(fido_cred_pubkey_ptr(c) == NULL);
# 2608|   	assert(fido_cred_rp_id(c) == NULL);
# 2609|   	assert(fido_cred_rp_name(c) == NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def119]
libfido2-1.16.0/regress/cred.c:2608:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2587:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2608:9: throw: if ‘fido_cred_rp_id’ throws an exception...
libfido2-1.16.0/regress/cred.c:2608:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/67/codeFlows/0/threadFlows/0/locations/1)
# 2606|   	assert(fido_cred_pubkey_len(c) == 0);
# 2607|   	assert(fido_cred_pubkey_ptr(c) == NULL);
# 2608|-> 	assert(fido_cred_rp_id(c) == NULL);
# 2609|   	assert(fido_cred_rp_name(c) == NULL);
# 2610|   	assert(fido_cred_sig_len(c) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def120]
libfido2-1.16.0/regress/cred.c:2608:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2592:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2608:9: throw: if ‘fido_cred_rp_id’ throws an exception...
libfido2-1.16.0/regress/cred.c:2608:9: danger: ‘unset’ leaks here; was allocated at [(4)](sarif:/runs/0/results/68/codeFlows/0/threadFlows/0/locations/3)
# 2606|   	assert(fido_cred_pubkey_len(c) == 0);
# 2607|   	assert(fido_cred_pubkey_ptr(c) == NULL);
# 2608|-> 	assert(fido_cred_rp_id(c) == NULL);
# 2609|   	assert(fido_cred_rp_name(c) == NULL);
# 2610|   	assert(fido_cred_sig_len(c) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def121]
libfido2-1.16.0/regress/cred.c:2609:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2587:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2609:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2609:9: throw: if ‘fido_cred_rp_name’ throws an exception...
libfido2-1.16.0/regress/cred.c:2609:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/69/codeFlows/0/threadFlows/0/locations/1)
# 2607|   	assert(fido_cred_pubkey_ptr(c) == NULL);
# 2608|   	assert(fido_cred_rp_id(c) == NULL);
# 2609|-> 	assert(fido_cred_rp_name(c) == NULL);
# 2610|   	assert(fido_cred_sig_len(c) == 0);
# 2611|   	assert(fido_cred_sig_ptr(c) == NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def122]
libfido2-1.16.0/regress/cred.c:2609:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2592:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2609:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2609:9: throw: if ‘fido_cred_rp_name’ throws an exception...
libfido2-1.16.0/regress/cred.c:2609:9: danger: ‘unset’ leaks here; was allocated at [(4)](sarif:/runs/0/results/70/codeFlows/0/threadFlows/0/locations/3)
# 2607|   	assert(fido_cred_pubkey_ptr(c) == NULL);
# 2608|   	assert(fido_cred_rp_id(c) == NULL);
# 2609|-> 	assert(fido_cred_rp_name(c) == NULL);
# 2610|   	assert(fido_cred_sig_len(c) == 0);
# 2611|   	assert(fido_cred_sig_ptr(c) == NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def123]
libfido2-1.16.0/regress/cred.c:2610:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2587:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2609:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2609:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2610:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2610:9: throw: if ‘fido_cred_sig_len’ throws an exception...
libfido2-1.16.0/regress/cred.c:2610:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/71/codeFlows/0/threadFlows/0/locations/1)
# 2608|   	assert(fido_cred_rp_id(c) == NULL);
# 2609|   	assert(fido_cred_rp_name(c) == NULL);
# 2610|-> 	assert(fido_cred_sig_len(c) == 0);
# 2611|   	assert(fido_cred_sig_ptr(c) == NULL);
# 2612|   	assert(fido_cred_x5c_len(c) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def124]
libfido2-1.16.0/regress/cred.c:2610:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2592:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2609:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2609:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2610:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2610:9: throw: if ‘fido_cred_sig_len’ throws an exception...
libfido2-1.16.0/regress/cred.c:2610:9: danger: ‘unset’ leaks here; was allocated at [(4)](sarif:/runs/0/results/72/codeFlows/0/threadFlows/0/locations/3)
# 2608|   	assert(fido_cred_rp_id(c) == NULL);
# 2609|   	assert(fido_cred_rp_name(c) == NULL);
# 2610|-> 	assert(fido_cred_sig_len(c) == 0);
# 2611|   	assert(fido_cred_sig_ptr(c) == NULL);
# 2612|   	assert(fido_cred_x5c_len(c) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def125]
libfido2-1.16.0/regress/cred.c:2611:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2587:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2609:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2609:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2610:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2610:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2611:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2611:9: throw: if ‘fido_cred_sig_ptr’ throws an exception...
libfido2-1.16.0/regress/cred.c:2611:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/73/codeFlows/0/threadFlows/0/locations/1)
# 2609|   	assert(fido_cred_rp_name(c) == NULL);
# 2610|   	assert(fido_cred_sig_len(c) == 0);
# 2611|-> 	assert(fido_cred_sig_ptr(c) == NULL);
# 2612|   	assert(fido_cred_x5c_len(c) == 0);
# 2613|   	assert(fido_cred_x5c_ptr(c) == NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def126]
libfido2-1.16.0/regress/cred.c:2611:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2592:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2609:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2609:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2610:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2610:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2611:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2611:9: throw: if ‘fido_cred_sig_ptr’ throws an exception...
libfido2-1.16.0/regress/cred.c:2611:9: danger: ‘unset’ leaks here; was allocated at [(4)](sarif:/runs/0/results/74/codeFlows/0/threadFlows/0/locations/3)
# 2609|   	assert(fido_cred_rp_name(c) == NULL);
# 2610|   	assert(fido_cred_sig_len(c) == 0);
# 2611|-> 	assert(fido_cred_sig_ptr(c) == NULL);
# 2612|   	assert(fido_cred_x5c_len(c) == 0);
# 2613|   	assert(fido_cred_x5c_ptr(c) == NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def127]
libfido2-1.16.0/regress/cred.c:2612:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2587:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2609:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2609:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2610:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2610:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2611:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2611:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2612:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2612:9: throw: if ‘fido_cred_x5c_len’ throws an exception...
libfido2-1.16.0/regress/cred.c:2612:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/75/codeFlows/0/threadFlows/0/locations/1)
# 2610|   	assert(fido_cred_sig_len(c) == 0);
# 2611|   	assert(fido_cred_sig_ptr(c) == NULL);
# 2612|-> 	assert(fido_cred_x5c_len(c) == 0);
# 2613|   	assert(fido_cred_x5c_ptr(c) == NULL);
# 2614|   	assert(fido_cred_aaguid_len(c) == sizeof(aaguid));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def128]
libfido2-1.16.0/regress/cred.c:2612:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2592:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2609:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2609:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2610:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2610:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2611:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2611:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2612:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2612:9: throw: if ‘fido_cred_x5c_len’ throws an exception...
libfido2-1.16.0/regress/cred.c:2612:9: danger: ‘unset’ leaks here; was allocated at [(4)](sarif:/runs/0/results/76/codeFlows/0/threadFlows/0/locations/3)
# 2610|   	assert(fido_cred_sig_len(c) == 0);
# 2611|   	assert(fido_cred_sig_ptr(c) == NULL);
# 2612|-> 	assert(fido_cred_x5c_len(c) == 0);
# 2613|   	assert(fido_cred_x5c_ptr(c) == NULL);
# 2614|   	assert(fido_cred_aaguid_len(c) == sizeof(aaguid));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def129]
libfido2-1.16.0/regress/cred.c:2613:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2587:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2609:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2609:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2610:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2610:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2611:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2611:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2612:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2612:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2613:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2613:9: throw: if ‘fido_cred_x5c_ptr’ throws an exception...
libfido2-1.16.0/regress/cred.c:2613:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/77/codeFlows/0/threadFlows/0/locations/1)
# 2611|   	assert(fido_cred_sig_ptr(c) == NULL);
# 2612|   	assert(fido_cred_x5c_len(c) == 0);
# 2613|-> 	assert(fido_cred_x5c_ptr(c) == NULL);
# 2614|   	assert(fido_cred_aaguid_len(c) == sizeof(aaguid));
# 2615|   	assert(memcmp(fido_cred_aaguid_ptr(c), unset, sizeof(aaguid)) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def130]
libfido2-1.16.0/regress/cred.c:2613:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2592:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2609:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2609:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2610:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2610:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2611:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2611:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2612:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2612:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2613:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2613:9: throw: if ‘fido_cred_x5c_ptr’ throws an exception...
libfido2-1.16.0/regress/cred.c:2613:9: danger: ‘unset’ leaks here; was allocated at [(4)](sarif:/runs/0/results/78/codeFlows/0/threadFlows/0/locations/3)
# 2611|   	assert(fido_cred_sig_ptr(c) == NULL);
# 2612|   	assert(fido_cred_x5c_len(c) == 0);
# 2613|-> 	assert(fido_cred_x5c_ptr(c) == NULL);
# 2614|   	assert(fido_cred_aaguid_len(c) == sizeof(aaguid));
# 2615|   	assert(memcmp(fido_cred_aaguid_ptr(c), unset, sizeof(aaguid)) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def131]
libfido2-1.16.0/regress/cred.c:2614:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2587:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2609:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2609:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2610:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2610:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2611:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2611:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2612:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2612:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2613:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2613:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2614:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2614:9: throw: if ‘fido_cred_aaguid_len’ throws an exception...
libfido2-1.16.0/regress/cred.c:2614:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/79/codeFlows/0/threadFlows/0/locations/1)
# 2612|   	assert(fido_cred_x5c_len(c) == 0);
# 2613|   	assert(fido_cred_x5c_ptr(c) == NULL);
# 2614|-> 	assert(fido_cred_aaguid_len(c) == sizeof(aaguid));
# 2615|   	assert(memcmp(fido_cred_aaguid_ptr(c), unset, sizeof(aaguid)) == 0);
# 2616|   	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_ARGUMENT);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def132]
libfido2-1.16.0/regress/cred.c:2614:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2592:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2609:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2609:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2610:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2610:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2611:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2611:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2612:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2612:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2613:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2613:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2614:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2614:9: throw: if ‘fido_cred_aaguid_len’ throws an exception...
libfido2-1.16.0/regress/cred.c:2614:9: danger: ‘unset’ leaks here; was allocated at [(4)](sarif:/runs/0/results/80/codeFlows/0/threadFlows/0/locations/3)
# 2612|   	assert(fido_cred_x5c_len(c) == 0);
# 2613|   	assert(fido_cred_x5c_ptr(c) == NULL);
# 2614|-> 	assert(fido_cred_aaguid_len(c) == sizeof(aaguid));
# 2615|   	assert(memcmp(fido_cred_aaguid_ptr(c), unset, sizeof(aaguid)) == 0);
# 2616|   	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_ARGUMENT);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def133]
libfido2-1.16.0/regress/cred.c:2615:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2587:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2609:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2609:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2610:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2610:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2611:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2611:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2612:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2612:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2613:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2613:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2614:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2614:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2615:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2615:9: throw: if ‘fido_cred_aaguid_ptr’ throws an exception...
libfido2-1.16.0/regress/cred.c:2615:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/81/codeFlows/0/threadFlows/0/locations/1)
# 2613|   	assert(fido_cred_x5c_ptr(c) == NULL);
# 2614|   	assert(fido_cred_aaguid_len(c) == sizeof(aaguid));
# 2615|-> 	assert(memcmp(fido_cred_aaguid_ptr(c), unset, sizeof(aaguid)) == 0);
# 2616|   	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_ARGUMENT);
# 2617|   	free_cred(c);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def134]
libfido2-1.16.0/regress/cred.c:2615:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2592:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2609:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2609:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2610:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2610:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2611:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2611:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2612:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2612:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2613:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2613:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2614:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2614:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2615:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2615:9: throw: if ‘fido_cred_aaguid_ptr’ throws an exception...
libfido2-1.16.0/regress/cred.c:2615:9: danger: ‘unset’ leaks here; was allocated at [(4)](sarif:/runs/0/results/82/codeFlows/0/threadFlows/0/locations/3)
# 2613|   	assert(fido_cred_x5c_ptr(c) == NULL);
# 2614|   	assert(fido_cred_aaguid_len(c) == sizeof(aaguid));
# 2615|-> 	assert(memcmp(fido_cred_aaguid_ptr(c), unset, sizeof(aaguid)) == 0);
# 2616|   	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_ARGUMENT);
# 2617|   	free_cred(c);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def135]
libfido2-1.16.0/regress/cred.c:2616:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2587:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2609:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2609:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2610:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2610:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2611:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2611:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2612:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2612:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2613:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2613:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2614:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2614:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2615:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2615:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2616:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2616:9: throw: if ‘fido_cred_verify’ throws an exception...
libfido2-1.16.0/regress/cred.c:2616:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/83/codeFlows/0/threadFlows/0/locations/1)
# 2614|   	assert(fido_cred_aaguid_len(c) == sizeof(aaguid));
# 2615|   	assert(memcmp(fido_cred_aaguid_ptr(c), unset, sizeof(aaguid)) == 0);
# 2616|-> 	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_ARGUMENT);
# 2617|   	free_cred(c);
# 2618|   	free(junk);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def136]
libfido2-1.16.0/regress/cred.c:2616:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2581:1: enter_function: entry to ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2588:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2589:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2592:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2593:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2595:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2595:13: call_function: calling ‘alloc_cred’ from ‘junk_authdata’
libfido2-1.16.0/regress/cred.c:2595:13: return_function: returning to ‘junk_authdata’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2596:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2598:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2599:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2600:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2601:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2602:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2603:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2604:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2605:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2606:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2607:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2608:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2609:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2609:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2610:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2610:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2611:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2611:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2612:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2612:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2613:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2613:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2614:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2614:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2615:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2615:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2616:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2616:9: throw: if ‘fido_cred_verify’ throws an exception...
libfido2-1.16.0/regress/cred.c:2616:9: danger: ‘unset’ leaks here; was allocated at [(4)](sarif:/runs/0/results/84/codeFlows/0/threadFlows/0/locations/3)
# 2614|   	assert(fido_cred_aaguid_len(c) == sizeof(aaguid));
# 2615|   	assert(memcmp(fido_cred_aaguid_ptr(c), unset, sizeof(aaguid)) == 0);
# 2616|-> 	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_ARGUMENT);
# 2617|   	free_cred(c);
# 2618|   	free(junk);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def137]
libfido2-1.16.0/regress/cred.c:2634:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2623:1: enter_function: entry to ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2628:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2629:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2630:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2633:13: call_function: calling ‘alloc_cred’ from ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2633:13: return_function: returning to ‘junk_sig’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2634:9: throw: if ‘fido_cred_set_type’ throws an exception...
libfido2-1.16.0/regress/cred.c:2634:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/85/codeFlows/0/threadFlows/0/locations/1)
# 2632|   
# 2633|   	c = alloc_cred();
# 2634|-> 	assert(fido_cred_set_type(c, COSE_ES256) == FIDO_OK);
# 2635|   	assert(fido_cred_set_clientdata_hash(c, cdh, sizeof(cdh)) == FIDO_OK);
# 2636|   	assert(fido_cred_set_rp(c, rp_id, rp_name) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def138]
libfido2-1.16.0/regress/cred.c:2635:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2623:1: enter_function: entry to ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2628:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2629:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2630:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2633:13: call_function: calling ‘alloc_cred’ from ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2633:13: return_function: returning to ‘junk_sig’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2634:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2635:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2635:9: throw: if ‘fido_cred_set_clientdata_hash’ throws an exception...
libfido2-1.16.0/regress/cred.c:2635:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/86/codeFlows/0/threadFlows/0/locations/1)
# 2633|   	c = alloc_cred();
# 2634|   	assert(fido_cred_set_type(c, COSE_ES256) == FIDO_OK);
# 2635|-> 	assert(fido_cred_set_clientdata_hash(c, cdh, sizeof(cdh)) == FIDO_OK);
# 2636|   	assert(fido_cred_set_rp(c, rp_id, rp_name) == FIDO_OK);
# 2637|   	assert(fido_cred_set_authdata(c, authdata, sizeof(authdata)) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def139]
libfido2-1.16.0/regress/cred.c:2636:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2623:1: enter_function: entry to ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2628:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2629:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2630:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2633:13: call_function: calling ‘alloc_cred’ from ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2633:13: return_function: returning to ‘junk_sig’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2634:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2635:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2635:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2636:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2636:9: throw: if ‘fido_cred_set_rp’ throws an exception...
libfido2-1.16.0/regress/cred.c:2636:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/87/codeFlows/0/threadFlows/0/locations/1)
# 2634|   	assert(fido_cred_set_type(c, COSE_ES256) == FIDO_OK);
# 2635|   	assert(fido_cred_set_clientdata_hash(c, cdh, sizeof(cdh)) == FIDO_OK);
# 2636|-> 	assert(fido_cred_set_rp(c, rp_id, rp_name) == FIDO_OK);
# 2637|   	assert(fido_cred_set_authdata(c, authdata, sizeof(authdata)) == FIDO_OK);
# 2638|   	assert(fido_cred_set_rk(c, FIDO_OPT_FALSE) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def140]
libfido2-1.16.0/regress/cred.c:2637:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2623:1: enter_function: entry to ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2628:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2629:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2630:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2633:13: call_function: calling ‘alloc_cred’ from ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2633:13: return_function: returning to ‘junk_sig’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2634:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2635:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2635:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2636:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2636:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2637:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2637:9: throw: if ‘fido_cred_set_authdata’ throws an exception...
libfido2-1.16.0/regress/cred.c:2637:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/88/codeFlows/0/threadFlows/0/locations/1)
# 2635|   	assert(fido_cred_set_clientdata_hash(c, cdh, sizeof(cdh)) == FIDO_OK);
# 2636|   	assert(fido_cred_set_rp(c, rp_id, rp_name) == FIDO_OK);
# 2637|-> 	assert(fido_cred_set_authdata(c, authdata, sizeof(authdata)) == FIDO_OK);
# 2638|   	assert(fido_cred_set_rk(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2639|   	assert(fido_cred_set_uv(c, FIDO_OPT_FALSE) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def141]
libfido2-1.16.0/regress/cred.c:2638:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2623:1: enter_function: entry to ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2628:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2629:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2630:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2633:13: call_function: calling ‘alloc_cred’ from ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2633:13: return_function: returning to ‘junk_sig’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2634:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2635:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2635:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2636:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2636:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2637:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2637:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2638:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2638:9: throw: if ‘fido_cred_set_rk’ throws an exception...
libfido2-1.16.0/regress/cred.c:2638:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/89/codeFlows/0/threadFlows/0/locations/1)
# 2636|   	assert(fido_cred_set_rp(c, rp_id, rp_name) == FIDO_OK);
# 2637|   	assert(fido_cred_set_authdata(c, authdata, sizeof(authdata)) == FIDO_OK);
# 2638|-> 	assert(fido_cred_set_rk(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2639|   	assert(fido_cred_set_uv(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2640|   	assert(fido_cred_set_x509(c, x509, sizeof(x509)) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def142]
libfido2-1.16.0/regress/cred.c:2639:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2623:1: enter_function: entry to ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2628:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2629:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2630:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2633:13: call_function: calling ‘alloc_cred’ from ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2633:13: return_function: returning to ‘junk_sig’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2634:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2635:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2635:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2636:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2636:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2637:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2637:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2638:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2638:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2639:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2639:9: throw: if ‘fido_cred_set_uv’ throws an exception...
libfido2-1.16.0/regress/cred.c:2639:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/90/codeFlows/0/threadFlows/0/locations/1)
# 2637|   	assert(fido_cred_set_authdata(c, authdata, sizeof(authdata)) == FIDO_OK);
# 2638|   	assert(fido_cred_set_rk(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2639|-> 	assert(fido_cred_set_uv(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2640|   	assert(fido_cred_set_x509(c, x509, sizeof(x509)) == FIDO_OK);
# 2641|   	assert(fido_cred_set_sig(c, junk, sizeof(sig)) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def143]
libfido2-1.16.0/regress/cred.c:2640:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2623:1: enter_function: entry to ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2628:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2629:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2630:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2633:13: call_function: calling ‘alloc_cred’ from ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2633:13: return_function: returning to ‘junk_sig’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2634:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2635:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2635:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2636:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2636:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2637:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2637:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2638:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2638:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2639:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2639:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2640:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2640:9: throw: if ‘fido_cred_set_x509’ throws an exception...
libfido2-1.16.0/regress/cred.c:2640:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/91/codeFlows/0/threadFlows/0/locations/1)
# 2638|   	assert(fido_cred_set_rk(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2639|   	assert(fido_cred_set_uv(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2640|-> 	assert(fido_cred_set_x509(c, x509, sizeof(x509)) == FIDO_OK);
# 2641|   	assert(fido_cred_set_sig(c, junk, sizeof(sig)) == FIDO_OK);
# 2642|   	assert(fido_cred_set_fmt(c, "packed") == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def144]
libfido2-1.16.0/regress/cred.c:2641:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2623:1: enter_function: entry to ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2628:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2629:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2630:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2633:13: call_function: calling ‘alloc_cred’ from ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2633:13: return_function: returning to ‘junk_sig’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2634:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2635:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2635:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2636:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2636:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2637:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2637:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2638:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2638:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2639:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2639:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2640:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2640:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2641:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2641:9: throw: if ‘fido_cred_set_sig’ throws an exception...
libfido2-1.16.0/regress/cred.c:2641:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/92/codeFlows/0/threadFlows/0/locations/1)
# 2639|   	assert(fido_cred_set_uv(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2640|   	assert(fido_cred_set_x509(c, x509, sizeof(x509)) == FIDO_OK);
# 2641|-> 	assert(fido_cred_set_sig(c, junk, sizeof(sig)) == FIDO_OK);
# 2642|   	assert(fido_cred_set_fmt(c, "packed") == FIDO_OK);
# 2643|   	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_SIG);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def145]
libfido2-1.16.0/regress/cred.c:2642:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2623:1: enter_function: entry to ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2628:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2629:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2630:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2633:13: call_function: calling ‘alloc_cred’ from ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2633:13: return_function: returning to ‘junk_sig’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2634:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2635:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2635:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2636:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2636:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2637:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2637:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2638:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2638:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2639:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2639:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2640:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2640:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2641:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2641:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2642:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2642:9: throw: if ‘fido_cred_set_fmt’ throws an exception...
libfido2-1.16.0/regress/cred.c:2642:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/93/codeFlows/0/threadFlows/0/locations/1)
# 2640|   	assert(fido_cred_set_x509(c, x509, sizeof(x509)) == FIDO_OK);
# 2641|   	assert(fido_cred_set_sig(c, junk, sizeof(sig)) == FIDO_OK);
# 2642|-> 	assert(fido_cred_set_fmt(c, "packed") == FIDO_OK);
# 2643|   	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_SIG);
# 2644|   	assert(fido_cred_pubkey_len(c) == sizeof(pubkey));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def146]
libfido2-1.16.0/regress/cred.c:2643:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2623:1: enter_function: entry to ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2628:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2629:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2630:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2633:13: call_function: calling ‘alloc_cred’ from ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2633:13: return_function: returning to ‘junk_sig’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2634:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2635:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2635:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2636:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2636:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2637:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2637:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2638:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2638:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2639:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2639:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2640:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2640:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2641:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2641:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2642:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2642:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2643:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2643:9: throw: if ‘fido_cred_verify’ throws an exception...
libfido2-1.16.0/regress/cred.c:2643:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/94/codeFlows/0/threadFlows/0/locations/1)
# 2641|   	assert(fido_cred_set_sig(c, junk, sizeof(sig)) == FIDO_OK);
# 2642|   	assert(fido_cred_set_fmt(c, "packed") == FIDO_OK);
# 2643|-> 	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_SIG);
# 2644|   	assert(fido_cred_pubkey_len(c) == sizeof(pubkey));
# 2645|   	assert(memcmp(fido_cred_pubkey_ptr(c), pubkey, sizeof(pubkey)) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def147]
libfido2-1.16.0/regress/cred.c:2644:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2623:1: enter_function: entry to ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2628:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2629:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2630:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2633:13: call_function: calling ‘alloc_cred’ from ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2633:13: return_function: returning to ‘junk_sig’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2634:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2635:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2635:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2636:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2636:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2637:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2637:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2638:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2638:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2639:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2639:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2640:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2640:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2641:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2641:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2642:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2642:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2643:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2643:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2644:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2644:9: throw: if ‘fido_cred_pubkey_len’ throws an exception...
libfido2-1.16.0/regress/cred.c:2644:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/95/codeFlows/0/threadFlows/0/locations/1)
# 2642|   	assert(fido_cred_set_fmt(c, "packed") == FIDO_OK);
# 2643|   	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_SIG);
# 2644|-> 	assert(fido_cred_pubkey_len(c) == sizeof(pubkey));
# 2645|   	assert(memcmp(fido_cred_pubkey_ptr(c), pubkey, sizeof(pubkey)) == 0);
# 2646|   	assert(fido_cred_id_len(c) == sizeof(id));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def148]
libfido2-1.16.0/regress/cred.c:2645:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2623:1: enter_function: entry to ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2628:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2629:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2630:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2633:13: call_function: calling ‘alloc_cred’ from ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2633:13: return_function: returning to ‘junk_sig’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2634:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2635:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2635:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2636:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2636:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2637:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2637:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2638:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2638:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2639:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2639:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2640:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2640:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2641:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2641:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2642:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2642:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2643:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2643:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2644:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2644:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2645:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2645:9: throw: if ‘fido_cred_pubkey_ptr’ throws an exception...
libfido2-1.16.0/regress/cred.c:2645:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/96/codeFlows/0/threadFlows/0/locations/1)
# 2643|   	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_SIG);
# 2644|   	assert(fido_cred_pubkey_len(c) == sizeof(pubkey));
# 2645|-> 	assert(memcmp(fido_cred_pubkey_ptr(c), pubkey, sizeof(pubkey)) == 0);
# 2646|   	assert(fido_cred_id_len(c) == sizeof(id));
# 2647|   	assert(memcmp(fido_cred_id_ptr(c), id, sizeof(id)) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def149]
libfido2-1.16.0/regress/cred.c:2646:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2623:1: enter_function: entry to ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2628:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2629:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2630:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2633:13: call_function: calling ‘alloc_cred’ from ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2633:13: return_function: returning to ‘junk_sig’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2634:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2635:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2635:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2636:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2636:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2637:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2637:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2638:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2638:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2639:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2639:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2640:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2640:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2641:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2641:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2642:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2642:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2643:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2643:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2644:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2644:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2645:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2645:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2646:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2646:9: throw: if ‘fido_cred_id_len’ throws an exception...
libfido2-1.16.0/regress/cred.c:2646:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/97/codeFlows/0/threadFlows/0/locations/1)
# 2644|   	assert(fido_cred_pubkey_len(c) == sizeof(pubkey));
# 2645|   	assert(memcmp(fido_cred_pubkey_ptr(c), pubkey, sizeof(pubkey)) == 0);
# 2646|-> 	assert(fido_cred_id_len(c) == sizeof(id));
# 2647|   	assert(memcmp(fido_cred_id_ptr(c), id, sizeof(id)) == 0);
# 2648|   	assert(fido_cred_aaguid_len(c) == sizeof(aaguid));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def150]
libfido2-1.16.0/regress/cred.c:2647:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2623:1: enter_function: entry to ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2628:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2629:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2630:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2633:13: call_function: calling ‘alloc_cred’ from ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2633:13: return_function: returning to ‘junk_sig’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2634:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2635:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2635:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2636:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2636:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2637:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2637:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2638:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2638:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2639:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2639:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2640:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2640:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2641:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2641:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2642:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2642:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2643:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2643:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2644:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2644:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2645:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2645:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2646:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2646:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2647:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2647:9: throw: if ‘fido_cred_id_ptr’ throws an exception...
libfido2-1.16.0/regress/cred.c:2647:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/98/codeFlows/0/threadFlows/0/locations/1)
# 2645|   	assert(memcmp(fido_cred_pubkey_ptr(c), pubkey, sizeof(pubkey)) == 0);
# 2646|   	assert(fido_cred_id_len(c) == sizeof(id));
# 2647|-> 	assert(memcmp(fido_cred_id_ptr(c), id, sizeof(id)) == 0);
# 2648|   	assert(fido_cred_aaguid_len(c) == sizeof(aaguid));
# 2649|   	assert(memcmp(fido_cred_aaguid_ptr(c), aaguid, sizeof(aaguid)) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def151]
libfido2-1.16.0/regress/cred.c:2648:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2623:1: enter_function: entry to ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2628:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2629:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2630:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2633:13: call_function: calling ‘alloc_cred’ from ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2633:13: return_function: returning to ‘junk_sig’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2634:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2635:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2635:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2636:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2636:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2637:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2637:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2638:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2638:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2639:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2639:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2640:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2640:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2641:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2641:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2642:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2642:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2643:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2643:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2644:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2644:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2645:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2645:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2646:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2646:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2647:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2647:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2648:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2648:9: throw: if ‘fido_cred_aaguid_len’ throws an exception...
libfido2-1.16.0/regress/cred.c:2648:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/99/codeFlows/0/threadFlows/0/locations/1)
# 2646|   	assert(fido_cred_id_len(c) == sizeof(id));
# 2647|   	assert(memcmp(fido_cred_id_ptr(c), id, sizeof(id)) == 0);
# 2648|-> 	assert(fido_cred_aaguid_len(c) == sizeof(aaguid));
# 2649|   	assert(memcmp(fido_cred_aaguid_ptr(c), aaguid, sizeof(aaguid)) == 0);
# 2650|   	free_cred(c);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def152]
libfido2-1.16.0/regress/cred.c:2649:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2623:1: enter_function: entry to ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2628:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2629:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2630:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2633:13: call_function: calling ‘alloc_cred’ from ‘junk_sig’
libfido2-1.16.0/regress/cred.c:2633:13: return_function: returning to ‘junk_sig’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2634:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2635:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2635:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2636:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2636:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2637:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2637:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2638:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2638:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2639:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2639:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2640:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2640:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2641:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2641:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2642:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2642:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2643:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2643:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2644:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2644:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2645:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2645:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2646:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2646:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2647:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2647:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2648:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2648:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2649:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2649:9: throw: if ‘fido_cred_aaguid_ptr’ throws an exception...
libfido2-1.16.0/regress/cred.c:2649:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/100/codeFlows/0/threadFlows/0/locations/1)
# 2647|   	assert(memcmp(fido_cred_id_ptr(c), id, sizeof(id)) == 0);
# 2648|   	assert(fido_cred_aaguid_len(c) == sizeof(aaguid));
# 2649|-> 	assert(memcmp(fido_cred_aaguid_ptr(c), aaguid, sizeof(aaguid)) == 0);
# 2650|   	free_cred(c);
# 2651|   	free(junk);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def153]
libfido2-1.16.0/regress/cred.c:2666:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2655:1: enter_function: entry to ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2660:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2661:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2662:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2665:13: call_function: calling ‘alloc_cred’ from ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2665:13: return_function: returning to ‘junk_x509’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2666:9: throw: if ‘fido_cred_set_type’ throws an exception...
libfido2-1.16.0/regress/cred.c:2666:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/101/codeFlows/0/threadFlows/0/locations/1)
# 2664|   
# 2665|   	c = alloc_cred();
# 2666|-> 	assert(fido_cred_set_type(c, COSE_ES256) == FIDO_OK);
# 2667|   	assert(fido_cred_set_clientdata_hash(c, cdh, sizeof(cdh)) == FIDO_OK);
# 2668|   	assert(fido_cred_set_rp(c, rp_id, rp_name) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def154]
libfido2-1.16.0/regress/cred.c:2667:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2655:1: enter_function: entry to ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2660:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2661:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2662:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2665:13: call_function: calling ‘alloc_cred’ from ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2665:13: return_function: returning to ‘junk_x509’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2666:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2667:9: throw: if ‘fido_cred_set_clientdata_hash’ throws an exception...
libfido2-1.16.0/regress/cred.c:2667:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/102/codeFlows/0/threadFlows/0/locations/1)
# 2665|   	c = alloc_cred();
# 2666|   	assert(fido_cred_set_type(c, COSE_ES256) == FIDO_OK);
# 2667|-> 	assert(fido_cred_set_clientdata_hash(c, cdh, sizeof(cdh)) == FIDO_OK);
# 2668|   	assert(fido_cred_set_rp(c, rp_id, rp_name) == FIDO_OK);
# 2669|   	assert(fido_cred_set_authdata(c, authdata, sizeof(authdata)) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def155]
libfido2-1.16.0/regress/cred.c:2668:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2655:1: enter_function: entry to ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2660:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2661:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2662:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2665:13: call_function: calling ‘alloc_cred’ from ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2665:13: return_function: returning to ‘junk_x509’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2666:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2668:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2668:9: throw: if ‘fido_cred_set_rp’ throws an exception...
libfido2-1.16.0/regress/cred.c:2668:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/103/codeFlows/0/threadFlows/0/locations/1)
# 2666|   	assert(fido_cred_set_type(c, COSE_ES256) == FIDO_OK);
# 2667|   	assert(fido_cred_set_clientdata_hash(c, cdh, sizeof(cdh)) == FIDO_OK);
# 2668|-> 	assert(fido_cred_set_rp(c, rp_id, rp_name) == FIDO_OK);
# 2669|   	assert(fido_cred_set_authdata(c, authdata, sizeof(authdata)) == FIDO_OK);
# 2670|   	assert(fido_cred_set_rk(c, FIDO_OPT_FALSE) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def156]
libfido2-1.16.0/regress/cred.c:2669:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2655:1: enter_function: entry to ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2660:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2661:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2662:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2665:13: call_function: calling ‘alloc_cred’ from ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2665:13: return_function: returning to ‘junk_x509’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2666:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2668:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2668:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2669:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2669:9: throw: if ‘fido_cred_set_authdata’ throws an exception...
libfido2-1.16.0/regress/cred.c:2669:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/104/codeFlows/0/threadFlows/0/locations/1)
# 2667|   	assert(fido_cred_set_clientdata_hash(c, cdh, sizeof(cdh)) == FIDO_OK);
# 2668|   	assert(fido_cred_set_rp(c, rp_id, rp_name) == FIDO_OK);
# 2669|-> 	assert(fido_cred_set_authdata(c, authdata, sizeof(authdata)) == FIDO_OK);
# 2670|   	assert(fido_cred_set_rk(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2671|   	assert(fido_cred_set_uv(c, FIDO_OPT_FALSE) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def157]
libfido2-1.16.0/regress/cred.c:2670:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2655:1: enter_function: entry to ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2660:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2661:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2662:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2665:13: call_function: calling ‘alloc_cred’ from ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2665:13: return_function: returning to ‘junk_x509’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2666:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2668:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2668:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2669:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2669:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2670:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2670:9: throw: if ‘fido_cred_set_rk’ throws an exception...
libfido2-1.16.0/regress/cred.c:2670:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/105/codeFlows/0/threadFlows/0/locations/1)
# 2668|   	assert(fido_cred_set_rp(c, rp_id, rp_name) == FIDO_OK);
# 2669|   	assert(fido_cred_set_authdata(c, authdata, sizeof(authdata)) == FIDO_OK);
# 2670|-> 	assert(fido_cred_set_rk(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2671|   	assert(fido_cred_set_uv(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2672|   	assert(fido_cred_set_x509(c, junk, sizeof(x509)) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def158]
libfido2-1.16.0/regress/cred.c:2671:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2655:1: enter_function: entry to ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2660:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2661:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2662:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2665:13: call_function: calling ‘alloc_cred’ from ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2665:13: return_function: returning to ‘junk_x509’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2666:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2668:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2668:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2669:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2669:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2670:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2670:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2671:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2671:9: throw: if ‘fido_cred_set_uv’ throws an exception...
libfido2-1.16.0/regress/cred.c:2671:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/106/codeFlows/0/threadFlows/0/locations/1)
# 2669|   	assert(fido_cred_set_authdata(c, authdata, sizeof(authdata)) == FIDO_OK);
# 2670|   	assert(fido_cred_set_rk(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2671|-> 	assert(fido_cred_set_uv(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2672|   	assert(fido_cred_set_x509(c, junk, sizeof(x509)) == FIDO_OK);
# 2673|   	assert(fido_cred_set_sig(c, sig, sizeof(sig)) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def159]
libfido2-1.16.0/regress/cred.c:2672:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2655:1: enter_function: entry to ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2660:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2661:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2662:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2665:13: call_function: calling ‘alloc_cred’ from ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2665:13: return_function: returning to ‘junk_x509’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2666:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2668:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2668:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2669:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2669:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2670:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2670:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2671:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2671:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2672:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2672:9: throw: if ‘fido_cred_set_x509’ throws an exception...
libfido2-1.16.0/regress/cred.c:2672:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/107/codeFlows/0/threadFlows/0/locations/1)
# 2670|   	assert(fido_cred_set_rk(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2671|   	assert(fido_cred_set_uv(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2672|-> 	assert(fido_cred_set_x509(c, junk, sizeof(x509)) == FIDO_OK);
# 2673|   	assert(fido_cred_set_sig(c, sig, sizeof(sig)) == FIDO_OK);
# 2674|   	assert(fido_cred_set_fmt(c, "packed") == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def160]
libfido2-1.16.0/regress/cred.c:2673:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2655:1: enter_function: entry to ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2660:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2661:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2662:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2665:13: call_function: calling ‘alloc_cred’ from ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2665:13: return_function: returning to ‘junk_x509’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2666:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2668:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2668:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2669:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2669:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2670:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2670:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2671:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2671:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2672:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2672:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2673:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2673:9: throw: if ‘fido_cred_set_sig’ throws an exception...
libfido2-1.16.0/regress/cred.c:2673:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/108/codeFlows/0/threadFlows/0/locations/1)
# 2671|   	assert(fido_cred_set_uv(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2672|   	assert(fido_cred_set_x509(c, junk, sizeof(x509)) == FIDO_OK);
# 2673|-> 	assert(fido_cred_set_sig(c, sig, sizeof(sig)) == FIDO_OK);
# 2674|   	assert(fido_cred_set_fmt(c, "packed") == FIDO_OK);
# 2675|   	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_SIG);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def161]
libfido2-1.16.0/regress/cred.c:2674:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2655:1: enter_function: entry to ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2660:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2661:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2662:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2665:13: call_function: calling ‘alloc_cred’ from ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2665:13: return_function: returning to ‘junk_x509’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2666:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2668:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2668:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2669:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2669:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2670:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2670:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2671:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2671:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2672:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2672:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2673:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2673:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2674:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2674:9: throw: if ‘fido_cred_set_fmt’ throws an exception...
libfido2-1.16.0/regress/cred.c:2674:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/109/codeFlows/0/threadFlows/0/locations/1)
# 2672|   	assert(fido_cred_set_x509(c, junk, sizeof(x509)) == FIDO_OK);
# 2673|   	assert(fido_cred_set_sig(c, sig, sizeof(sig)) == FIDO_OK);
# 2674|-> 	assert(fido_cred_set_fmt(c, "packed") == FIDO_OK);
# 2675|   	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_SIG);
# 2676|   	assert(fido_cred_pubkey_len(c) == sizeof(pubkey));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def162]
libfido2-1.16.0/regress/cred.c:2675:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2655:1: enter_function: entry to ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2660:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2661:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2662:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2665:13: call_function: calling ‘alloc_cred’ from ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2665:13: return_function: returning to ‘junk_x509’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2666:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2668:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2668:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2669:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2669:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2670:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2670:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2671:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2671:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2672:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2672:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2673:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2673:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2674:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2674:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2675:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2675:9: throw: if ‘fido_cred_verify’ throws an exception...
libfido2-1.16.0/regress/cred.c:2675:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/110/codeFlows/0/threadFlows/0/locations/1)
# 2673|   	assert(fido_cred_set_sig(c, sig, sizeof(sig)) == FIDO_OK);
# 2674|   	assert(fido_cred_set_fmt(c, "packed") == FIDO_OK);
# 2675|-> 	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_SIG);
# 2676|   	assert(fido_cred_pubkey_len(c) == sizeof(pubkey));
# 2677|   	assert(memcmp(fido_cred_pubkey_ptr(c), pubkey, sizeof(pubkey)) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def163]
libfido2-1.16.0/regress/cred.c:2676:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2655:1: enter_function: entry to ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2660:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2661:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2662:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2665:13: call_function: calling ‘alloc_cred’ from ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2665:13: return_function: returning to ‘junk_x509’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2666:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2668:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2668:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2669:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2669:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2670:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2670:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2671:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2671:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2672:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2672:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2673:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2673:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2674:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2674:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2675:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2675:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2676:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2676:9: throw: if ‘fido_cred_pubkey_len’ throws an exception...
libfido2-1.16.0/regress/cred.c:2676:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/111/codeFlows/0/threadFlows/0/locations/1)
# 2674|   	assert(fido_cred_set_fmt(c, "packed") == FIDO_OK);
# 2675|   	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_SIG);
# 2676|-> 	assert(fido_cred_pubkey_len(c) == sizeof(pubkey));
# 2677|   	assert(memcmp(fido_cred_pubkey_ptr(c), pubkey, sizeof(pubkey)) == 0);
# 2678|   	assert(fido_cred_id_len(c) == sizeof(id));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def164]
libfido2-1.16.0/regress/cred.c:2677:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2655:1: enter_function: entry to ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2660:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2661:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2662:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2665:13: call_function: calling ‘alloc_cred’ from ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2665:13: return_function: returning to ‘junk_x509’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2666:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2668:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2668:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2669:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2669:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2670:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2670:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2671:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2671:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2672:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2672:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2673:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2673:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2674:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2674:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2675:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2675:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2676:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2676:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2677:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2677:9: throw: if ‘fido_cred_pubkey_ptr’ throws an exception...
libfido2-1.16.0/regress/cred.c:2677:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/112/codeFlows/0/threadFlows/0/locations/1)
# 2675|   	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_SIG);
# 2676|   	assert(fido_cred_pubkey_len(c) == sizeof(pubkey));
# 2677|-> 	assert(memcmp(fido_cred_pubkey_ptr(c), pubkey, sizeof(pubkey)) == 0);
# 2678|   	assert(fido_cred_id_len(c) == sizeof(id));
# 2679|   	assert(memcmp(fido_cred_id_ptr(c), id, sizeof(id)) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def165]
libfido2-1.16.0/regress/cred.c:2678:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2655:1: enter_function: entry to ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2660:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2661:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2662:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2665:13: call_function: calling ‘alloc_cred’ from ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2665:13: return_function: returning to ‘junk_x509’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2666:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2668:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2668:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2669:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2669:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2670:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2670:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2671:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2671:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2672:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2672:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2673:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2673:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2674:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2674:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2675:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2675:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2676:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2676:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2677:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2677:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2678:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2678:9: throw: if ‘fido_cred_id_len’ throws an exception...
libfido2-1.16.0/regress/cred.c:2678:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/113/codeFlows/0/threadFlows/0/locations/1)
# 2676|   	assert(fido_cred_pubkey_len(c) == sizeof(pubkey));
# 2677|   	assert(memcmp(fido_cred_pubkey_ptr(c), pubkey, sizeof(pubkey)) == 0);
# 2678|-> 	assert(fido_cred_id_len(c) == sizeof(id));
# 2679|   	assert(memcmp(fido_cred_id_ptr(c), id, sizeof(id)) == 0);
# 2680|   	assert(fido_cred_aaguid_len(c) == sizeof(aaguid));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def166]
libfido2-1.16.0/regress/cred.c:2679:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2655:1: enter_function: entry to ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2660:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2661:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2662:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2665:13: call_function: calling ‘alloc_cred’ from ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2665:13: return_function: returning to ‘junk_x509’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2666:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2668:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2668:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2669:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2669:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2670:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2670:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2671:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2671:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2672:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2672:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2673:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2673:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2674:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2674:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2675:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2675:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2676:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2676:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2677:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2677:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2678:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2678:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2679:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2679:9: throw: if ‘fido_cred_id_ptr’ throws an exception...
libfido2-1.16.0/regress/cred.c:2679:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/114/codeFlows/0/threadFlows/0/locations/1)
# 2677|   	assert(memcmp(fido_cred_pubkey_ptr(c), pubkey, sizeof(pubkey)) == 0);
# 2678|   	assert(fido_cred_id_len(c) == sizeof(id));
# 2679|-> 	assert(memcmp(fido_cred_id_ptr(c), id, sizeof(id)) == 0);
# 2680|   	assert(fido_cred_aaguid_len(c) == sizeof(aaguid));
# 2681|   	assert(memcmp(fido_cred_aaguid_ptr(c), aaguid, sizeof(aaguid)) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def167]
libfido2-1.16.0/regress/cred.c:2680:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2655:1: enter_function: entry to ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2660:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2661:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2662:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2665:13: call_function: calling ‘alloc_cred’ from ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2665:13: return_function: returning to ‘junk_x509’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2666:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2668:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2668:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2669:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2669:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2670:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2670:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2671:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2671:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2672:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2672:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2673:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2673:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2674:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2674:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2675:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2675:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2676:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2676:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2677:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2677:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2678:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2678:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2679:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2679:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2680:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2680:9: throw: if ‘fido_cred_aaguid_len’ throws an exception...
libfido2-1.16.0/regress/cred.c:2680:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/115/codeFlows/0/threadFlows/0/locations/1)
# 2678|   	assert(fido_cred_id_len(c) == sizeof(id));
# 2679|   	assert(memcmp(fido_cred_id_ptr(c), id, sizeof(id)) == 0);
# 2680|-> 	assert(fido_cred_aaguid_len(c) == sizeof(aaguid));
# 2681|   	assert(memcmp(fido_cred_aaguid_ptr(c), aaguid, sizeof(aaguid)) == 0);
# 2682|   	free_cred(c);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def168]
libfido2-1.16.0/regress/cred.c:2681:9: warning[-Wanalyzer-malloc-leak]: leak of ‘junk’
libfido2-1.16.0/regress/cred.c:2655:1: enter_function: entry to ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2660:16: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2661:9: branch_false: following ‘false’ branch (when ‘junk’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2662:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2665:13: call_function: calling ‘alloc_cred’ from ‘junk_x509’
libfido2-1.16.0/regress/cred.c:2665:13: return_function: returning to ‘junk_x509’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2666:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2667:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2668:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2668:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2669:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2669:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2670:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2670:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2671:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2671:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2672:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2672:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2673:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2673:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2674:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2674:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2675:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2675:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2676:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2676:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2677:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2677:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2678:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2678:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2679:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2679:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2680:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2680:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2681:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2681:9: throw: if ‘fido_cred_aaguid_ptr’ throws an exception...
libfido2-1.16.0/regress/cred.c:2681:9: danger: ‘junk’ leaks here; was allocated at [(2)](sarif:/runs/0/results/116/codeFlows/0/threadFlows/0/locations/1)
# 2679|   	assert(memcmp(fido_cred_id_ptr(c), id, sizeof(id)) == 0);
# 2680|   	assert(fido_cred_aaguid_len(c) == sizeof(aaguid));
# 2681|-> 	assert(memcmp(fido_cred_aaguid_ptr(c), aaguid, sizeof(aaguid)) == 0);
# 2682|   	free_cred(c);
# 2683|   	free(junk);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def169]
libfido2-1.16.0/regress/cred.c:2697:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2688:1: enter_function: entry to ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2693:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2694:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2696:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2696:13: call_function: calling ‘alloc_cred’ from ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2696:13: return_function: returning to ‘invalid_type’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2697:9: throw: if ‘fido_cred_set_type’ throws an exception...
libfido2-1.16.0/regress/cred.c:2697:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/117/codeFlows/0/threadFlows/0/locations/1)
# 2695|   
# 2696|   	c = alloc_cred();
# 2697|-> 	assert(fido_cred_set_type(c, COSE_RS256) == FIDO_OK);
# 2698|   	assert(fido_cred_set_clientdata_hash(c, cdh, sizeof(cdh)) == FIDO_OK);
# 2699|   	assert(fido_cred_set_rp(c, rp_id, rp_name) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def170]
libfido2-1.16.0/regress/cred.c:2698:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2688:1: enter_function: entry to ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2693:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2694:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2696:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2696:13: call_function: calling ‘alloc_cred’ from ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2696:13: return_function: returning to ‘invalid_type’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2697:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2698:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2698:9: throw: if ‘fido_cred_set_clientdata_hash’ throws an exception...
libfido2-1.16.0/regress/cred.c:2698:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/118/codeFlows/0/threadFlows/0/locations/1)
# 2696|   	c = alloc_cred();
# 2697|   	assert(fido_cred_set_type(c, COSE_RS256) == FIDO_OK);
# 2698|-> 	assert(fido_cred_set_clientdata_hash(c, cdh, sizeof(cdh)) == FIDO_OK);
# 2699|   	assert(fido_cred_set_rp(c, rp_id, rp_name) == FIDO_OK);
# 2700|   	assert(fido_cred_set_authdata(c, authdata, sizeof(authdata)) == FIDO_ERR_INVALID_ARGUMENT);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def171]
libfido2-1.16.0/regress/cred.c:2699:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2688:1: enter_function: entry to ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2693:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2694:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2696:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2696:13: call_function: calling ‘alloc_cred’ from ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2696:13: return_function: returning to ‘invalid_type’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2697:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2698:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2698:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2699:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2699:9: throw: if ‘fido_cred_set_rp’ throws an exception...
libfido2-1.16.0/regress/cred.c:2699:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/119/codeFlows/0/threadFlows/0/locations/1)
# 2697|   	assert(fido_cred_set_type(c, COSE_RS256) == FIDO_OK);
# 2698|   	assert(fido_cred_set_clientdata_hash(c, cdh, sizeof(cdh)) == FIDO_OK);
# 2699|-> 	assert(fido_cred_set_rp(c, rp_id, rp_name) == FIDO_OK);
# 2700|   	assert(fido_cred_set_authdata(c, authdata, sizeof(authdata)) == FIDO_ERR_INVALID_ARGUMENT);
# 2701|   	assert(fido_cred_set_rk(c, FIDO_OPT_FALSE) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def172]
libfido2-1.16.0/regress/cred.c:2700:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2688:1: enter_function: entry to ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2693:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2694:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2696:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2696:13: call_function: calling ‘alloc_cred’ from ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2696:13: return_function: returning to ‘invalid_type’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2697:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2698:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2698:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2699:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2699:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2700:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2700:9: throw: if ‘fido_cred_set_authdata’ throws an exception...
libfido2-1.16.0/regress/cred.c:2700:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/120/codeFlows/0/threadFlows/0/locations/1)
# 2698|   	assert(fido_cred_set_clientdata_hash(c, cdh, sizeof(cdh)) == FIDO_OK);
# 2699|   	assert(fido_cred_set_rp(c, rp_id, rp_name) == FIDO_OK);
# 2700|-> 	assert(fido_cred_set_authdata(c, authdata, sizeof(authdata)) == FIDO_ERR_INVALID_ARGUMENT);
# 2701|   	assert(fido_cred_set_rk(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2702|   	assert(fido_cred_set_uv(c, FIDO_OPT_FALSE) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def173]
libfido2-1.16.0/regress/cred.c:2701:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2688:1: enter_function: entry to ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2693:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2694:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2696:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2696:13: call_function: calling ‘alloc_cred’ from ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2696:13: return_function: returning to ‘invalid_type’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2697:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2698:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2698:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2699:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2699:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2700:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2700:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2701:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2701:9: throw: if ‘fido_cred_set_rk’ throws an exception...
libfido2-1.16.0/regress/cred.c:2701:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/121/codeFlows/0/threadFlows/0/locations/1)
# 2699|   	assert(fido_cred_set_rp(c, rp_id, rp_name) == FIDO_OK);
# 2700|   	assert(fido_cred_set_authdata(c, authdata, sizeof(authdata)) == FIDO_ERR_INVALID_ARGUMENT);
# 2701|-> 	assert(fido_cred_set_rk(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2702|   	assert(fido_cred_set_uv(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2703|   	assert(fido_cred_set_x509(c, x509, sizeof(x509)) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def174]
libfido2-1.16.0/regress/cred.c:2702:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2688:1: enter_function: entry to ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2693:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2694:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2696:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2696:13: call_function: calling ‘alloc_cred’ from ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2696:13: return_function: returning to ‘invalid_type’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2697:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2698:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2698:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2699:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2699:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2700:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2700:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2701:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2701:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2702:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2702:9: throw: if ‘fido_cred_set_uv’ throws an exception...
libfido2-1.16.0/regress/cred.c:2702:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/122/codeFlows/0/threadFlows/0/locations/1)
# 2700|   	assert(fido_cred_set_authdata(c, authdata, sizeof(authdata)) == FIDO_ERR_INVALID_ARGUMENT);
# 2701|   	assert(fido_cred_set_rk(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2702|-> 	assert(fido_cred_set_uv(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2703|   	assert(fido_cred_set_x509(c, x509, sizeof(x509)) == FIDO_OK);
# 2704|   	assert(fido_cred_set_sig(c, sig, sizeof(sig)) == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def175]
libfido2-1.16.0/regress/cred.c:2703:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2688:1: enter_function: entry to ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2693:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2694:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2696:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2696:13: call_function: calling ‘alloc_cred’ from ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2696:13: return_function: returning to ‘invalid_type’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2697:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2698:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2698:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2699:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2699:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2700:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2700:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2701:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2701:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2702:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2702:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2703:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2703:9: throw: if ‘fido_cred_set_x509’ throws an exception...
libfido2-1.16.0/regress/cred.c:2703:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/123/codeFlows/0/threadFlows/0/locations/1)
# 2701|   	assert(fido_cred_set_rk(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2702|   	assert(fido_cred_set_uv(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2703|-> 	assert(fido_cred_set_x509(c, x509, sizeof(x509)) == FIDO_OK);
# 2704|   	assert(fido_cred_set_sig(c, sig, sizeof(sig)) == FIDO_OK);
# 2705|   	assert(fido_cred_set_fmt(c, "packed") == FIDO_OK);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def176]
libfido2-1.16.0/regress/cred.c:2704:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2688:1: enter_function: entry to ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2693:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2694:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2696:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2696:13: call_function: calling ‘alloc_cred’ from ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2696:13: return_function: returning to ‘invalid_type’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2697:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2698:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2698:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2699:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2699:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2700:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2700:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2701:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2701:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2702:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2702:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2703:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2703:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2704:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2704:9: throw: if ‘fido_cred_set_sig’ throws an exception...
libfido2-1.16.0/regress/cred.c:2704:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/124/codeFlows/0/threadFlows/0/locations/1)
# 2702|   	assert(fido_cred_set_uv(c, FIDO_OPT_FALSE) == FIDO_OK);
# 2703|   	assert(fido_cred_set_x509(c, x509, sizeof(x509)) == FIDO_OK);
# 2704|-> 	assert(fido_cred_set_sig(c, sig, sizeof(sig)) == FIDO_OK);
# 2705|   	assert(fido_cred_set_fmt(c, "packed") == FIDO_OK);
# 2706|   	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_ARGUMENT);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def177]
libfido2-1.16.0/regress/cred.c:2705:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2688:1: enter_function: entry to ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2693:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2694:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2696:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2696:13: call_function: calling ‘alloc_cred’ from ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2696:13: return_function: returning to ‘invalid_type’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2697:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2698:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2698:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2699:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2699:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2700:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2700:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2701:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2701:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2702:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2702:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2703:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2703:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2704:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2704:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2705:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2705:9: throw: if ‘fido_cred_set_fmt’ throws an exception...
libfido2-1.16.0/regress/cred.c:2705:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/125/codeFlows/0/threadFlows/0/locations/1)
# 2703|   	assert(fido_cred_set_x509(c, x509, sizeof(x509)) == FIDO_OK);
# 2704|   	assert(fido_cred_set_sig(c, sig, sizeof(sig)) == FIDO_OK);
# 2705|-> 	assert(fido_cred_set_fmt(c, "packed") == FIDO_OK);
# 2706|   	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_ARGUMENT);
# 2707|   	assert(fido_cred_pubkey_len(c) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def178]
libfido2-1.16.0/regress/cred.c:2706:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2688:1: enter_function: entry to ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2693:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2694:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2696:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2696:13: call_function: calling ‘alloc_cred’ from ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2696:13: return_function: returning to ‘invalid_type’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2697:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2698:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2698:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2699:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2699:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2700:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2700:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2701:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2701:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2702:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2702:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2703:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2703:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2704:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2704:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2705:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2705:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2706:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2706:9: throw: if ‘fido_cred_verify’ throws an exception...
libfido2-1.16.0/regress/cred.c:2706:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/126/codeFlows/0/threadFlows/0/locations/1)
# 2704|   	assert(fido_cred_set_sig(c, sig, sizeof(sig)) == FIDO_OK);
# 2705|   	assert(fido_cred_set_fmt(c, "packed") == FIDO_OK);
# 2706|-> 	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_ARGUMENT);
# 2707|   	assert(fido_cred_pubkey_len(c) == 0);
# 2708|   	assert(fido_cred_pubkey_ptr(c) == NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def179]
libfido2-1.16.0/regress/cred.c:2707:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2688:1: enter_function: entry to ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2693:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2694:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2696:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2696:13: call_function: calling ‘alloc_cred’ from ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2696:13: return_function: returning to ‘invalid_type’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2697:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2698:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2698:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2699:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2699:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2700:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2700:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2701:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2701:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2702:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2702:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2703:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2703:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2704:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2704:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2705:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2705:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2706:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2706:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2707:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2707:9: throw: if ‘fido_cred_pubkey_len’ throws an exception...
libfido2-1.16.0/regress/cred.c:2707:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/127/codeFlows/0/threadFlows/0/locations/1)
# 2705|   	assert(fido_cred_set_fmt(c, "packed") == FIDO_OK);
# 2706|   	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_ARGUMENT);
# 2707|-> 	assert(fido_cred_pubkey_len(c) == 0);
# 2708|   	assert(fido_cred_pubkey_ptr(c) == NULL);
# 2709|   	assert(fido_cred_id_len(c) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def180]
libfido2-1.16.0/regress/cred.c:2708:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2688:1: enter_function: entry to ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2693:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2694:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2696:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2696:13: call_function: calling ‘alloc_cred’ from ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2696:13: return_function: returning to ‘invalid_type’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2697:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2698:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2698:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2699:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2699:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2700:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2700:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2701:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2701:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2702:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2702:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2703:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2703:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2704:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2704:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2705:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2705:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2706:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2706:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2707:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2707:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2708:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2708:9: throw: if ‘fido_cred_pubkey_ptr’ throws an exception...
libfido2-1.16.0/regress/cred.c:2708:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/128/codeFlows/0/threadFlows/0/locations/1)
# 2706|   	assert(fido_cred_verify(c) == FIDO_ERR_INVALID_ARGUMENT);
# 2707|   	assert(fido_cred_pubkey_len(c) == 0);
# 2708|-> 	assert(fido_cred_pubkey_ptr(c) == NULL);
# 2709|   	assert(fido_cred_id_len(c) == 0);
# 2710|   	assert(fido_cred_id_ptr(c) == NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def181]
libfido2-1.16.0/regress/cred.c:2709:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2688:1: enter_function: entry to ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2693:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2694:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2696:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2696:13: call_function: calling ‘alloc_cred’ from ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2696:13: return_function: returning to ‘invalid_type’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2697:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2698:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2698:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2699:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2699:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2700:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2700:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2701:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2701:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2702:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2702:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2703:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2703:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2704:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2704:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2705:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2705:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2706:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2706:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2707:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2707:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2708:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2708:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2709:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2709:9: throw: if ‘fido_cred_id_len’ throws an exception...
libfido2-1.16.0/regress/cred.c:2709:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/129/codeFlows/0/threadFlows/0/locations/1)
# 2707|   	assert(fido_cred_pubkey_len(c) == 0);
# 2708|   	assert(fido_cred_pubkey_ptr(c) == NULL);
# 2709|-> 	assert(fido_cred_id_len(c) == 0);
# 2710|   	assert(fido_cred_id_ptr(c) == NULL);
# 2711|   	assert(fido_cred_aaguid_len(c) == sizeof(aaguid));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def182]
libfido2-1.16.0/regress/cred.c:2710:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2688:1: enter_function: entry to ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2693:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2694:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2696:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2696:13: call_function: calling ‘alloc_cred’ from ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2696:13: return_function: returning to ‘invalid_type’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2697:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2698:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2698:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2699:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2699:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2700:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2700:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2701:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2701:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2702:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2702:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2703:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2703:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2704:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2704:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2705:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2705:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2706:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2706:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2707:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2707:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2708:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2708:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2709:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2709:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2710:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2710:9: throw: if ‘fido_cred_id_ptr’ throws an exception...
libfido2-1.16.0/regress/cred.c:2710:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/130/codeFlows/0/threadFlows/0/locations/1)
# 2708|   	assert(fido_cred_pubkey_ptr(c) == NULL);
# 2709|   	assert(fido_cred_id_len(c) == 0);
# 2710|-> 	assert(fido_cred_id_ptr(c) == NULL);
# 2711|   	assert(fido_cred_aaguid_len(c) == sizeof(aaguid));
# 2712|   	assert(memcmp(fido_cred_aaguid_ptr(c), unset, sizeof(aaguid)) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def183]
libfido2-1.16.0/regress/cred.c:2711:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2688:1: enter_function: entry to ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2693:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2694:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2696:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2696:13: call_function: calling ‘alloc_cred’ from ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2696:13: return_function: returning to ‘invalid_type’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2697:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2698:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2698:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2699:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2699:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2700:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2700:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2701:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2701:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2702:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2702:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2703:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2703:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2704:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2704:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2705:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2705:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2706:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2706:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2707:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2707:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2708:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2708:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2709:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2709:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2710:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2710:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2711:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2711:9: throw: if ‘fido_cred_aaguid_len’ throws an exception...
libfido2-1.16.0/regress/cred.c:2711:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/131/codeFlows/0/threadFlows/0/locations/1)
# 2709|   	assert(fido_cred_id_len(c) == 0);
# 2710|   	assert(fido_cred_id_ptr(c) == NULL);
# 2711|-> 	assert(fido_cred_aaguid_len(c) == sizeof(aaguid));
# 2712|   	assert(memcmp(fido_cred_aaguid_ptr(c), unset, sizeof(aaguid)) == 0);
# 2713|   	free_cred(c);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def184]
libfido2-1.16.0/regress/cred.c:2712:9: warning[-Wanalyzer-malloc-leak]: leak of ‘unset’
libfido2-1.16.0/regress/cred.c:2688:1: enter_function: entry to ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2693:17: acquire_memory: allocated here
libfido2-1.16.0/regress/cred.c:2694:9: branch_false: following ‘false’ branch (when ‘unset’ is non-NULL)...
libfido2-1.16.0/regress/cred.c:2696:13: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2696:13: call_function: calling ‘alloc_cred’ from ‘invalid_type’
libfido2-1.16.0/regress/cred.c:2696:13: return_function: returning to ‘invalid_type’ from ‘alloc_cred’
libfido2-1.16.0/regress/cred.c:2697:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2698:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2698:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2699:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2699:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2700:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2700:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2701:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2701:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2702:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2702:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2703:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2703:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2704:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2704:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2705:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2705:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2706:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2706:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2707:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2707:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2708:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2708:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2709:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2709:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2710:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2710:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2711:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2711:9: branch_false: following ‘false’ branch...
libfido2-1.16.0/regress/cred.c:2712:9: branch_false: ...to here
libfido2-1.16.0/regress/cred.c:2712:9: throw: if ‘fido_cred_aaguid_ptr’ throws an exception...
libfido2-1.16.0/regress/cred.c:2712:9: danger: ‘unset’ leaks here; was allocated at [(2)](sarif:/runs/0/results/132/codeFlows/0/threadFlows/0/locations/1)
# 2710|   	assert(fido_cred_id_ptr(c) == NULL);
# 2711|   	assert(fido_cred_aaguid_len(c) == sizeof(aaguid));
# 2712|-> 	assert(memcmp(fido_cred_aaguid_ptr(c), unset, sizeof(aaguid)) == 0);
# 2713|   	free_cred(c);
# 2714|   	free(unset);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def185]
libfido2-1.16.0/src/aes256.c:33:20: warning[-Wanalyzer-malloc-leak]: leak of ‘cout.ptr’
libfido2-1.16.0/src/aes256.c:66:1: enter_function: entry to ‘aes256_cbc_fips’
libfido2-1.16.0/src/aes256.c:74:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/aes256.c:79:13: branch_false: ...to here
libfido2-1.16.0/src/aes256.c:79:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/aes256.c:83:12: branch_false: ...to here
libfido2-1.16.0/src/aes256.c:83:12: branch_true: following ‘true’ branch (when ‘encrypt != 0’)...
libfido2-1.16.0/src/aes256.c:84:21: branch_true: ...to here
libfido2-1.16.0/src/aes256.c:84:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/aes256.c:88:17: branch_false: ...to here
libfido2-1.16.0/src/aes256.c:96:13: call_function: calling ‘aes256_cbc’ from ‘aes256_cbc_fips’
#   31|   		goto fail;
#   32|   	}
#   33|-> 	if ((ctx = EVP_CIPHER_CTX_new()) == NULL ||
#   34|   	    (cipher = EVP_aes_256_cbc()) == NULL) {
#   35|   		fido_log_debug("%s: EVP_CIPHER_CTX_new", __func__);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def186]
libfido2-1.16.0/src/aes256.c:34:23: warning[-Wanalyzer-malloc-leak]: leak of ‘cout.ptr’
libfido2-1.16.0/src/aes256.c:66:1: enter_function: entry to ‘aes256_cbc_fips’
libfido2-1.16.0/src/aes256.c:74:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/aes256.c:79:13: branch_false: ...to here
libfido2-1.16.0/src/aes256.c:79:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/aes256.c:83:12: branch_false: ...to here
libfido2-1.16.0/src/aes256.c:83:12: branch_true: following ‘true’ branch (when ‘encrypt != 0’)...
libfido2-1.16.0/src/aes256.c:84:21: branch_true: ...to here
libfido2-1.16.0/src/aes256.c:84:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/aes256.c:88:17: branch_false: ...to here
libfido2-1.16.0/src/aes256.c:96:13: call_function: calling ‘aes256_cbc’ from ‘aes256_cbc_fips’
#   32|   	}
#   33|   	if ((ctx = EVP_CIPHER_CTX_new()) == NULL ||
#   34|-> 	    (cipher = EVP_aes_256_cbc()) == NULL) {
#   35|   		fido_log_debug("%s: EVP_CIPHER_CTX_new", __func__);
#   36|   		goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def187]
libfido2-1.16.0/src/aes256.c:35:17: warning[-Wanalyzer-malloc-leak]: leak of ‘cout.ptr’
libfido2-1.16.0/src/aes256.c:66:1: enter_function: entry to ‘aes256_cbc_fips’
libfido2-1.16.0/src/aes256.c:74:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/aes256.c:79:13: branch_false: ...to here
libfido2-1.16.0/src/aes256.c:79:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/aes256.c:83:12: branch_false: ...to here
libfido2-1.16.0/src/aes256.c:83:12: branch_true: following ‘true’ branch (when ‘encrypt != 0’)...
libfido2-1.16.0/src/aes256.c:84:21: branch_true: ...to here
libfido2-1.16.0/src/aes256.c:84:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/aes256.c:88:17: branch_false: ...to here
libfido2-1.16.0/src/aes256.c:96:13: call_function: calling ‘aes256_cbc’ from ‘aes256_cbc_fips’
#   33|   	if ((ctx = EVP_CIPHER_CTX_new()) == NULL ||
#   34|   	    (cipher = EVP_aes_256_cbc()) == NULL) {
#   35|-> 		fido_log_debug("%s: EVP_CIPHER_CTX_new", __func__);
#   36|   		goto fail;
#   37|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def188]
libfido2-1.16.0/src/aes256.c:38:13: warning[-Wanalyzer-malloc-leak]: leak of ‘cout.ptr’
libfido2-1.16.0/src/aes256.c:66:1: enter_function: entry to ‘aes256_cbc_fips’
libfido2-1.16.0/src/aes256.c:74:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/aes256.c:79:13: branch_false: ...to here
libfido2-1.16.0/src/aes256.c:79:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/aes256.c:83:12: branch_false: ...to here
libfido2-1.16.0/src/aes256.c:83:12: branch_true: following ‘true’ branch (when ‘encrypt != 0’)...
libfido2-1.16.0/src/aes256.c:84:21: branch_true: ...to here
libfido2-1.16.0/src/aes256.c:84:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/aes256.c:88:17: branch_false: ...to here
libfido2-1.16.0/src/aes256.c:96:13: call_function: calling ‘aes256_cbc’ from ‘aes256_cbc_fips’
#   36|   		goto fail;
#   37|   	}
#   38|-> 	if (EVP_CipherInit(ctx, cipher, key->ptr, iv, encrypt) == 0 ||
#   39|   	    EVP_Cipher(ctx, out->ptr, in->ptr, (u_int)out->len) < 0) {
#   40|   		fido_log_debug("%s: EVP_Cipher", __func__);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def189]
libfido2-1.16.0/src/aes256.c:39:13: warning[-Wanalyzer-malloc-leak]: leak of ‘cout.ptr’
libfido2-1.16.0/src/aes256.c:66:1: enter_function: entry to ‘aes256_cbc_fips’
libfido2-1.16.0/src/aes256.c:74:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/aes256.c:79:13: branch_false: ...to here
libfido2-1.16.0/src/aes256.c:79:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/aes256.c:83:12: branch_false: ...to here
libfido2-1.16.0/src/aes256.c:83:12: branch_true: following ‘true’ branch (when ‘encrypt != 0’)...
libfido2-1.16.0/src/aes256.c:84:21: branch_true: ...to here
libfido2-1.16.0/src/aes256.c:84:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/aes256.c:88:17: branch_false: ...to here
libfido2-1.16.0/src/aes256.c:96:13: call_function: calling ‘aes256_cbc’ from ‘aes256_cbc_fips’
#   37|   	}
#   38|   	if (EVP_CipherInit(ctx, cipher, key->ptr, iv, encrypt) == 0 ||
#   39|-> 	    EVP_Cipher(ctx, out->ptr, in->ptr, (u_int)out->len) < 0) {
#   40|   		fido_log_debug("%s: EVP_Cipher", __func__);
#   41|   		goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def190]
libfido2-1.16.0/src/assert.c:240:23: warning[-Wanalyzer-malloc-leak]: leak of ‘msg’
libfido2-1.16.0/src/assert.c:235:20: acquire_memory: allocated here
libfido2-1.16.0/src/assert.c:235:12: branch_false: following ‘false’ branch (when ‘msg’ is non-NULL)...
libfido2-1.16.0/src/assert.c:240:23: branch_false: ...to here
libfido2-1.16.0/src/assert.c:240:23: throw: if ‘fido_rx’ throws an exception...
libfido2-1.16.0/src/assert.c:240:23: danger: ‘msg’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  238|   	}
#  239|   
#  240|-> 	if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) {
#  241|   		fido_log_debug("%s: fido_rx", __func__);
#  242|   		r = FIDO_ERR_RX;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def191]
libfido2-1.16.0/src/authkey.c:78:23: warning[-Wanalyzer-malloc-leak]: leak of ‘msg’
libfido2-1.16.0/src/authkey.c:73:20: acquire_memory: allocated here
libfido2-1.16.0/src/authkey.c:73:12: branch_false: following ‘false’ branch (when ‘msg’ is non-NULL)...
libfido2-1.16.0/src/authkey.c:78:23: branch_false: ...to here
libfido2-1.16.0/src/authkey.c:78:23: throw: if ‘fido_rx’ throws an exception...
libfido2-1.16.0/src/authkey.c:78:23: danger: ‘msg’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#   76|   	}
#   77|   
#   78|-> 	if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) {
#   79|   		fido_log_debug("%s: fido_rx", __func__);
#   80|   		r = FIDO_ERR_RX;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def192]
libfido2-1.16.0/src/bio.c:103:26: warning[-Wanalyzer-malloc-leak]: leak of ‘hmac.ptr’
libfido2-1.16.0/src/bio.c:70:1: enter_function: entry to ‘bio_tx’
libfido2-1.16.0/src/bio.c:86:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:87:24: branch_false: ...to here
libfido2-1.16.0/src/bio.c:86:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:93:13: branch_false: ...to here
libfido2-1.16.0/src/bio.c:93:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/bio.c:94:21: branch_true: ...to here
libfido2-1.16.0/src/bio.c:94:21: call_function: calling ‘bio_prepare_hmac’ from ‘bio_tx’
libfido2-1.16.0/src/bio.c:94:21: return_function: returning to ‘bio_tx’ from ‘bio_prepare_hmac’
libfido2-1.16.0/src/bio.c:94:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:102:12: branch_false: ...to here
libfido2-1.16.0/src/bio.c:102:12: branch_true: following ‘true’ branch (when ‘pin’ is non-NULL)...
libfido2-1.16.0/src/bio.c:103:26: branch_true: ...to here
libfido2-1.16.0/src/bio.c:103:26: throw: if ‘fido_do_ecdh’ throws an exception...
libfido2-1.16.0/src/bio.c:103:26: danger: ‘hmac.ptr’ leaks here; was allocated at [(18)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/17)
#  101|   	/* pinProtocol, pinAuth */
#  102|   	if (pin) {
#  103|-> 		if ((r = fido_do_ecdh(dev, &pk, &ecdh, ms)) != FIDO_OK) {
#  104|   			fido_log_debug("%s: fido_do_ecdh", __func__);
#  105|   			goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def193]
libfido2-1.16.0/src/bio.c:104:25: warning[-Wanalyzer-malloc-leak]: leak of ‘hmac.ptr’
libfido2-1.16.0/src/bio.c:70:1: enter_function: entry to ‘bio_tx’
libfido2-1.16.0/src/bio.c:86:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:87:24: branch_false: ...to here
libfido2-1.16.0/src/bio.c:86:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:93:13: branch_false: ...to here
libfido2-1.16.0/src/bio.c:93:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/bio.c:94:21: branch_true: ...to here
libfido2-1.16.0/src/bio.c:94:21: call_function: calling ‘bio_prepare_hmac’ from ‘bio_tx’
libfido2-1.16.0/src/bio.c:94:21: return_function: returning to ‘bio_tx’ from ‘bio_prepare_hmac’
libfido2-1.16.0/src/bio.c:94:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:102:12: branch_false: ...to here
libfido2-1.16.0/src/bio.c:102:12: branch_true: following ‘true’ branch (when ‘pin’ is non-NULL)...
libfido2-1.16.0/src/bio.c:103:26: branch_true: ...to here
libfido2-1.16.0/src/bio.c:103:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/bio.c:104:25: branch_true: ...to here
libfido2-1.16.0/src/bio.c:104:25: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/bio.c:104:25: danger: ‘hmac.ptr’ leaks here; was allocated at [(18)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/17)
#  102|   	if (pin) {
#  103|   		if ((r = fido_do_ecdh(dev, &pk, &ecdh, ms)) != FIDO_OK) {
#  104|-> 			fido_log_debug("%s: fido_do_ecdh", __func__);
#  105|   			goto fail;
#  106|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def194]
libfido2-1.16.0/src/bio.c:107:26: warning[-Wanalyzer-malloc-leak]: leak of ‘hmac.ptr’
libfido2-1.16.0/src/bio.c:70:1: enter_function: entry to ‘bio_tx’
libfido2-1.16.0/src/bio.c:86:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:87:24: branch_false: ...to here
libfido2-1.16.0/src/bio.c:86:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:93:13: branch_false: ...to here
libfido2-1.16.0/src/bio.c:93:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/bio.c:94:21: branch_true: ...to here
libfido2-1.16.0/src/bio.c:94:21: call_function: calling ‘bio_prepare_hmac’ from ‘bio_tx’
libfido2-1.16.0/src/bio.c:94:21: return_function: returning to ‘bio_tx’ from ‘bio_prepare_hmac’
libfido2-1.16.0/src/bio.c:94:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:102:12: branch_false: ...to here
libfido2-1.16.0/src/bio.c:102:12: branch_true: following ‘true’ branch (when ‘pin’ is non-NULL)...
libfido2-1.16.0/src/bio.c:103:26: branch_true: ...to here
libfido2-1.16.0/src/bio.c:103:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:107:26: branch_false: ...to here
libfido2-1.16.0/src/bio.c:107:26: throw: if ‘cbor_add_uv_params’ throws an exception...
libfido2-1.16.0/src/bio.c:107:26: danger: ‘hmac.ptr’ leaks here; was allocated at [(18)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/17)
#  105|   			goto fail;
#  106|   		}
#  107|-> 		if ((r = cbor_add_uv_params(dev, cmd, &hmac, pk, ecdh, pin,
#  108|   		    NULL, &argv[4], &argv[3], ms)) != FIDO_OK) {
#  109|   			fido_log_debug("%s: cbor_add_uv_params", __func__);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def195]
libfido2-1.16.0/src/bio.c:113:32: warning[-Wanalyzer-malloc-leak]: leak of ‘hmac.ptr’
libfido2-1.16.0/src/bio.c:70:1: enter_function: entry to ‘bio_tx’
libfido2-1.16.0/src/bio.c:86:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:87:24: branch_false: ...to here
libfido2-1.16.0/src/bio.c:86:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:93:13: branch_false: ...to here
libfido2-1.16.0/src/bio.c:93:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/bio.c:94:21: branch_true: ...to here
libfido2-1.16.0/src/bio.c:94:21: call_function: calling ‘bio_prepare_hmac’ from ‘bio_tx’
libfido2-1.16.0/src/bio.c:94:21: return_function: returning to ‘bio_tx’ from ‘bio_prepare_hmac’
libfido2-1.16.0/src/bio.c:94:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:102:12: branch_false: ...to here
libfido2-1.16.0/src/bio.c:102:12: branch_false: following ‘false’ branch (when ‘pin’ is NULL)...
libfido2-1.16.0/src/bio.c:112:19: branch_false: ...to here
libfido2-1.16.0/src/bio.c:112:19: branch_true: following ‘true’ branch (when ‘token’ is non-NULL)...
libfido2-1.16.0/src/bio.c:113:32: branch_true: ...to here
libfido2-1.16.0/src/bio.c:113:32: throw: if ‘cbor_encode_pin_opt’ throws an exception...
libfido2-1.16.0/src/bio.c:113:32: danger: ‘hmac.ptr’ leaks here; was allocated at [(18)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/17)
#  111|   		}
#  112|   	} else if (token) {
#  113|-> 		if ((argv[3] = cbor_encode_pin_opt(dev)) == NULL ||
#  114|   		    (argv[4] = cbor_encode_pin_auth(dev, token, &hmac)) == NULL) {
#  115|   			fido_log_debug("%s: encode pin", __func__);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def196]
libfido2-1.16.0/src/bio.c:114:32: warning[-Wanalyzer-malloc-leak]: leak of ‘hmac.ptr’
libfido2-1.16.0/src/bio.c:70:1: enter_function: entry to ‘bio_tx’
libfido2-1.16.0/src/bio.c:86:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:87:24: branch_false: ...to here
libfido2-1.16.0/src/bio.c:86:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:93:13: branch_false: ...to here
libfido2-1.16.0/src/bio.c:93:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/bio.c:94:21: branch_true: ...to here
libfido2-1.16.0/src/bio.c:94:21: call_function: calling ‘bio_prepare_hmac’ from ‘bio_tx’
libfido2-1.16.0/src/bio.c:94:21: return_function: returning to ‘bio_tx’ from ‘bio_prepare_hmac’
libfido2-1.16.0/src/bio.c:94:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:102:12: branch_false: ...to here
libfido2-1.16.0/src/bio.c:102:12: branch_false: following ‘false’ branch (when ‘pin’ is NULL)...
libfido2-1.16.0/src/bio.c:112:19: branch_false: ...to here
libfido2-1.16.0/src/bio.c:112:19: branch_true: following ‘true’ branch (when ‘token’ is non-NULL)...
libfido2-1.16.0/src/bio.c:113:32: branch_true: ...to here
libfido2-1.16.0/src/bio.c:113:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:114:32: branch_false: ...to here
libfido2-1.16.0/src/bio.c:114:32: throw: if ‘cbor_encode_pin_auth’ throws an exception...
libfido2-1.16.0/src/bio.c:114:32: danger: ‘hmac.ptr’ leaks here; was allocated at [(18)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/17)
#  112|   	} else if (token) {
#  113|   		if ((argv[3] = cbor_encode_pin_opt(dev)) == NULL ||
#  114|-> 		    (argv[4] = cbor_encode_pin_auth(dev, token, &hmac)) == NULL) {
#  115|   			fido_log_debug("%s: encode pin", __func__);
#  116|   			goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def197]
libfido2-1.16.0/src/bio.c:115:25: warning[-Wanalyzer-malloc-leak]: leak of ‘hmac.ptr’
libfido2-1.16.0/src/bio.c:70:1: enter_function: entry to ‘bio_tx’
libfido2-1.16.0/src/bio.c:86:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:87:24: branch_false: ...to here
libfido2-1.16.0/src/bio.c:86:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:93:13: branch_false: ...to here
libfido2-1.16.0/src/bio.c:93:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/bio.c:94:21: branch_true: ...to here
libfido2-1.16.0/src/bio.c:94:21: call_function: calling ‘bio_prepare_hmac’ from ‘bio_tx’
libfido2-1.16.0/src/bio.c:94:21: return_function: returning to ‘bio_tx’ from ‘bio_prepare_hmac’
libfido2-1.16.0/src/bio.c:94:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:102:12: branch_false: ...to here
libfido2-1.16.0/src/bio.c:102:12: branch_false: following ‘false’ branch (when ‘pin’ is NULL)...
libfido2-1.16.0/src/bio.c:112:19: branch_false: ...to here
libfido2-1.16.0/src/bio.c:112:19: branch_true: following ‘true’ branch (when ‘token’ is non-NULL)...
libfido2-1.16.0/src/bio.c:113:32: branch_true: ...to here
libfido2-1.16.0/src/bio.c:113:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/bio.c:115:25: branch_true: ...to here
libfido2-1.16.0/src/bio.c:115:25: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/bio.c:115:25: danger: ‘hmac.ptr’ leaks here; was allocated at [(18)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/17)
#  113|   		if ((argv[3] = cbor_encode_pin_opt(dev)) == NULL ||
#  114|   		    (argv[4] = cbor_encode_pin_auth(dev, token, &hmac)) == NULL) {
#  115|-> 			fido_log_debug("%s: encode pin", __func__);
#  116|   			goto fail;
#  117|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def198]
libfido2-1.16.0/src/bio.c:121:13: warning[-Wanalyzer-malloc-leak]: leak of ‘hmac.ptr’
libfido2-1.16.0/src/bio.c:70:1: enter_function: entry to ‘bio_tx’
libfido2-1.16.0/src/bio.c:86:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:87:24: branch_false: ...to here
libfido2-1.16.0/src/bio.c:86:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:93:13: branch_false: ...to here
libfido2-1.16.0/src/bio.c:93:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/bio.c:94:21: branch_true: ...to here
libfido2-1.16.0/src/bio.c:94:21: call_function: calling ‘bio_prepare_hmac’ from ‘bio_tx’
libfido2-1.16.0/src/bio.c:94:21: return_function: returning to ‘bio_tx’ from ‘bio_prepare_hmac’
libfido2-1.16.0/src/bio.c:94:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:102:12: branch_false: ...to here
libfido2-1.16.0/src/bio.c:102:12: branch_false: following ‘false’ branch (when ‘pin’ is NULL)...
libfido2-1.16.0/src/bio.c:112:19: branch_false: ...to here
libfido2-1.16.0/src/bio.c:112:19: branch_false: following ‘false’ branch (when ‘token’ is NULL)...
libfido2-1.16.0/src/bio.c:121:13: branch_false: ...to here
libfido2-1.16.0/src/bio.c:121:13: throw: if ‘cbor_build_frame’ throws an exception...
libfido2-1.16.0/src/bio.c:121:13: danger: ‘hmac.ptr’ leaks here; was allocated at [(18)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/17)
#  119|   
#  120|   	/* framing and transmission */
#  121|-> 	if (cbor_build_frame(cmd, argv, nitems(argv), &f) < 0 ||
#  122|   	    fido_tx(dev, CTAP_CMD_CBOR, f.ptr, f.len, ms) < 0) {
#  123|   		fido_log_debug("%s: fido_tx", __func__);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def199]
libfido2-1.16.0/src/bio.c:122:13: warning[-Wanalyzer-malloc-leak]: leak of ‘hmac.ptr’
libfido2-1.16.0/src/bio.c:70:1: enter_function: entry to ‘bio_tx’
libfido2-1.16.0/src/bio.c:86:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:87:24: branch_false: ...to here
libfido2-1.16.0/src/bio.c:86:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:93:13: branch_false: ...to here
libfido2-1.16.0/src/bio.c:93:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/bio.c:94:21: branch_true: ...to here
libfido2-1.16.0/src/bio.c:94:21: call_function: calling ‘bio_prepare_hmac’ from ‘bio_tx’
libfido2-1.16.0/src/bio.c:94:21: return_function: returning to ‘bio_tx’ from ‘bio_prepare_hmac’
libfido2-1.16.0/src/bio.c:94:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:102:12: branch_false: ...to here
libfido2-1.16.0/src/bio.c:102:12: branch_false: following ‘false’ branch (when ‘pin’ is NULL)...
libfido2-1.16.0/src/bio.c:112:19: branch_false: ...to here
libfido2-1.16.0/src/bio.c:112:19: branch_false: following ‘false’ branch (when ‘token’ is NULL)...
libfido2-1.16.0/src/bio.c:121:13: branch_false: ...to here
libfido2-1.16.0/src/bio.c:121:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:122:13: branch_false: ...to here
libfido2-1.16.0/src/bio.c:122:13: throw: if ‘fido_tx’ throws an exception...
libfido2-1.16.0/src/bio.c:122:13: danger: ‘hmac.ptr’ leaks here; was allocated at [(18)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/17)
#  120|   	/* framing and transmission */
#  121|   	if (cbor_build_frame(cmd, argv, nitems(argv), &f) < 0 ||
#  122|-> 	    fido_tx(dev, CTAP_CMD_CBOR, f.ptr, f.len, ms) < 0) {
#  123|   		fido_log_debug("%s: fido_tx", __func__);
#  124|   		r = FIDO_ERR_TX;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def200]
libfido2-1.16.0/src/bio.c:123:17: warning[-Wanalyzer-malloc-leak]: leak of ‘hmac.ptr’
libfido2-1.16.0/src/bio.c:70:1: enter_function: entry to ‘bio_tx’
libfido2-1.16.0/src/bio.c:86:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:87:24: branch_false: ...to here
libfido2-1.16.0/src/bio.c:86:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:93:13: branch_false: ...to here
libfido2-1.16.0/src/bio.c:93:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/bio.c:94:21: branch_true: ...to here
libfido2-1.16.0/src/bio.c:94:21: call_function: calling ‘bio_prepare_hmac’ from ‘bio_tx’
libfido2-1.16.0/src/bio.c:94:21: return_function: returning to ‘bio_tx’ from ‘bio_prepare_hmac’
libfido2-1.16.0/src/bio.c:94:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:102:12: branch_false: ...to here
libfido2-1.16.0/src/bio.c:102:12: branch_false: following ‘false’ branch (when ‘pin’ is NULL)...
libfido2-1.16.0/src/bio.c:112:19: branch_false: ...to here
libfido2-1.16.0/src/bio.c:112:19: branch_false: following ‘false’ branch (when ‘token’ is NULL)...
libfido2-1.16.0/src/bio.c:121:13: branch_false: ...to here
libfido2-1.16.0/src/bio.c:123:17: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/bio.c:123:17: danger: ‘hmac.ptr’ leaks here; was allocated at [(18)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/17)
#  121|   	if (cbor_build_frame(cmd, argv, nitems(argv), &f) < 0 ||
#  122|   	    fido_tx(dev, CTAP_CMD_CBOR, f.ptr, f.len, ms) < 0) {
#  123|-> 		fido_log_debug("%s: fido_tx", __func__);
#  124|   		r = FIDO_ERR_TX;
#  125|   		goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def201]
libfido2-1.16.0/src/bio.c:130:9: warning[-Wanalyzer-malloc-leak]: leak of ‘hmac.ptr’
libfido2-1.16.0/src/bio.c:70:1: enter_function: entry to ‘bio_tx’
libfido2-1.16.0/src/bio.c:86:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:87:24: branch_false: ...to here
libfido2-1.16.0/src/bio.c:86:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:93:13: branch_false: ...to here
libfido2-1.16.0/src/bio.c:93:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/bio.c:94:21: branch_true: ...to here
libfido2-1.16.0/src/bio.c:94:21: call_function: calling ‘bio_prepare_hmac’ from ‘bio_tx’
libfido2-1.16.0/src/bio.c:94:21: return_function: returning to ‘bio_tx’ from ‘bio_prepare_hmac’
libfido2-1.16.0/src/bio.c:94:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:102:12: branch_false: ...to here
libfido2-1.16.0/src/bio.c:102:12: branch_true: following ‘true’ branch (when ‘pin’ is non-NULL)...
libfido2-1.16.0/src/bio.c:103:26: branch_true: ...to here
libfido2-1.16.0/src/bio.c:103:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/bio.c:104:25: branch_true: ...to here
libfido2-1.16.0/src/bio.c:130:9: throw: if ‘cbor_vector_free’ throws an exception...
libfido2-1.16.0/src/bio.c:130:9: danger: ‘hmac.ptr’ leaks here; was allocated at [(18)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/17)
#  128|   	r = FIDO_OK;
#  129|   fail:
#  130|-> 	cbor_vector_free(argv, nitems(argv));
#  131|   	es256_pk_free(&pk);
#  132|   	fido_blob_free(&ecdh);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def202]
libfido2-1.16.0/src/bio.c:131:9: warning[-Wanalyzer-malloc-leak]: leak of ‘hmac.ptr’
libfido2-1.16.0/src/bio.c:70:1: enter_function: entry to ‘bio_tx’
libfido2-1.16.0/src/bio.c:86:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:87:24: branch_false: ...to here
libfido2-1.16.0/src/bio.c:86:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:93:13: branch_false: ...to here
libfido2-1.16.0/src/bio.c:93:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/bio.c:94:21: branch_true: ...to here
libfido2-1.16.0/src/bio.c:94:21: call_function: calling ‘bio_prepare_hmac’ from ‘bio_tx’
libfido2-1.16.0/src/bio.c:94:21: return_function: returning to ‘bio_tx’ from ‘bio_prepare_hmac’
libfido2-1.16.0/src/bio.c:94:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:102:12: branch_false: ...to here
libfido2-1.16.0/src/bio.c:102:12: branch_true: following ‘true’ branch (when ‘pin’ is non-NULL)...
libfido2-1.16.0/src/bio.c:103:26: branch_true: ...to here
libfido2-1.16.0/src/bio.c:103:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/bio.c:104:25: branch_true: ...to here
libfido2-1.16.0/src/bio.c:131:9: throw: if ‘es256_pk_free’ throws an exception...
libfido2-1.16.0/src/bio.c:131:9: danger: ‘hmac.ptr’ leaks here; was allocated at [(18)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/17)
#  129|   fail:
#  130|   	cbor_vector_free(argv, nitems(argv));
#  131|-> 	es256_pk_free(&pk);
#  132|   	fido_blob_free(&ecdh);
#  133|   	free(f.ptr);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def203]
libfido2-1.16.0/src/bio.c:132:9: warning[-Wanalyzer-malloc-leak]: leak of ‘hmac.ptr’
libfido2-1.16.0/src/bio.c:70:1: enter_function: entry to ‘bio_tx’
libfido2-1.16.0/src/bio.c:86:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:87:24: branch_false: ...to here
libfido2-1.16.0/src/bio.c:86:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:93:13: branch_false: ...to here
libfido2-1.16.0/src/bio.c:93:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/bio.c:94:21: branch_true: ...to here
libfido2-1.16.0/src/bio.c:94:21: call_function: calling ‘bio_prepare_hmac’ from ‘bio_tx’
libfido2-1.16.0/src/bio.c:94:21: return_function: returning to ‘bio_tx’ from ‘bio_prepare_hmac’
libfido2-1.16.0/src/bio.c:94:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/bio.c:102:12: branch_false: ...to here
libfido2-1.16.0/src/bio.c:102:12: branch_true: following ‘true’ branch (when ‘pin’ is non-NULL)...
libfido2-1.16.0/src/bio.c:103:26: branch_true: ...to here
libfido2-1.16.0/src/bio.c:103:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/bio.c:104:25: branch_true: ...to here
libfido2-1.16.0/src/bio.c:132:9: throw: if ‘fido_blob_free’ throws an exception...
libfido2-1.16.0/src/bio.c:132:9: danger: ‘hmac.ptr’ leaks here; was allocated at [(18)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/17)
#  130|   	cbor_vector_free(argv, nitems(argv));
#  131|   	es256_pk_free(&pk);
#  132|-> 	fido_blob_free(&ecdh);
#  133|   	free(f.ptr);
#  134|   	free(hmac.ptr);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def204]
libfido2-1.16.0/src/bio.c:257:23: warning[-Wanalyzer-malloc-leak]: leak of ‘msg’
libfido2-1.16.0/src/bio.c:252:20: acquire_memory: allocated here
libfido2-1.16.0/src/bio.c:252:12: branch_false: following ‘false’ branch (when ‘msg’ is non-NULL)...
libfido2-1.16.0/src/bio.c:257:23: branch_false: ...to here
libfido2-1.16.0/src/bio.c:257:23: throw: if ‘fido_rx’ throws an exception...
libfido2-1.16.0/src/bio.c:257:23: danger: ‘msg’ leaks here; was allocated at [(1)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/0)
#  255|   	}
#  256|   
#  257|-> 	if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) {
#  258|   		fido_log_debug("%s: fido_rx", __func__);
#  259|   		r = FIDO_ERR_RX;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def205]
libfido2-1.16.0/src/bio.c:421:23: warning[-Wanalyzer-malloc-leak]: leak of ‘msg’
libfido2-1.16.0/src/bio.c:416:20: acquire_memory: allocated here
libfido2-1.16.0/src/bio.c:416:12: branch_false: following ‘false’ branch (when ‘msg’ is non-NULL)...
libfido2-1.16.0/src/bio.c:421:23: branch_false: ...to here
libfido2-1.16.0/src/bio.c:421:23: throw: if ‘fido_rx’ throws an exception...
libfido2-1.16.0/src/bio.c:421:23: danger: ‘msg’ leaks here; was allocated at [(1)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/0)
#  419|   	}
#  420|   
#  421|-> 	if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) {
#  422|   		fido_log_debug("%s: fido_rx", __func__);
#  423|   		r = FIDO_ERR_RX;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def206]
libfido2-1.16.0/src/bio.c:531:23: warning[-Wanalyzer-malloc-leak]: leak of ‘msg’
libfido2-1.16.0/src/bio.c:526:20: acquire_memory: allocated here
libfido2-1.16.0/src/bio.c:526:12: branch_false: following ‘false’ branch (when ‘msg’ is non-NULL)...
libfido2-1.16.0/src/bio.c:531:23: branch_false: ...to here
libfido2-1.16.0/src/bio.c:531:23: throw: if ‘fido_rx’ throws an exception...
libfido2-1.16.0/src/bio.c:531:23: danger: ‘msg’ leaks here; was allocated at [(1)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/0)
#  529|   	}
#  530|   
#  531|-> 	if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) {
#  532|   		fido_log_debug("%s: fido_rx", __func__);
#  533|   		r = FIDO_ERR_RX;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def207]
libfido2-1.16.0/src/bio.c:706:23: warning[-Wanalyzer-malloc-leak]: leak of ‘msg’
libfido2-1.16.0/src/bio.c:701:20: acquire_memory: allocated here
libfido2-1.16.0/src/bio.c:701:12: branch_false: following ‘false’ branch (when ‘msg’ is non-NULL)...
libfido2-1.16.0/src/bio.c:706:23: branch_false: ...to here
libfido2-1.16.0/src/bio.c:706:23: throw: if ‘fido_rx’ throws an exception...
libfido2-1.16.0/src/bio.c:706:23: danger: ‘msg’ leaks here; was allocated at [(1)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/0)
#  704|   	}
#  705|   
#  706|-> 	if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) {
#  707|   		fido_log_debug("%s: fido_rx", __func__);
#  708|   		r = FIDO_ERR_RX;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def208]
libfido2-1.16.0/src/cbor.c:69:18: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1136:1: enter_function: entry to ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: return_function: returning to ‘decode_attobj’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1142:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1148:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1148:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1153:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1153:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1154:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1154:21: call_function: calling ‘cbor_decode_attstmt’ from ‘decode_attobj’
#   67|   	size_t			 n;
#   68|   
#   69|-> 	if ((v = cbor_map_handle(item)) == NULL) {
#   70|   		fido_log_debug("%s: cbor_map_handle", __func__);
#   71|   		return (-1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def209]
libfido2-1.16.0/src/cbor.c:70:17: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1136:1: enter_function: entry to ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: return_function: returning to ‘decode_attobj’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1142:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1148:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1148:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1153:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1153:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1154:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1154:21: call_function: calling ‘cbor_decode_attstmt’ from ‘decode_attobj’
#   68|   
#   69|   	if ((v = cbor_map_handle(item)) == NULL) {
#   70|-> 		fido_log_debug("%s: cbor_map_handle", __func__);
#   71|   		return (-1);
#   72|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def210]
libfido2-1.16.0/src/cbor.c:74:13: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1136:1: enter_function: entry to ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: return_function: returning to ‘decode_attobj’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1142:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1148:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1148:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1153:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1153:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1154:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1154:21: call_function: calling ‘cbor_decode_attstmt’ from ‘decode_attobj’
#   72|   	}
#   73|   
#   74|-> 	n = cbor_map_size(item);
#   75|   
#   76|   	for (size_t i = 0; i < n; i++) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def211]
libfido2-1.16.0/src/cbor.c:78:25: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1136:1: enter_function: entry to ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: return_function: returning to ‘decode_attobj’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1142:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1148:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1148:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1153:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1153:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1154:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1154:21: call_function: calling ‘cbor_decode_attstmt’ from ‘decode_attobj’
#   76|   	for (size_t i = 0; i < n; i++) {
#   77|   		if (v[i].key == NULL || v[i].value == NULL) {
#   78|-> 			fido_log_debug("%s: key=%p, value=%p for i=%zu",
#   79|   			    __func__, (void *)v[i].key, (void *)v[i].value, i);
#   80|   			return (-1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def212]
libfido2-1.16.0/src/cbor.c:103:18: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1491:1: enter_function: entry to ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: return_function: returning to ‘decode_attstmt_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1497:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1503:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1503:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1517:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1517:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1522:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1522:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1523:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1523:21: call_function: calling ‘decode_x5c_array’ from ‘decode_attstmt_entry’
#  101|   	size_t		  n;
#  102|   
#  103|-> 	if ((v = cbor_array_handle(item)) == NULL) {
#  104|   		fido_log_debug("%s: cbor_array_handle", __func__);
#  105|   		return (-1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def213]
libfido2-1.16.0/src/cbor.c:104:17: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1491:1: enter_function: entry to ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: return_function: returning to ‘decode_attstmt_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1497:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1503:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1503:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1517:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1517:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1522:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1522:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1523:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1523:21: call_function: calling ‘decode_x5c_array’ from ‘decode_attstmt_entry’
#  102|   
#  103|   	if ((v = cbor_array_handle(item)) == NULL) {
#  104|-> 		fido_log_debug("%s: cbor_array_handle", __func__);
#  105|   		return (-1);
#  106|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def214]
libfido2-1.16.0/src/cbor.c:108:13: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1491:1: enter_function: entry to ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: return_function: returning to ‘decode_attstmt_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1497:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1503:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1503:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1517:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1517:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1522:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1522:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1523:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1523:21: call_function: calling ‘decode_x5c_array’ from ‘decode_attstmt_entry’
#  106|   	}
#  107|   
#  108|-> 	n = cbor_array_size(item);
#  109|   
#  110|   	for (size_t i = 0; i < n; i++)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def215]
libfido2-1.16.0/src/cbor.c:206:17: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1676:1: enter_function: entry to ‘decode_rp_entity_entry’
libfido2-1.16.0/src/cbor.c:1683:13: call_function: calling ‘cbor_string_copy’ from ‘decode_rp_entity_entry’
libfido2-1.16.0/src/cbor.c:1683:13: return_function: returning to ‘decode_rp_entity_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1683:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1689:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1689:12: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1690:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1690:21: call_function: calling ‘cbor_string_copy’ from ‘decode_rp_entity_entry’
#  204|   
#  205|   	if (*str != NULL) {
#  206|-> 		fido_log_debug("%s: dup", __func__);
#  207|   		return (-1);
#  208|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def216]
libfido2-1.16.0/src/cbor.c:210:13: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1676:1: enter_function: entry to ‘decode_rp_entity_entry’
libfido2-1.16.0/src/cbor.c:1683:13: call_function: calling ‘cbor_string_copy’ from ‘decode_rp_entity_entry’
libfido2-1.16.0/src/cbor.c:1683:13: return_function: returning to ‘decode_rp_entity_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1683:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1689:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1689:12: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1690:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1690:21: call_function: calling ‘cbor_string_copy’ from ‘decode_rp_entity_entry’
#  208|   	}
#  209|   
#  210|-> 	if (cbor_isa_string(item) == false ||
#  211|   	    cbor_string_is_definite(item) == false) {
#  212|   		fido_log_debug("%s: cbor type", __func__);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def217]
libfido2-1.16.0/src/cbor.c:211:13: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1676:1: enter_function: entry to ‘decode_rp_entity_entry’
libfido2-1.16.0/src/cbor.c:1683:13: call_function: calling ‘cbor_string_copy’ from ‘decode_rp_entity_entry’
libfido2-1.16.0/src/cbor.c:1683:13: return_function: returning to ‘decode_rp_entity_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1683:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1689:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1689:12: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1690:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1690:21: call_function: calling ‘cbor_string_copy’ from ‘decode_rp_entity_entry’
#  209|   
#  210|   	if (cbor_isa_string(item) == false ||
#  211|-> 	    cbor_string_is_definite(item) == false) {
#  212|   		fido_log_debug("%s: cbor type", __func__);
#  213|   		return (-1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def218]
libfido2-1.16.0/src/cbor.c:212:17: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1676:1: enter_function: entry to ‘decode_rp_entity_entry’
libfido2-1.16.0/src/cbor.c:1683:13: call_function: calling ‘cbor_string_copy’ from ‘decode_rp_entity_entry’
libfido2-1.16.0/src/cbor.c:1683:13: return_function: returning to ‘decode_rp_entity_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1683:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1689:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1689:12: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1690:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1690:21: call_function: calling ‘cbor_string_copy’ from ‘decode_rp_entity_entry’
#  210|   	if (cbor_isa_string(item) == false ||
#  211|   	    cbor_string_is_definite(item) == false) {
#  212|-> 		fido_log_debug("%s: cbor type", __func__);
#  213|   		return (-1);
#  214|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def219]
libfido2-1.16.0/src/cbor.c:216:20: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1676:1: enter_function: entry to ‘decode_rp_entity_entry’
libfido2-1.16.0/src/cbor.c:1683:13: call_function: calling ‘cbor_string_copy’ from ‘decode_rp_entity_entry’
libfido2-1.16.0/src/cbor.c:1683:13: return_function: returning to ‘decode_rp_entity_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1683:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1689:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1689:12: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1690:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1690:21: call_function: calling ‘cbor_string_copy’ from ‘decode_rp_entity_entry’
#  214|   	}
#  215|   
#  216|-> 	if ((len = cbor_string_length(item)) == SIZE_MAX ||
#  217|   	    (*str = malloc(len + 1)) == NULL)
#  218|   		return (-1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def220]
libfido2-1.16.0/src/cbor.c:220:22: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1676:1: enter_function: entry to ‘decode_rp_entity_entry’
libfido2-1.16.0/src/cbor.c:1683:13: call_function: calling ‘cbor_string_copy’ from ‘decode_rp_entity_entry’
#  218|   		return (-1);
#  219|   
#  220|-> 	memcpy(*str, cbor_string_handle(item), len);
#  221|   	(*str)[len] = '\0';
#  222|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def221]
libfido2-1.16.0/src/cbor.c:220:22: warning[-Wanalyzer-malloc-leak]: leak of ‘type’
libfido2-1.16.0/src/cbor.c:909:1: enter_function: entry to ‘cbor_decode_fmt’
libfido2-1.16.0/src/cbor.c:913:13: call_function: calling ‘cbor_string_copy’ from ‘cbor_decode_fmt’
#  218|   		return (-1);
#  219|   
#  220|-> 	memcpy(*str, cbor_string_handle(item), len);
#  221|   	(*str)[len] = '\0';
#  222|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def222]
libfido2-1.16.0/src/cbor.c:914:17: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1136:1: enter_function: entry to ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: return_function: returning to ‘decode_attobj’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1142:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1148:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1148:12: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1149:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1149:21: call_function: calling ‘cbor_decode_fmt’ from ‘decode_attobj’
#  912|   
#  913|   	if (cbor_string_copy(item, &type) < 0) {
#  914|-> 		fido_log_debug("%s: cbor_string_copy", __func__);
#  915|   		return (-1);
#  916|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def223]
libfido2-1.16.0/src/cbor.c:920:17: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1136:1: enter_function: entry to ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: return_function: returning to ‘decode_attobj’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1142:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1148:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1148:12: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1149:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1149:21: call_function: calling ‘cbor_decode_fmt’ from ‘decode_attobj’
#  918|   	if (strcmp(type, "packed") && strcmp(type, "fido-u2f") &&
#  919|   	    strcmp(type, "none") && strcmp(type, "tpm")) {
#  920|-> 		fido_log_debug("%s: type=%s", __func__, type);
#  921|   		free(type);
#  922|   		return (-1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def224]
libfido2-1.16.0/src/cbor.c:920:17: warning[-Wanalyzer-malloc-leak]: leak of ‘type’
libfido2-1.16.0/src/cbor.c:909:1: enter_function: entry to ‘cbor_decode_fmt’
libfido2-1.16.0/src/cbor.c:913:13: call_function: calling ‘cbor_string_copy’ from ‘cbor_decode_fmt’
libfido2-1.16.0/src/cbor.c:913:13: return_function: returning to ‘cbor_decode_fmt’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:913:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:918:13: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:918:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/cbor.c:918:13: branch_true: following ‘true’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:920:17: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:920:17: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/cbor.c:920:17: danger: ‘type’ leaks here; was allocated at [(12)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/11)
#  918|   	if (strcmp(type, "packed") && strcmp(type, "fido-u2f") &&
#  919|   	    strcmp(type, "none") && strcmp(type, "tpm")) {
#  920|-> 		fido_log_debug("%s: type=%s", __func__, type);
#  921|   		free(type);
#  922|   		return (-1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def225]
libfido2-1.16.0/src/cbor.c:1159:21: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1136:1: enter_function: entry to ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: return_function: returning to ‘decode_attobj’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1142:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1148:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1148:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1153:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1153:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1158:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1158:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1159:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1159:21: throw: if ‘fido_blob_decode’ throws an exception...
libfido2-1.16.0/src/cbor.c:1159:21: danger: ‘name’ leaks here; was allocated at [(12)](sarif:/runs/0/results/32/codeFlows/0/threadFlows/0/locations/11)
# 1157|   		}
# 1158|   	} else if (!strcmp(name, "authData")) {
# 1159|-> 		if (fido_blob_decode(val, &cred->authdata_raw) < 0) {
# 1160|   			fido_log_debug("%s: fido_blob_decode", __func__);
# 1161|   			goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def226]
libfido2-1.16.0/src/cbor.c:1160:25: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1136:1: enter_function: entry to ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: return_function: returning to ‘decode_attobj’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1142:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1148:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1148:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1153:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1153:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1158:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1158:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1159:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1159:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/cbor.c:1160:25: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1160:25: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/cbor.c:1160:25: danger: ‘name’ leaks here; was allocated at [(12)](sarif:/runs/0/results/33/codeFlows/0/threadFlows/0/locations/11)
# 1158|   	} else if (!strcmp(name, "authData")) {
# 1159|   		if (fido_blob_decode(val, &cred->authdata_raw) < 0) {
# 1160|-> 			fido_log_debug("%s: fido_blob_decode", __func__);
# 1161|   			goto fail;
# 1162|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def227]
libfido2-1.16.0/src/cbor.c:1208:25: warning[-Wanalyzer-malloc-leak]: leak of ‘type’
libfido2-1.16.0/src/cbor.c:1194:1: enter_function: entry to ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: call_function: calling ‘cbor_string_copy’ from ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: return_function: returning to ‘decode_cred_extension’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1200:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1206:13: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1206:12: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1207:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1207:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/cbor.c:1208:25: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1208:25: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/cbor.c:1208:25: danger: ‘type’ leaks here; was allocated at [(12)](sarif:/runs/0/results/34/codeFlows/0/threadFlows/0/locations/11)
# 1206|   	if (strcmp(type, "hmac-secret") == 0) {
# 1207|   		if (cbor_decode_bool(val, NULL) < 0) {
# 1208|-> 			fido_log_debug("%s: cbor_decode_bool", __func__);
# 1209|   			goto out;
# 1210|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def228]
libfido2-1.16.0/src/cbor.c:1211:21: warning[-Wanalyzer-malloc-leak]: leak of ‘type’
libfido2-1.16.0/src/cbor.c:1194:1: enter_function: entry to ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: call_function: calling ‘cbor_string_copy’ from ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: return_function: returning to ‘decode_cred_extension’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1200:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1206:13: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1206:12: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1207:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1207:21: call_function: calling ‘cbor_decode_bool’ from ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1207:21: return_function: returning to ‘decode_cred_extension’ from ‘cbor_decode_bool’
libfido2-1.16.0/src/cbor.c:1207:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1211:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1211:21: throw: if ‘cbor_ctrl_value’ throws an exception...
libfido2-1.16.0/src/cbor.c:1211:21: danger: ‘type’ leaks here; was allocated at [(12)](sarif:/runs/0/results/35/codeFlows/0/threadFlows/0/locations/11)
# 1209|   			goto out;
# 1210|   		}
# 1211|-> 		if (cbor_ctrl_value(val) == CBOR_CTRL_TRUE)
# 1212|   			authdata_ext->mask |= FIDO_EXT_HMAC_SECRET;
# 1213|   	} else if (strcmp(type, "credProtect") == 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def229]
libfido2-1.16.0/src/cbor.c:1214:21: warning[-Wanalyzer-malloc-leak]: leak of ‘type’
libfido2-1.16.0/src/cbor.c:1194:1: enter_function: entry to ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: call_function: calling ‘cbor_string_copy’ from ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: return_function: returning to ‘decode_cred_extension’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1200:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1206:13: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1206:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1213:20: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1213:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1214:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1214:21: throw: if ‘cbor_isa_uint’ throws an exception...
libfido2-1.16.0/src/cbor.c:1214:21: danger: ‘type’ leaks here; was allocated at [(12)](sarif:/runs/0/results/36/codeFlows/0/threadFlows/0/locations/11)
# 1212|   			authdata_ext->mask |= FIDO_EXT_HMAC_SECRET;
# 1213|   	} else if (strcmp(type, "credProtect") == 0) {
# 1214|-> 		if (cbor_isa_uint(val) == false ||
# 1215|   		    cbor_int_get_width(val) != CBOR_INT_8) {
# 1216|   			fido_log_debug("%s: cbor type", __func__);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def230]
libfido2-1.16.0/src/cbor.c:1215:21: warning[-Wanalyzer-malloc-leak]: leak of ‘type’
libfido2-1.16.0/src/cbor.c:1194:1: enter_function: entry to ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: call_function: calling ‘cbor_string_copy’ from ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: return_function: returning to ‘decode_cred_extension’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1200:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1206:13: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1206:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1213:20: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1213:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1214:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1214:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/cbor.c:1215:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1215:21: throw: if ‘cbor_int_get_width’ throws an exception...
libfido2-1.16.0/src/cbor.c:1215:21: danger: ‘type’ leaks here; was allocated at [(12)](sarif:/runs/0/results/37/codeFlows/0/threadFlows/0/locations/11)
# 1213|   	} else if (strcmp(type, "credProtect") == 0) {
# 1214|   		if (cbor_isa_uint(val) == false ||
# 1215|-> 		    cbor_int_get_width(val) != CBOR_INT_8) {
# 1216|   			fido_log_debug("%s: cbor type", __func__);
# 1217|   			goto out;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def231]
libfido2-1.16.0/src/cbor.c:1216:25: warning[-Wanalyzer-malloc-leak]: leak of ‘type’
libfido2-1.16.0/src/cbor.c:1194:1: enter_function: entry to ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: call_function: calling ‘cbor_string_copy’ from ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: return_function: returning to ‘decode_cred_extension’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1200:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1206:13: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1206:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1213:20: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1213:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1214:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1216:25: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/cbor.c:1216:25: danger: ‘type’ leaks here; was allocated at [(12)](sarif:/runs/0/results/38/codeFlows/0/threadFlows/0/locations/11)
# 1214|   		if (cbor_isa_uint(val) == false ||
# 1215|   		    cbor_int_get_width(val) != CBOR_INT_8) {
# 1216|-> 			fido_log_debug("%s: cbor type", __func__);
# 1217|   			goto out;
# 1218|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def232]
libfido2-1.16.0/src/cbor.c:1220:38: warning[-Wanalyzer-malloc-leak]: leak of ‘type’
libfido2-1.16.0/src/cbor.c:1194:1: enter_function: entry to ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: call_function: calling ‘cbor_string_copy’ from ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: return_function: returning to ‘decode_cred_extension’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1200:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1206:13: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1206:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1213:20: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1213:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1214:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1214:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/cbor.c:1215:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1214:21: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1219:17: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1220:38: throw: if ‘cbor_get_uint8’ throws an exception...
libfido2-1.16.0/src/cbor.c:1220:38: danger: ‘type’ leaks here; was allocated at [(12)](sarif:/runs/0/results/39/codeFlows/0/threadFlows/0/locations/11)
# 1218|   		}
# 1219|   		authdata_ext->mask |= FIDO_EXT_CRED_PROTECT;
# 1220|-> 		authdata_ext->prot = cbor_get_uint8(val);
# 1221|   	} else if (strcmp(type, "credBlob") == 0) {
# 1222|   		if (cbor_decode_bool(val, NULL) < 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def233]
libfido2-1.16.0/src/cbor.c:1223:25: warning[-Wanalyzer-malloc-leak]: leak of ‘type’
libfido2-1.16.0/src/cbor.c:1194:1: enter_function: entry to ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: call_function: calling ‘cbor_string_copy’ from ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: return_function: returning to ‘decode_cred_extension’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1200:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1206:13: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1206:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1213:20: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1213:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1221:20: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1221:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1222:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1222:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/cbor.c:1223:25: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1223:25: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/cbor.c:1223:25: danger: ‘type’ leaks here; was allocated at [(12)](sarif:/runs/0/results/40/codeFlows/0/threadFlows/0/locations/11)
# 1221|   	} else if (strcmp(type, "credBlob") == 0) {
# 1222|   		if (cbor_decode_bool(val, NULL) < 0) {
# 1223|-> 			fido_log_debug("%s: cbor_decode_bool", __func__);
# 1224|   			goto out;
# 1225|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def234]
libfido2-1.16.0/src/cbor.c:1226:21: warning[-Wanalyzer-malloc-leak]: leak of ‘type’
libfido2-1.16.0/src/cbor.c:1194:1: enter_function: entry to ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: call_function: calling ‘cbor_string_copy’ from ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: return_function: returning to ‘decode_cred_extension’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1200:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1206:13: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1206:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1213:20: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1213:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1221:20: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1221:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1222:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1222:21: call_function: calling ‘cbor_decode_bool’ from ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1222:21: return_function: returning to ‘decode_cred_extension’ from ‘cbor_decode_bool’
libfido2-1.16.0/src/cbor.c:1222:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1226:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1226:21: throw: if ‘cbor_ctrl_value’ throws an exception...
libfido2-1.16.0/src/cbor.c:1226:21: danger: ‘type’ leaks here; was allocated at [(12)](sarif:/runs/0/results/41/codeFlows/0/threadFlows/0/locations/11)
# 1224|   			goto out;
# 1225|   		}
# 1226|-> 		if (cbor_ctrl_value(val) == CBOR_CTRL_TRUE)
# 1227|   			authdata_ext->mask |= FIDO_EXT_CRED_BLOB;
# 1228|   	} else if (strcmp(type, "minPinLength") == 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def235]
libfido2-1.16.0/src/cbor.c:1229:21: warning[-Wanalyzer-malloc-leak]: leak of ‘type’
libfido2-1.16.0/src/cbor.c:1194:1: enter_function: entry to ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: call_function: calling ‘cbor_string_copy’ from ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: return_function: returning to ‘decode_cred_extension’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1200:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1206:13: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1206:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1213:20: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1213:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1221:20: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1221:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1228:20: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1228:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1229:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1229:21: throw: if ‘cbor_isa_uint’ throws an exception...
libfido2-1.16.0/src/cbor.c:1229:21: danger: ‘type’ leaks here; was allocated at [(12)](sarif:/runs/0/results/42/codeFlows/0/threadFlows/0/locations/11)
# 1227|   			authdata_ext->mask |= FIDO_EXT_CRED_BLOB;
# 1228|   	} else if (strcmp(type, "minPinLength") == 0) {
# 1229|-> 		if (cbor_isa_uint(val) == false ||
# 1230|   		    cbor_int_get_width(val) != CBOR_INT_8) {
# 1231|   			fido_log_debug("%s: cbor type", __func__);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def236]
libfido2-1.16.0/src/cbor.c:1230:21: warning[-Wanalyzer-malloc-leak]: leak of ‘type’
libfido2-1.16.0/src/cbor.c:1194:1: enter_function: entry to ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: call_function: calling ‘cbor_string_copy’ from ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: return_function: returning to ‘decode_cred_extension’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1200:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1206:13: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1206:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1213:20: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1213:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1221:20: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1221:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1228:20: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1228:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1229:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1229:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/cbor.c:1230:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1230:21: throw: if ‘cbor_int_get_width’ throws an exception...
libfido2-1.16.0/src/cbor.c:1230:21: danger: ‘type’ leaks here; was allocated at [(12)](sarif:/runs/0/results/43/codeFlows/0/threadFlows/0/locations/11)
# 1228|   	} else if (strcmp(type, "minPinLength") == 0) {
# 1229|   		if (cbor_isa_uint(val) == false ||
# 1230|-> 		    cbor_int_get_width(val) != CBOR_INT_8) {
# 1231|   			fido_log_debug("%s: cbor type", __func__);
# 1232|   			goto out;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def237]
libfido2-1.16.0/src/cbor.c:1231:25: warning[-Wanalyzer-malloc-leak]: leak of ‘type’
libfido2-1.16.0/src/cbor.c:1194:1: enter_function: entry to ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: call_function: calling ‘cbor_string_copy’ from ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: return_function: returning to ‘decode_cred_extension’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1200:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1206:13: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1206:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1213:20: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1213:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1221:20: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1221:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1228:20: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1228:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1229:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1231:25: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/cbor.c:1231:25: danger: ‘type’ leaks here; was allocated at [(12)](sarif:/runs/0/results/44/codeFlows/0/threadFlows/0/locations/11)
# 1229|   		if (cbor_isa_uint(val) == false ||
# 1230|   		    cbor_int_get_width(val) != CBOR_INT_8) {
# 1231|-> 			fido_log_debug("%s: cbor type", __func__);
# 1232|   			goto out;
# 1233|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def238]
libfido2-1.16.0/src/cbor.c:1235:43: warning[-Wanalyzer-malloc-leak]: leak of ‘type’
libfido2-1.16.0/src/cbor.c:1194:1: enter_function: entry to ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: call_function: calling ‘cbor_string_copy’ from ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: return_function: returning to ‘decode_cred_extension’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1200:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1206:13: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1206:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1213:20: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1213:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1221:20: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1221:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1228:20: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1228:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1229:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1229:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/cbor.c:1230:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1229:21: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1234:17: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1235:43: throw: if ‘cbor_get_uint8’ throws an exception...
libfido2-1.16.0/src/cbor.c:1235:43: danger: ‘type’ leaks here; was allocated at [(12)](sarif:/runs/0/results/45/codeFlows/0/threadFlows/0/locations/11)
# 1233|   		}
# 1234|   		authdata_ext->mask |= FIDO_EXT_MINPINLEN;
# 1235|-> 		authdata_ext->minpinlen = cbor_get_uint8(val);
# 1236|   	}
# 1237|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def239]
libfido2-1.16.0/src/cbor.c:1295:21: warning[-Wanalyzer-malloc-leak]: leak of ‘type’
libfido2-1.16.0/src/cbor.c:1281:1: enter_function: entry to ‘decode_assert_extension’
libfido2-1.16.0/src/cbor.c:1288:13: call_function: calling ‘cbor_string_copy’ from ‘decode_assert_extension’
libfido2-1.16.0/src/cbor.c:1288:13: return_function: returning to ‘decode_assert_extension’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1288:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1294:13: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1294:12: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1295:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1295:21: throw: if ‘fido_blob_decode’ throws an exception...
libfido2-1.16.0/src/cbor.c:1295:21: danger: ‘type’ leaks here; was allocated at [(12)](sarif:/runs/0/results/46/codeFlows/0/threadFlows/0/locations/11)
# 1293|   
# 1294|   	if (strcmp(type, "hmac-secret") == 0) {
# 1295|-> 		if (fido_blob_decode(val, &authdata_ext->hmac_secret_enc) < 0) {
# 1296|   			fido_log_debug("%s: fido_blob_decode", __func__);
# 1297|   			goto out;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def240]
libfido2-1.16.0/src/cbor.c:1296:25: warning[-Wanalyzer-malloc-leak]: leak of ‘type’
libfido2-1.16.0/src/cbor.c:1281:1: enter_function: entry to ‘decode_assert_extension’
libfido2-1.16.0/src/cbor.c:1288:13: call_function: calling ‘cbor_string_copy’ from ‘decode_assert_extension’
libfido2-1.16.0/src/cbor.c:1288:13: return_function: returning to ‘decode_assert_extension’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1288:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1294:13: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1294:12: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1295:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1295:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/cbor.c:1296:25: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1296:25: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/cbor.c:1296:25: danger: ‘type’ leaks here; was allocated at [(12)](sarif:/runs/0/results/47/codeFlows/0/threadFlows/0/locations/11)
# 1294|   	if (strcmp(type, "hmac-secret") == 0) {
# 1295|   		if (fido_blob_decode(val, &authdata_ext->hmac_secret_enc) < 0) {
# 1296|-> 			fido_log_debug("%s: fido_blob_decode", __func__);
# 1297|   			goto out;
# 1298|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def241]
libfido2-1.16.0/src/cbor.c:1301:21: warning[-Wanalyzer-malloc-leak]: leak of ‘type’
libfido2-1.16.0/src/cbor.c:1281:1: enter_function: entry to ‘decode_assert_extension’
libfido2-1.16.0/src/cbor.c:1288:13: call_function: calling ‘cbor_string_copy’ from ‘decode_assert_extension’
libfido2-1.16.0/src/cbor.c:1288:13: return_function: returning to ‘decode_assert_extension’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1288:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1294:13: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1294:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1300:20: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1300:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1301:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1301:21: throw: if ‘fido_blob_decode’ throws an exception...
libfido2-1.16.0/src/cbor.c:1301:21: danger: ‘type’ leaks here; was allocated at [(12)](sarif:/runs/0/results/48/codeFlows/0/threadFlows/0/locations/11)
# 1299|   		authdata_ext->mask |= FIDO_EXT_HMAC_SECRET;
# 1300|   	} else if (strcmp(type, "credBlob") == 0) {
# 1301|-> 		if (fido_blob_decode(val, &authdata_ext->blob) < 0) {
# 1302|   			fido_log_debug("%s: fido_blob_decode", __func__);
# 1303|   			goto out;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def242]
libfido2-1.16.0/src/cbor.c:1302:25: warning[-Wanalyzer-malloc-leak]: leak of ‘type’
libfido2-1.16.0/src/cbor.c:1281:1: enter_function: entry to ‘decode_assert_extension’
libfido2-1.16.0/src/cbor.c:1288:13: call_function: calling ‘cbor_string_copy’ from ‘decode_assert_extension’
libfido2-1.16.0/src/cbor.c:1288:13: return_function: returning to ‘decode_assert_extension’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1288:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1294:13: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1294:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1300:20: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1300:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1301:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1301:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/cbor.c:1302:25: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1302:25: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/cbor.c:1302:25: danger: ‘type’ leaks here; was allocated at [(12)](sarif:/runs/0/results/49/codeFlows/0/threadFlows/0/locations/11)
# 1300|   	} else if (strcmp(type, "credBlob") == 0) {
# 1301|   		if (fido_blob_decode(val, &authdata_ext->blob) < 0) {
# 1302|-> 			fido_log_debug("%s: fido_blob_decode", __func__);
# 1303|   			goto out;
# 1304|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def243]
libfido2-1.16.0/src/cbor.c:1357:13: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1136:1: enter_function: entry to ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: return_function: returning to ‘decode_attobj’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1142:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1148:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1148:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1153:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1153:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1158:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1158:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1159:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1159:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1163:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1163:21: call_function: calling ‘cbor_decode_cred_authdata’ from ‘decode_attobj’
# 1355|   	size_t			 alloc_len;
# 1356|   
# 1357|-> 	if (cbor_isa_bytestring(item) == false ||
# 1358|   	    cbor_bytestring_is_definite(item) == false) {
# 1359|   		fido_log_debug("%s: cbor type", __func__);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def244]
libfido2-1.16.0/src/cbor.c:1358:13: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1136:1: enter_function: entry to ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: return_function: returning to ‘decode_attobj’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1142:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1148:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1148:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1153:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1153:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1158:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1158:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1159:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1159:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1163:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1163:21: call_function: calling ‘cbor_decode_cred_authdata’ from ‘decode_attobj’
# 1356|   
# 1357|   	if (cbor_isa_bytestring(item) == false ||
# 1358|-> 	    cbor_bytestring_is_definite(item) == false) {
# 1359|   		fido_log_debug("%s: cbor type", __func__);
# 1360|   		return (-1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def245]
libfido2-1.16.0/src/cbor.c:1359:17: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1136:1: enter_function: entry to ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: return_function: returning to ‘decode_attobj’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1142:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1148:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1148:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1153:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1153:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1158:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1158:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1159:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1159:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1163:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1163:21: call_function: calling ‘cbor_decode_cred_authdata’ from ‘decode_attobj’
# 1357|   	if (cbor_isa_bytestring(item) == false ||
# 1358|   	    cbor_bytestring_is_definite(item) == false) {
# 1359|-> 		fido_log_debug("%s: cbor type", __func__);
# 1360|   		return (-1);
# 1361|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def246]
libfido2-1.16.0/src/cbor.c:1364:35: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1136:1: enter_function: entry to ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: return_function: returning to ‘decode_attobj’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1142:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1148:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1148:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1153:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1153:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1158:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1158:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1159:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1159:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1163:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1163:21: call_function: calling ‘cbor_decode_cred_authdata’ from ‘decode_attobj’
# 1362|   
# 1363|   	if (authdata_cbor->ptr != NULL ||
# 1364|-> 	    (authdata_cbor->len = cbor_serialize_alloc(item,
# 1365|   	    &authdata_cbor->ptr, &alloc_len)) == 0) {
# 1366|   		fido_log_debug("%s: cbor_serialize_alloc", __func__);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def247]
libfido2-1.16.0/src/cbor.c:1366:17: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1136:1: enter_function: entry to ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: return_function: returning to ‘decode_attobj’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1142:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1148:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1148:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1153:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1153:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1158:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1158:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1159:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1159:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1163:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1163:21: call_function: calling ‘cbor_decode_cred_authdata’ from ‘decode_attobj’
# 1364|   	    (authdata_cbor->len = cbor_serialize_alloc(item,
# 1365|   	    &authdata_cbor->ptr, &alloc_len)) == 0) {
# 1366|-> 		fido_log_debug("%s: cbor_serialize_alloc", __func__);
# 1367|   		return (-1);
# 1368|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def248]
libfido2-1.16.0/src/cbor.c:1370:15: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1136:1: enter_function: entry to ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: return_function: returning to ‘decode_attobj’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1142:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1148:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1148:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1153:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1153:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1158:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1158:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1159:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1159:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1163:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1163:21: call_function: calling ‘cbor_decode_cred_authdata’ from ‘decode_attobj’
# 1368|   	}
# 1369|   
# 1370|-> 	buf = cbor_bytestring_handle(item);
# 1371|   	len = cbor_bytestring_length(item);
# 1372|   	fido_log_xxd(buf, len, "%s", __func__);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def249]
libfido2-1.16.0/src/cbor.c:1371:15: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1136:1: enter_function: entry to ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: return_function: returning to ‘decode_attobj’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1142:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1148:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1148:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1153:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1153:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1158:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1158:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1159:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1159:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1163:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1163:21: call_function: calling ‘cbor_decode_cred_authdata’ from ‘decode_attobj’
# 1369|   
# 1370|   	buf = cbor_bytestring_handle(item);
# 1371|-> 	len = cbor_bytestring_length(item);
# 1372|   	fido_log_xxd(buf, len, "%s", __func__);
# 1373|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def250]
libfido2-1.16.0/src/cbor.c:1372:9: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1136:1: enter_function: entry to ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: return_function: returning to ‘decode_attobj’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1142:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1148:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1148:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1153:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1153:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1158:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1158:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1159:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1159:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1163:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1163:21: call_function: calling ‘cbor_decode_cred_authdata’ from ‘decode_attobj’
# 1370|   	buf = cbor_bytestring_handle(item);
# 1371|   	len = cbor_bytestring_length(item);
# 1372|-> 	fido_log_xxd(buf, len, "%s", __func__);
# 1373|   
# 1374|   	if (fido_buf_read(&buf, &len, authdata, sizeof(*authdata)) < 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def251]
libfido2-1.16.0/src/cbor.c:1453:13: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1491:1: enter_function: entry to ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: return_function: returning to ‘decode_attstmt_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1497:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1503:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1503:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1517:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1517:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1522:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1522:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1523:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1523:21: call_function: calling ‘decode_x5c_array’ from ‘decode_attstmt_entry’
# 1451|   	memset(&x5c_blob, 0, sizeof(x5c_blob));
# 1452|   
# 1453|-> 	if (fido_blob_decode(item, &x5c_blob) < 0) {
# 1454|   		fido_log_debug("%s: fido_blob_decode", __func__);
# 1455|   		return (-1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def252]
libfido2-1.16.0/src/cbor.c:1479:17: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1491:1: enter_function: entry to ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: return_function: returning to ‘decode_attstmt_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1497:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1503:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1503:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1517:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1517:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1522:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1522:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1523:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1523:21: call_function: calling ‘decode_x5c_array’ from ‘decode_attstmt_entry’
# 1477|   {
# 1478|   	if (arr->len) {
# 1479|-> 		fido_log_debug("%s: dup", __func__);
# 1480|   		return (-1);
# 1481|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def253]
libfido2-1.16.0/src/cbor.c:1482:13: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1491:1: enter_function: entry to ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: return_function: returning to ‘decode_attstmt_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1497:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1503:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1503:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1517:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1517:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1522:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1522:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1523:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1523:21: call_function: calling ‘decode_x5c_array’ from ‘decode_attstmt_entry’
# 1480|   		return (-1);
# 1481|   	}
# 1482|-> 	if (cbor_isa_array(item) == false ||
# 1483|   	    cbor_array_is_definite(item) == false) {
# 1484|   		fido_log_debug("%s: cbor", __func__);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def254]
libfido2-1.16.0/src/cbor.c:1483:13: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1491:1: enter_function: entry to ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: return_function: returning to ‘decode_attstmt_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1497:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1503:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1503:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1517:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1517:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1522:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1522:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1523:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1523:21: call_function: calling ‘decode_x5c_array’ from ‘decode_attstmt_entry’
# 1481|   	}
# 1482|   	if (cbor_isa_array(item) == false ||
# 1483|-> 	    cbor_array_is_definite(item) == false) {
# 1484|   		fido_log_debug("%s: cbor", __func__);
# 1485|   		return (-1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def255]
libfido2-1.16.0/src/cbor.c:1484:17: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1491:1: enter_function: entry to ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: return_function: returning to ‘decode_attstmt_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1497:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1503:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1503:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1517:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1517:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1522:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1522:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1523:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1523:21: call_function: calling ‘decode_x5c_array’ from ‘decode_attstmt_entry’
# 1482|   	if (cbor_isa_array(item) == false ||
# 1483|   	    cbor_array_is_definite(item) == false) {
# 1484|-> 		fido_log_debug("%s: cbor", __func__);
# 1485|   		return (-1);
# 1486|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def256]
libfido2-1.16.0/src/cbor.c:1504:21: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1491:1: enter_function: entry to ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: return_function: returning to ‘decode_attstmt_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1497:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1503:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1503:12: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1504:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1504:21: throw: if ‘cbor_isa_negint’ throws an exception...
libfido2-1.16.0/src/cbor.c:1504:21: danger: ‘name’ leaks here; was allocated at [(12)](sarif:/runs/0/results/63/codeFlows/0/threadFlows/0/locations/11)
# 1502|   
# 1503|   	if (!strcmp(name, "alg")) {
# 1504|-> 		if (cbor_isa_negint(val) == false ||
# 1505|   		    cbor_get_int(val) > UINT16_MAX) {
# 1506|   			fido_log_debug("%s: alg", __func__);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def257]
libfido2-1.16.0/src/cbor.c:1505:21: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1491:1: enter_function: entry to ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: return_function: returning to ‘decode_attstmt_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1497:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1503:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1503:12: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1504:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1504:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/cbor.c:1505:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1505:21: throw: if ‘cbor_get_int’ throws an exception...
libfido2-1.16.0/src/cbor.c:1505:21: danger: ‘name’ leaks here; was allocated at [(12)](sarif:/runs/0/results/64/codeFlows/0/threadFlows/0/locations/11)
# 1503|   	if (!strcmp(name, "alg")) {
# 1504|   		if (cbor_isa_negint(val) == false ||
# 1505|-> 		    cbor_get_int(val) > UINT16_MAX) {
# 1506|   			fido_log_debug("%s: alg", __func__);
# 1507|   			goto out;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def258]
libfido2-1.16.0/src/cbor.c:1506:25: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1491:1: enter_function: entry to ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: return_function: returning to ‘decode_attstmt_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1497:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1503:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1503:12: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1504:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1506:25: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/cbor.c:1506:25: danger: ‘name’ leaks here; was allocated at [(12)](sarif:/runs/0/results/65/codeFlows/0/threadFlows/0/locations/11)
# 1504|   		if (cbor_isa_negint(val) == false ||
# 1505|   		    cbor_get_int(val) > UINT16_MAX) {
# 1506|-> 			fido_log_debug("%s: alg", __func__);
# 1507|   			goto out;
# 1508|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def259]
libfido2-1.16.0/src/cbor.c:1509:38: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1491:1: enter_function: entry to ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: return_function: returning to ‘decode_attstmt_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1497:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1503:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1503:12: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1504:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1504:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/cbor.c:1505:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1504:21: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1509:38: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1509:38: throw: if ‘cbor_get_int’ throws an exception...
libfido2-1.16.0/src/cbor.c:1509:38: danger: ‘name’ leaks here; was allocated at [(12)](sarif:/runs/0/results/66/codeFlows/0/threadFlows/0/locations/11)
# 1507|   			goto out;
# 1508|   		}
# 1509|-> 		attstmt->alg = -(int)cbor_get_int(val) - 1;
# 1510|   		if (attstmt->alg != COSE_ES256 && attstmt->alg != COSE_ES384 &&
# 1511|   		    attstmt->alg != COSE_RS256 && attstmt->alg != COSE_EDDSA &&

Error: GCC_ANALYZER_WARNING (CWE-401): [#def260]
libfido2-1.16.0/src/cbor.c:1513:25: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1491:1: enter_function: entry to ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: return_function: returning to ‘decode_attstmt_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1497:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1503:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1503:12: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1504:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1504:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/cbor.c:1505:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1504:21: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1509:38: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1510:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/cbor.c:1510:21: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/cbor.c:1513:25: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/cbor.c:1513:25: danger: ‘name’ leaks here; was allocated at [(12)](sarif:/runs/0/results/67/codeFlows/0/threadFlows/0/locations/11)
# 1511|   		    attstmt->alg != COSE_RS256 && attstmt->alg != COSE_EDDSA &&
# 1512|   		    attstmt->alg != COSE_RS1) {
# 1513|-> 			fido_log_debug("%s: unsupported attstmt->alg=%d",
# 1514|   			    __func__, attstmt->alg);
# 1515|   			goto out;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def261]
libfido2-1.16.0/src/cbor.c:1518:21: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1491:1: enter_function: entry to ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: return_function: returning to ‘decode_attstmt_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1497:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1503:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1503:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1517:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1517:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1518:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1518:21: throw: if ‘fido_blob_decode’ throws an exception...
libfido2-1.16.0/src/cbor.c:1518:21: danger: ‘name’ leaks here; was allocated at [(12)](sarif:/runs/0/results/68/codeFlows/0/threadFlows/0/locations/11)
# 1516|   		}
# 1517|   	} else if (!strcmp(name, "sig")) {
# 1518|-> 		if (fido_blob_decode(val, &attstmt->sig) < 0) {
# 1519|   			fido_log_debug("%s: sig", __func__);
# 1520|   			goto out;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def262]
libfido2-1.16.0/src/cbor.c:1519:25: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1491:1: enter_function: entry to ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: return_function: returning to ‘decode_attstmt_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1497:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1503:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1503:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1517:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1517:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1518:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1518:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/cbor.c:1519:25: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1519:25: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/cbor.c:1519:25: danger: ‘name’ leaks here; was allocated at [(12)](sarif:/runs/0/results/69/codeFlows/0/threadFlows/0/locations/11)
# 1517|   	} else if (!strcmp(name, "sig")) {
# 1518|   		if (fido_blob_decode(val, &attstmt->sig) < 0) {
# 1519|-> 			fido_log_debug("%s: sig", __func__);
# 1520|   			goto out;
# 1521|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def263]
libfido2-1.16.0/src/cbor.c:1528:21: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1491:1: enter_function: entry to ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: return_function: returning to ‘decode_attstmt_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1497:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1503:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1503:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1517:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1517:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1522:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1522:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1527:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1527:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1528:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1528:21: throw: if ‘fido_blob_decode’ throws an exception...
libfido2-1.16.0/src/cbor.c:1528:21: danger: ‘name’ leaks here; was allocated at [(12)](sarif:/runs/0/results/70/codeFlows/0/threadFlows/0/locations/11)
# 1526|   		}
# 1527|   	} else if (!strcmp(name, "certInfo")) {
# 1528|-> 		if (fido_blob_decode(val, &attstmt->certinfo) < 0) {
# 1529|   			fido_log_debug("%s: certinfo", __func__);
# 1530|   			goto out;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def264]
libfido2-1.16.0/src/cbor.c:1529:25: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1491:1: enter_function: entry to ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: return_function: returning to ‘decode_attstmt_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1497:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1503:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1503:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1517:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1517:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1522:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1522:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1527:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1527:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1528:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1528:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/cbor.c:1529:25: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1529:25: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/cbor.c:1529:25: danger: ‘name’ leaks here; was allocated at [(12)](sarif:/runs/0/results/71/codeFlows/0/threadFlows/0/locations/11)
# 1527|   	} else if (!strcmp(name, "certInfo")) {
# 1528|   		if (fido_blob_decode(val, &attstmt->certinfo) < 0) {
# 1529|-> 			fido_log_debug("%s: certinfo", __func__);
# 1530|   			goto out;
# 1531|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def265]
libfido2-1.16.0/src/cbor.c:1533:21: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1491:1: enter_function: entry to ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: return_function: returning to ‘decode_attstmt_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1497:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1503:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1503:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1517:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1517:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1522:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1522:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1527:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1527:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1532:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1532:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1533:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1533:21: throw: if ‘fido_blob_decode’ throws an exception...
libfido2-1.16.0/src/cbor.c:1533:21: danger: ‘name’ leaks here; was allocated at [(12)](sarif:/runs/0/results/72/codeFlows/0/threadFlows/0/locations/11)
# 1531|   		}
# 1532|   	} else if (!strcmp(name, "pubArea")) {
# 1533|-> 		if (fido_blob_decode(val, &attstmt->pubarea) < 0) {
# 1534|   			fido_log_debug("%s: pubarea", __func__);
# 1535|   			goto out;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def266]
libfido2-1.16.0/src/cbor.c:1534:25: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1491:1: enter_function: entry to ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attstmt_entry’
libfido2-1.16.0/src/cbor.c:1497:13: return_function: returning to ‘decode_attstmt_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1497:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1503:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1503:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1517:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1517:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1522:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1522:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1527:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1527:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1532:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1532:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1533:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1533:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/cbor.c:1534:25: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1534:25: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/cbor.c:1534:25: danger: ‘name’ leaks here; was allocated at [(12)](sarif:/runs/0/results/73/codeFlows/0/threadFlows/0/locations/11)
# 1532|   	} else if (!strcmp(name, "pubArea")) {
# 1533|   		if (fido_blob_decode(val, &attstmt->pubarea) < 0) {
# 1534|-> 			fido_log_debug("%s: pubarea", __func__);
# 1535|   			goto out;
# 1536|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def267]
libfido2-1.16.0/src/cbor.c:1551:13: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1136:1: enter_function: entry to ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: return_function: returning to ‘decode_attobj’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1142:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1148:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1148:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1153:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1153:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1154:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1154:21: call_function: calling ‘cbor_decode_attstmt’ from ‘decode_attobj’
# 1549|   	size_t alloc_len;
# 1550|   
# 1551|-> 	if (cbor_isa_map(item) == false ||
# 1552|   	    cbor_map_is_definite(item) == false ||
# 1553|   	    cbor_map_iter(item, attstmt, decode_attstmt_entry) < 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def268]
libfido2-1.16.0/src/cbor.c:1552:13: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1136:1: enter_function: entry to ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: call_function: calling ‘cbor_string_copy’ from ‘decode_attobj’
libfido2-1.16.0/src/cbor.c:1142:13: return_function: returning to ‘decode_attobj’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1142:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1148:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1148:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1153:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1153:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1154:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1154:21: call_function: calling ‘cbor_decode_attstmt’ from ‘decode_attobj’
# 1550|   
# 1551|   	if (cbor_isa_map(item) == false ||
# 1552|-> 	    cbor_map_is_definite(item) == false ||
# 1553|   	    cbor_map_iter(item, attstmt, decode_attstmt_entry) < 0) {
# 1554|   		fido_log_debug("%s: cbor type", __func__);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def269]
libfido2-1.16.0/src/cbor.c:1595:21: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1582:1: enter_function: entry to ‘decode_cred_id_entry’
libfido2-1.16.0/src/cbor.c:1588:13: call_function: calling ‘cbor_string_copy’ from ‘decode_cred_id_entry’
libfido2-1.16.0/src/cbor.c:1588:13: return_function: returning to ‘decode_cred_id_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1588:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1594:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1594:12: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1595:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1595:21: throw: if ‘fido_blob_decode’ throws an exception...
libfido2-1.16.0/src/cbor.c:1595:21: danger: ‘name’ leaks here; was allocated at [(12)](sarif:/runs/0/results/76/codeFlows/0/threadFlows/0/locations/11)
# 1593|   
# 1594|   	if (!strcmp(name, "id"))
# 1595|-> 		if (fido_blob_decode(val, id) < 0) {
# 1596|   			fido_log_debug("%s: cbor_bytestring_copy", __func__);
# 1597|   			goto out;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def270]
libfido2-1.16.0/src/cbor.c:1596:25: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1582:1: enter_function: entry to ‘decode_cred_id_entry’
libfido2-1.16.0/src/cbor.c:1588:13: call_function: calling ‘cbor_string_copy’ from ‘decode_cred_id_entry’
libfido2-1.16.0/src/cbor.c:1588:13: return_function: returning to ‘decode_cred_id_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1588:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1594:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1594:12: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1595:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1595:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/cbor.c:1596:25: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1596:25: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/cbor.c:1596:25: danger: ‘name’ leaks here; was allocated at [(12)](sarif:/runs/0/results/77/codeFlows/0/threadFlows/0/locations/11)
# 1594|   	if (!strcmp(name, "id"))
# 1595|   		if (fido_blob_decode(val, id) < 0) {
# 1596|-> 			fido_log_debug("%s: cbor_bytestring_copy", __func__);
# 1597|   			goto out;
# 1598|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def271]
libfido2-1.16.0/src/cbor.c:1635:25: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1621:1: enter_function: entry to ‘decode_user_entry’
libfido2-1.16.0/src/cbor.c:1627:13: call_function: calling ‘cbor_string_copy’ from ‘decode_user_entry’
libfido2-1.16.0/src/cbor.c:1627:13: return_function: returning to ‘decode_user_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1627:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1633:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1633:12: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1634:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1634:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/cbor.c:1635:25: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1635:25: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/cbor.c:1635:25: danger: ‘name’ leaks here; was allocated at [(12)](sarif:/runs/0/results/78/codeFlows/0/threadFlows/0/locations/11)
# 1633|   	if (!strcmp(name, "icon")) {
# 1634|   		if (cbor_string_copy(val, &user->icon) < 0) {
# 1635|-> 			fido_log_debug("%s: icon", __func__);
# 1636|   			goto out;
# 1637|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def272]
libfido2-1.16.0/src/cbor.c:1640:25: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1621:1: enter_function: entry to ‘decode_user_entry’
libfido2-1.16.0/src/cbor.c:1627:13: call_function: calling ‘cbor_string_copy’ from ‘decode_user_entry’
libfido2-1.16.0/src/cbor.c:1627:13: return_function: returning to ‘decode_user_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1627:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1633:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1633:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1638:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1638:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1639:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1639:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/cbor.c:1640:25: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1640:25: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/cbor.c:1640:25: danger: ‘name’ leaks here; was allocated at [(12)](sarif:/runs/0/results/79/codeFlows/0/threadFlows/0/locations/11)
# 1638|   	} else if (!strcmp(name, "name")) {
# 1639|   		if (cbor_string_copy(val, &user->name) < 0) {
# 1640|-> 			fido_log_debug("%s: name", __func__);
# 1641|   			goto out;
# 1642|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def273]
libfido2-1.16.0/src/cbor.c:1645:25: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1621:1: enter_function: entry to ‘decode_user_entry’
libfido2-1.16.0/src/cbor.c:1627:13: call_function: calling ‘cbor_string_copy’ from ‘decode_user_entry’
libfido2-1.16.0/src/cbor.c:1627:13: return_function: returning to ‘decode_user_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1627:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1633:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1633:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1638:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1638:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1643:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1643:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1644:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1644:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/cbor.c:1645:25: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1645:25: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/cbor.c:1645:25: danger: ‘name’ leaks here; was allocated at [(12)](sarif:/runs/0/results/80/codeFlows/0/threadFlows/0/locations/11)
# 1643|   	} else if (!strcmp(name, "displayName")) {
# 1644|   		if (cbor_string_copy(val, &user->display_name) < 0) {
# 1645|-> 			fido_log_debug("%s: display_name", __func__);
# 1646|   			goto out;
# 1647|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def274]
libfido2-1.16.0/src/cbor.c:1649:21: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1621:1: enter_function: entry to ‘decode_user_entry’
libfido2-1.16.0/src/cbor.c:1627:13: call_function: calling ‘cbor_string_copy’ from ‘decode_user_entry’
libfido2-1.16.0/src/cbor.c:1627:13: return_function: returning to ‘decode_user_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1627:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1633:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1633:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1638:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1638:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1643:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1643:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1648:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1648:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1649:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1649:21: throw: if ‘fido_blob_decode’ throws an exception...
libfido2-1.16.0/src/cbor.c:1649:21: danger: ‘name’ leaks here; was allocated at [(12)](sarif:/runs/0/results/81/codeFlows/0/threadFlows/0/locations/11)
# 1647|   		}
# 1648|   	} else if (!strcmp(name, "id")) {
# 1649|-> 		if (fido_blob_decode(val, &user->id) < 0) {
# 1650|   			fido_log_debug("%s: id", __func__);
# 1651|   			goto out;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def275]
libfido2-1.16.0/src/cbor.c:1650:25: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1621:1: enter_function: entry to ‘decode_user_entry’
libfido2-1.16.0/src/cbor.c:1627:13: call_function: calling ‘cbor_string_copy’ from ‘decode_user_entry’
libfido2-1.16.0/src/cbor.c:1627:13: return_function: returning to ‘decode_user_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1627:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1633:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1633:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1638:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1638:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1643:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1643:19: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1648:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1648:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1649:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1649:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/cbor.c:1650:25: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1650:25: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/cbor.c:1650:25: danger: ‘name’ leaks here; was allocated at [(12)](sarif:/runs/0/results/82/codeFlows/0/threadFlows/0/locations/11)
# 1648|   	} else if (!strcmp(name, "id")) {
# 1649|   		if (fido_blob_decode(val, &user->id) < 0) {
# 1650|-> 			fido_log_debug("%s: id", __func__);
# 1651|   			goto out;
# 1652|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def276]
libfido2-1.16.0/src/cbor.c:1691:25: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1676:1: enter_function: entry to ‘decode_rp_entity_entry’
libfido2-1.16.0/src/cbor.c:1683:13: call_function: calling ‘cbor_string_copy’ from ‘decode_rp_entity_entry’
libfido2-1.16.0/src/cbor.c:1683:13: return_function: returning to ‘decode_rp_entity_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1683:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1689:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1689:12: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1690:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1690:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/cbor.c:1691:25: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1691:25: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/cbor.c:1691:25: danger: ‘name’ leaks here; was allocated at [(12)](sarif:/runs/0/results/83/codeFlows/0/threadFlows/0/locations/11)
# 1689|   	if (!strcmp(name, "id")) {
# 1690|   		if (cbor_string_copy(val, &rp->id) < 0) {
# 1691|-> 			fido_log_debug("%s: id", __func__);
# 1692|   			goto out;
# 1693|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def277]
libfido2-1.16.0/src/cbor.c:1696:25: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
libfido2-1.16.0/src/cbor.c:1676:1: enter_function: entry to ‘decode_rp_entity_entry’
libfido2-1.16.0/src/cbor.c:1683:13: call_function: calling ‘cbor_string_copy’ from ‘decode_rp_entity_entry’
libfido2-1.16.0/src/cbor.c:1683:13: return_function: returning to ‘decode_rp_entity_entry’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1683:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1689:14: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1689:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/src/cbor.c:1694:21: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1694:19: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1695:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1695:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/cbor.c:1696:25: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1696:25: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/cbor.c:1696:25: danger: ‘name’ leaks here; was allocated at [(12)](sarif:/runs/0/results/84/codeFlows/0/threadFlows/0/locations/11)
# 1694|   	} else if (!strcmp(name, "name")) {
# 1695|   		if (cbor_string_copy(val, &rp->name) < 0) {
# 1696|-> 			fido_log_debug("%s: name", __func__);
# 1697|   			goto out;
# 1698|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def278]
libfido2-1.16.0/src/cbor.c:1724:13: warning[-Wanalyzer-malloc-leak]: leak of ‘type’
libfido2-1.16.0/src/cbor.c:1194:1: enter_function: entry to ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: call_function: calling ‘cbor_string_copy’ from ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: return_function: returning to ‘decode_cred_extension’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1200:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1206:13: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1206:12: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1207:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1207:21: call_function: calling ‘cbor_decode_bool’ from ‘decode_cred_extension’
# 1722|   cbor_decode_bool(const cbor_item_t *item, bool *v)
# 1723|   {
# 1724|-> 	if (cbor_isa_float_ctrl(item) == false ||
# 1725|   	    cbor_float_get_width(item) != CBOR_FLOAT_0 ||
# 1726|   	    cbor_is_bool(item) == false) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def279]
libfido2-1.16.0/src/cbor.c:1725:13: warning[-Wanalyzer-malloc-leak]: leak of ‘type’
libfido2-1.16.0/src/cbor.c:1194:1: enter_function: entry to ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: call_function: calling ‘cbor_string_copy’ from ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: return_function: returning to ‘decode_cred_extension’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1200:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1206:13: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1206:12: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1207:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1207:21: call_function: calling ‘cbor_decode_bool’ from ‘decode_cred_extension’
# 1723|   {
# 1724|   	if (cbor_isa_float_ctrl(item) == false ||
# 1725|-> 	    cbor_float_get_width(item) != CBOR_FLOAT_0 ||
# 1726|   	    cbor_is_bool(item) == false) {
# 1727|   		fido_log_debug("%s: cbor type", __func__);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def280]
libfido2-1.16.0/src/cbor.c:1726:13: warning[-Wanalyzer-malloc-leak]: leak of ‘type’
libfido2-1.16.0/src/cbor.c:1194:1: enter_function: entry to ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: call_function: calling ‘cbor_string_copy’ from ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: return_function: returning to ‘decode_cred_extension’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1200:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1206:13: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1206:12: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1207:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1207:21: call_function: calling ‘cbor_decode_bool’ from ‘decode_cred_extension’
# 1724|   	if (cbor_isa_float_ctrl(item) == false ||
# 1725|   	    cbor_float_get_width(item) != CBOR_FLOAT_0 ||
# 1726|-> 	    cbor_is_bool(item) == false) {
# 1727|   		fido_log_debug("%s: cbor type", __func__);
# 1728|   		return (-1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def281]
libfido2-1.16.0/src/cbor.c:1727:17: warning[-Wanalyzer-malloc-leak]: leak of ‘type’
libfido2-1.16.0/src/cbor.c:1194:1: enter_function: entry to ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: call_function: calling ‘cbor_string_copy’ from ‘decode_cred_extension’
libfido2-1.16.0/src/cbor.c:1200:13: return_function: returning to ‘decode_cred_extension’ from ‘cbor_string_copy’
libfido2-1.16.0/src/cbor.c:1200:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/cbor.c:1206:13: branch_false: ...to here
libfido2-1.16.0/src/cbor.c:1206:12: branch_true: following ‘true’ branch (when the strings are equal)...
libfido2-1.16.0/src/cbor.c:1207:21: branch_true: ...to here
libfido2-1.16.0/src/cbor.c:1207:21: call_function: calling ‘cbor_decode_bool’ from ‘decode_cred_extension’
# 1725|   	    cbor_float_get_width(item) != CBOR_FLOAT_0 ||
# 1726|   	    cbor_is_bool(item) == false) {
# 1727|-> 		fido_log_debug("%s: cbor type", __func__);
# 1728|   		return (-1);
# 1729|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def282]
libfido2-1.16.0/src/config.c:77:26: warning[-Wanalyzer-malloc-leak]: leak of ‘hmac.ptr’
libfido2-1.16.0/src/config.c:188:1: enter_function: entry to ‘config_pin_minlen’
libfido2-1.16.0/src/config.c:193:18: call_function: calling ‘config_pin_minlen_tx’ from ‘config_pin_minlen’
#   75|   			goto fail;
#   76|   		}
#   77|-> 		if ((r = fido_do_ecdh(dev, &pk, &ecdh, ms)) != FIDO_OK) {
#   78|   			fido_log_debug("%s: fido_do_ecdh", __func__);
#   79|   			goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def283]
libfido2-1.16.0/src/config.c:78:25: warning[-Wanalyzer-malloc-leak]: leak of ‘hmac.ptr’
libfido2-1.16.0/src/config.c:188:1: enter_function: entry to ‘config_pin_minlen’
libfido2-1.16.0/src/config.c:193:18: call_function: calling ‘config_pin_minlen_tx’ from ‘config_pin_minlen’
#   76|   		}
#   77|   		if ((r = fido_do_ecdh(dev, &pk, &ecdh, ms)) != FIDO_OK) {
#   78|-> 			fido_log_debug("%s: fido_do_ecdh", __func__);
#   79|   			goto fail;
#   80|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def284]
libfido2-1.16.0/src/config.c:81:26: warning[-Wanalyzer-malloc-leak]: leak of ‘hmac.ptr’
libfido2-1.16.0/src/config.c:188:1: enter_function: entry to ‘config_pin_minlen’
libfido2-1.16.0/src/config.c:193:18: call_function: calling ‘config_pin_minlen_tx’ from ‘config_pin_minlen’
#   79|   			goto fail;
#   80|   		}
#   81|-> 		if ((r = cbor_add_uv_params(dev, cmd, &hmac, pk, ecdh, pin,
#   82|   		    NULL, &argv[3], &argv[2], ms)) != FIDO_OK) {
#   83|   			fido_log_debug("%s: cbor_add_uv_params", __func__);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def285]
libfido2-1.16.0/src/credman.c:224:23: warning[-Wanalyzer-malloc-leak]: leak of ‘msg’
libfido2-1.16.0/src/credman.c:219:20: acquire_memory: allocated here
libfido2-1.16.0/src/credman.c:219:12: branch_false: following ‘false’ branch (when ‘msg’ is non-NULL)...
libfido2-1.16.0/src/credman.c:224:23: branch_false: ...to here
libfido2-1.16.0/src/credman.c:224:23: throw: if ‘fido_rx’ throws an exception...
libfido2-1.16.0/src/credman.c:224:23: danger: ‘msg’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  222|   	}
#  223|   
#  224|-> 	if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) {
#  225|   		fido_log_debug("%s: fido_rx", __func__);
#  226|   		r = FIDO_ERR_RX;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def286]
libfido2-1.16.0/src/credman.c:358:23: warning[-Wanalyzer-malloc-leak]: leak of ‘msg’
libfido2-1.16.0/src/credman.c:353:20: acquire_memory: allocated here
libfido2-1.16.0/src/credman.c:353:12: branch_false: following ‘false’ branch (when ‘msg’ is non-NULL)...
libfido2-1.16.0/src/credman.c:358:23: branch_false: ...to here
libfido2-1.16.0/src/credman.c:358:23: throw: if ‘fido_rx’ throws an exception...
libfido2-1.16.0/src/credman.c:358:23: danger: ‘msg’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  356|   	}
#  357|   
#  358|-> 	if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) {
#  359|   		fido_log_debug("%s: fido_rx", __func__);
#  360|   		r = FIDO_ERR_RX;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def287]
libfido2-1.16.0/src/credman.c:404:23: warning[-Wanalyzer-malloc-leak]: leak of ‘msg’
libfido2-1.16.0/src/credman.c:399:20: acquire_memory: allocated here
libfido2-1.16.0/src/credman.c:399:12: branch_false: following ‘false’ branch (when ‘msg’ is non-NULL)...
libfido2-1.16.0/src/credman.c:404:23: branch_false: ...to here
libfido2-1.16.0/src/credman.c:404:23: throw: if ‘fido_rx’ throws an exception...
libfido2-1.16.0/src/credman.c:404:23: danger: ‘msg’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#  402|   	}
#  403|   
#  404|-> 	if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) {
#  405|   		fido_log_debug("%s: fido_rx", __func__);
#  406|   		r = FIDO_ERR_RX;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def288]
libfido2-1.16.0/src/credman.c:586:23: warning[-Wanalyzer-malloc-leak]: leak of ‘msg’
libfido2-1.16.0/src/credman.c:581:20: acquire_memory: allocated here
libfido2-1.16.0/src/credman.c:581:12: branch_false: following ‘false’ branch (when ‘msg’ is non-NULL)...
libfido2-1.16.0/src/credman.c:586:23: branch_false: ...to here
libfido2-1.16.0/src/credman.c:586:23: throw: if ‘fido_rx’ throws an exception...
libfido2-1.16.0/src/credman.c:586:23: danger: ‘msg’ leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
#  584|   	}
#  585|   
#  586|-> 	if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) {
#  587|   		fido_log_debug("%s: fido_rx", __func__);
#  588|   		r = FIDO_ERR_RX;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def289]
libfido2-1.16.0/src/credman.c:632:23: warning[-Wanalyzer-malloc-leak]: leak of ‘msg’
libfido2-1.16.0/src/credman.c:627:20: acquire_memory: allocated here
libfido2-1.16.0/src/credman.c:627:12: branch_false: following ‘false’ branch (when ‘msg’ is non-NULL)...
libfido2-1.16.0/src/credman.c:632:23: branch_false: ...to here
libfido2-1.16.0/src/credman.c:632:23: throw: if ‘fido_rx’ throws an exception...
libfido2-1.16.0/src/credman.c:632:23: danger: ‘msg’ leaks here; was allocated at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
#  630|   	}
#  631|   
#  632|-> 	if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) {
#  633|   		fido_log_debug("%s: fido_rx", __func__);
#  634|   		r = FIDO_ERR_RX;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def290]
libfido2-1.16.0/src/dev.c:461:17: warning[-Wanalyzer-malloc-leak]: leak of ‘dev’
libfido2-1.16.0/src/dev.c:442:20: acquire_memory: allocated here
libfido2-1.16.0/src/dev.c:442:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/dev.c:454:9: branch_false: ...to here
libfido2-1.16.0/src/dev.c:460:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/dev.c:461:17: branch_true: ...to here
libfido2-1.16.0/src/dev.c:461:17: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/dev.c:461:17: danger: ‘dev’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  459|   
#  460|   	if ((dev->path = strdup(di->path)) == NULL) {
#  461|-> 		fido_log_debug("%s: strdup", __func__);
#  462|   		fido_dev_free(&dev);
#  463|   		return (NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def291]
libfido2-1.16.0/src/hid_linux.c:36:17: warning[-Wanalyzer-malloc-leak]: leak of ‘ctx’
libfido2-1.16.0/src/hid_linux.c:258:1: enter_function: entry to ‘fido_hid_open’
libfido2-1.16.0/src/hid_linux.c:269:20: acquire_memory: allocated here
libfido2-1.16.0/src/hid_linux.c:269:12: branch_false: following ‘false’ branch (when ‘ctx’ is non-NULL)...
libfido2-1.16.0/src/hid_linux.c:270:24: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:269:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/hid_linux.c:269:13: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:297:12: branch_false: following ‘false’ branch (when ‘looped == 0’)...
libfido2-1.16.0/src/hid_linux.c:303:20: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:303:12: branch_false: following ‘false’ branch (when ‘hrd’ is non-NULL)...
libfido2-1.16.0/src/hid_linux.c:304:13: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:304:13: call_function: calling ‘get_report_descriptor’ from ‘fido_hid_open’
#   34|   
#   35|   	if (ioctl(fd, IOCTL_REQ(HIDIOCGRDESCSIZE), &s) == -1) {
#   36|-> 		fido_log_error(errno, "%s: ioctl HIDIOCGRDESCSIZE", __func__);
#   37|   		return (-1);
#   38|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def292]
libfido2-1.16.0/src/hid_linux.c:36:17: warning[-Wanalyzer-malloc-leak]: leak of ‘hrd’
libfido2-1.16.0/src/hid_linux.c:258:1: enter_function: entry to ‘fido_hid_open’
libfido2-1.16.0/src/hid_linux.c:269:12: branch_false: following ‘false’ branch (when ‘ctx’ is non-NULL)...
libfido2-1.16.0/src/hid_linux.c:270:24: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:269:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/hid_linux.c:269:13: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:297:12: branch_false: following ‘false’ branch (when ‘looped == 0’)...
libfido2-1.16.0/src/hid_linux.c:303:20: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:303:20: acquire_memory: allocated here
libfido2-1.16.0/src/hid_linux.c:303:12: branch_false: following ‘false’ branch (when ‘hrd’ is non-NULL)...
libfido2-1.16.0/src/hid_linux.c:304:13: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:304:13: call_function: calling ‘get_report_descriptor’ from ‘fido_hid_open’
#   34|   
#   35|   	if (ioctl(fd, IOCTL_REQ(HIDIOCGRDESCSIZE), &s) == -1) {
#   36|-> 		fido_log_error(errno, "%s: ioctl HIDIOCGRDESCSIZE", __func__);
#   37|   		return (-1);
#   38|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def293]
libfido2-1.16.0/src/hid_linux.c:41:17: warning[-Wanalyzer-malloc-leak]: leak of ‘ctx’
libfido2-1.16.0/src/hid_linux.c:258:1: enter_function: entry to ‘fido_hid_open’
libfido2-1.16.0/src/hid_linux.c:269:20: acquire_memory: allocated here
libfido2-1.16.0/src/hid_linux.c:269:12: branch_false: following ‘false’ branch (when ‘ctx’ is non-NULL)...
libfido2-1.16.0/src/hid_linux.c:270:24: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:269:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/hid_linux.c:269:13: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:297:12: branch_false: following ‘false’ branch (when ‘looped == 0’)...
libfido2-1.16.0/src/hid_linux.c:303:20: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:303:12: branch_false: following ‘false’ branch (when ‘hrd’ is non-NULL)...
libfido2-1.16.0/src/hid_linux.c:304:13: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:304:13: call_function: calling ‘get_report_descriptor’ from ‘fido_hid_open’
#   39|   
#   40|   	if (s < 0 || (unsigned)s > HID_MAX_DESCRIPTOR_SIZE) {
#   41|-> 		fido_log_debug("%s: HIDIOCGRDESCSIZE %d", __func__, s);
#   42|   		return (-1);
#   43|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def294]
libfido2-1.16.0/src/hid_linux.c:41:17: warning[-Wanalyzer-malloc-leak]: leak of ‘hrd’
libfido2-1.16.0/src/hid_linux.c:258:1: enter_function: entry to ‘fido_hid_open’
libfido2-1.16.0/src/hid_linux.c:269:12: branch_false: following ‘false’ branch (when ‘ctx’ is non-NULL)...
libfido2-1.16.0/src/hid_linux.c:270:24: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:269:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/hid_linux.c:269:13: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:297:12: branch_false: following ‘false’ branch (when ‘looped == 0’)...
libfido2-1.16.0/src/hid_linux.c:303:20: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:303:20: acquire_memory: allocated here
libfido2-1.16.0/src/hid_linux.c:303:12: branch_false: following ‘false’ branch (when ‘hrd’ is non-NULL)...
libfido2-1.16.0/src/hid_linux.c:304:13: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:304:13: call_function: calling ‘get_report_descriptor’ from ‘fido_hid_open’
#   39|   
#   40|   	if (s < 0 || (unsigned)s > HID_MAX_DESCRIPTOR_SIZE) {
#   41|-> 		fido_log_debug("%s: HIDIOCGRDESCSIZE %d", __func__, s);
#   42|   		return (-1);
#   43|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def295]
libfido2-1.16.0/src/hid_linux.c:48:17: warning[-Wanalyzer-malloc-leak]: leak of ‘ctx’
libfido2-1.16.0/src/hid_linux.c:258:1: enter_function: entry to ‘fido_hid_open’
libfido2-1.16.0/src/hid_linux.c:269:20: acquire_memory: allocated here
libfido2-1.16.0/src/hid_linux.c:269:12: branch_false: following ‘false’ branch (when ‘ctx’ is non-NULL)...
libfido2-1.16.0/src/hid_linux.c:270:24: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:269:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/hid_linux.c:269:13: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:297:12: branch_false: following ‘false’ branch (when ‘looped == 0’)...
libfido2-1.16.0/src/hid_linux.c:303:20: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:303:12: branch_false: following ‘false’ branch (when ‘hrd’ is non-NULL)...
libfido2-1.16.0/src/hid_linux.c:304:13: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:304:13: call_function: calling ‘get_report_descriptor’ from ‘fido_hid_open’
#   46|   
#   47|   	if (ioctl(fd, IOCTL_REQ(HIDIOCGRDESC), hrd) == -1) {
#   48|-> 		fido_log_error(errno, "%s: ioctl HIDIOCGRDESC", __func__);
#   49|   		return (-1);
#   50|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def296]
libfido2-1.16.0/src/hid_linux.c:63:19: warning[-Wanalyzer-malloc-leak]: leak of ‘hrd’
libfido2-1.16.0/src/hid_linux.c:138:1: enter_function: entry to ‘copy_info’
libfido2-1.16.0/src/hid_linux.c:151:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/hid_linux.c:152:20: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:151:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/hid_linux.c:153:21: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:151:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/hid_linux.c:154:13: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:154:13: call_function: calling ‘is_fido’ from ‘copy_info’
#   61|   
#   62|   	if ((hrd = calloc(1, sizeof(*hrd))) == NULL ||
#   63|-> 	    (fd = fido_hid_unix_open(path)) == -1)
#   64|   		goto out;
#   65|   	if (get_report_descriptor(fd, hrd) < 0 ||

Error: GCC_ANALYZER_WARNING (CWE-401): [#def297]
libfido2-1.16.0/src/hid_linux.c:270:24: warning[-Wanalyzer-malloc-leak]: leak of ‘ctx’
libfido2-1.16.0/src/hid_linux.c:269:20: acquire_memory: allocated here
libfido2-1.16.0/src/hid_linux.c:269:12: branch_false: following ‘false’ branch (when ‘ctx’ is non-NULL)...
libfido2-1.16.0/src/hid_linux.c:270:24: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:270:24: throw: if ‘fido_hid_unix_open’ throws an exception...
libfido2-1.16.0/src/hid_linux.c:270:24: danger: ‘ctx’ leaks here; was allocated at [(1)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/0)
#  268|   
#  269|   	if ((ctx = calloc(1, sizeof(*ctx))) == NULL ||
#  270|-> 	    (ctx->fd = fido_hid_unix_open(path)) == -1) {
#  271|   		free(ctx);
#  272|   		return (NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def298]
libfido2-1.16.0/src/hid_linux.c:277:25: warning[-Wanalyzer-malloc-leak]: leak of ‘ctx’
libfido2-1.16.0/src/hid_linux.c:269:20: acquire_memory: allocated here
libfido2-1.16.0/src/hid_linux.c:269:12: branch_false: following ‘false’ branch (when ‘ctx’ is non-NULL)...
libfido2-1.16.0/src/hid_linux.c:270:24: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:269:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/hid_linux.c:269:13: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:275:16: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/hid_linux.c:276:21: branch_true: ...to here
libfido2-1.16.0/src/hid_linux.c:277:25: throw: if ‘fido_log_error’ throws an exception...
libfido2-1.16.0/src/hid_linux.c:277:25: danger: ‘ctx’ leaks here; was allocated at [(1)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/0)
#  275|   	while (flock(ctx->fd, LOCK_EX|LOCK_NB) == -1) {
#  276|   		if (errno != EWOULDBLOCK) {
#  277|-> 			fido_log_error(errno, "%s: flock", __func__);
#  278|   			fido_hid_close(ctx);
#  279|   			return (NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def299]
libfido2-1.16.0/src/hid_linux.c:283:25: warning[-Wanalyzer-malloc-leak]: leak of ‘ctx’
libfido2-1.16.0/src/hid_linux.c:269:20: acquire_memory: allocated here
libfido2-1.16.0/src/hid_linux.c:269:12: branch_false: following ‘false’ branch (when ‘ctx’ is non-NULL)...
libfido2-1.16.0/src/hid_linux.c:270:24: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:269:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/hid_linux.c:269:13: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:275:16: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/hid_linux.c:276:21: branch_true: ...to here
libfido2-1.16.0/src/hid_linux.c:276:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/hid_linux.c:282:21: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:282:20: branch_false: following ‘false’ branch (when ‘retries <= 19’)...
libfido2-1.16.0/src/hid_linux.c:287:17: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:290:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/hid_linux.c:290:20: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:276:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/hid_linux.c:282:21: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:290:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/hid_linux.c:290:20: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:276:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/hid_linux.c:282:21: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:283:25: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/hid_linux.c:283:25: danger: ‘ctx’ leaks here; was allocated at [(1)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/0)
#  281|   		looped = true;
#  282|   		if (retries++ >= 20) {
#  283|-> 			fido_log_debug("%s: flock timeout", __func__);
#  284|   			fido_hid_close(ctx);
#  285|   			return (NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def300]
libfido2-1.16.0/src/hid_linux.c:290:21: warning[-Wanalyzer-malloc-leak]: leak of ‘ctx’
libfido2-1.16.0/src/hid_linux.c:269:20: acquire_memory: allocated here
libfido2-1.16.0/src/hid_linux.c:269:12: branch_false: following ‘false’ branch (when ‘ctx’ is non-NULL)...
libfido2-1.16.0/src/hid_linux.c:270:24: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:269:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/hid_linux.c:269:13: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:275:16: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/hid_linux.c:276:21: branch_true: ...to here
libfido2-1.16.0/src/hid_linux.c:276:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/hid_linux.c:282:21: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:282:20: branch_false: following ‘false’ branch (when ‘retries <= 19’)...
libfido2-1.16.0/src/hid_linux.c:287:17: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:290:21: throw: if ‘nanosleep’ throws an exception...
libfido2-1.16.0/src/hid_linux.c:290:21: danger: ‘ctx’ leaks here; was allocated at [(1)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/0)
#  288|   		tv_pause.tv_sec = interval_ms / 1000000000L;
#  289|   		tv_pause.tv_nsec = interval_ms % 1000000000L;
#  290|-> 		if (nanosleep(&tv_pause, NULL) == -1) {
#  291|   			fido_log_error(errno, "%s: nanosleep", __func__);
#  292|   			fido_hid_close(ctx);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def301]
libfido2-1.16.0/src/hid_linux.c:291:25: warning[-Wanalyzer-malloc-leak]: leak of ‘ctx’
libfido2-1.16.0/src/hid_linux.c:269:20: acquire_memory: allocated here
libfido2-1.16.0/src/hid_linux.c:269:12: branch_false: following ‘false’ branch (when ‘ctx’ is non-NULL)...
libfido2-1.16.0/src/hid_linux.c:270:24: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:269:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/hid_linux.c:269:13: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:275:16: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/hid_linux.c:276:21: branch_true: ...to here
libfido2-1.16.0/src/hid_linux.c:276:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/hid_linux.c:282:21: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:282:20: branch_false: following ‘false’ branch (when ‘retries <= 19’)...
libfido2-1.16.0/src/hid_linux.c:287:17: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:291:25: throw: if ‘fido_log_error’ throws an exception...
libfido2-1.16.0/src/hid_linux.c:291:25: danger: ‘ctx’ leaks here; was allocated at [(1)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/0)
#  289|   		tv_pause.tv_nsec = interval_ms % 1000000000L;
#  290|   		if (nanosleep(&tv_pause, NULL) == -1) {
#  291|-> 			fido_log_error(errno, "%s: nanosleep", __func__);
#  292|   			fido_hid_close(ctx);
#  293|   			return (NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def302]
libfido2-1.16.0/src/hid_linux.c:298:17: warning[-Wanalyzer-malloc-leak]: leak of ‘ctx’
libfido2-1.16.0/src/hid_linux.c:269:20: acquire_memory: allocated here
libfido2-1.16.0/src/hid_linux.c:269:12: branch_false: following ‘false’ branch (when ‘ctx’ is non-NULL)...
libfido2-1.16.0/src/hid_linux.c:270:24: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:269:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/hid_linux.c:269:13: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:275:16: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/hid_linux.c:276:21: branch_true: ...to here
libfido2-1.16.0/src/hid_linux.c:276:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/hid_linux.c:282:21: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:282:20: branch_false: following ‘false’ branch (when ‘retries <= 19’)...
libfido2-1.16.0/src/hid_linux.c:287:17: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:290:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/hid_linux.c:290:20: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:297:12: branch_true: following ‘true’ branch (when ‘looped != 0’)...
libfido2-1.16.0/src/hid_linux.c:298:17: branch_true: ...to here
libfido2-1.16.0/src/hid_linux.c:298:17: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/hid_linux.c:298:17: danger: ‘ctx’ leaks here; was allocated at [(1)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/0)
#  296|   
#  297|   	if (looped) {
#  298|-> 		fido_log_debug("%s: retrying", __func__);
#  299|   		fido_hid_close(ctx);
#  300|   		goto retry;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def303]
libfido2-1.16.0/src/hid_linux.c:305:13: warning[-Wanalyzer-malloc-leak]: leak of ‘ctx’
libfido2-1.16.0/src/hid_linux.c:258:1: enter_function: entry to ‘fido_hid_open’
libfido2-1.16.0/src/hid_linux.c:269:20: acquire_memory: allocated here
libfido2-1.16.0/src/hid_linux.c:269:12: branch_false: following ‘false’ branch (when ‘ctx’ is non-NULL)...
libfido2-1.16.0/src/hid_linux.c:270:24: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:269:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/hid_linux.c:269:13: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:297:12: branch_false: following ‘false’ branch (when ‘looped == 0’)...
libfido2-1.16.0/src/hid_linux.c:303:20: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:303:12: branch_false: following ‘false’ branch (when ‘hrd’ is non-NULL)...
libfido2-1.16.0/src/hid_linux.c:304:13: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:304:13: call_function: calling ‘get_report_descriptor’ from ‘fido_hid_open’
libfido2-1.16.0/src/hid_linux.c:304:13: return_function: returning to ‘fido_hid_open’ from ‘get_report_descriptor’
libfido2-1.16.0/src/hid_linux.c:303:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/hid_linux.c:305:13: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:305:13: throw: if ‘fido_hid_get_report_len’ throws an exception...
libfido2-1.16.0/src/hid_linux.c:305:13: danger: ‘ctx’ leaks here; was allocated at [(2)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/1)
#  303|   	if ((hrd = calloc(1, sizeof(*hrd))) == NULL ||
#  304|   	    get_report_descriptor(ctx->fd, hrd) < 0 ||
#  305|-> 	    fido_hid_get_report_len(hrd->value, hrd->size, &ctx->report_in_len,
#  306|   	    &ctx->report_out_len) < 0 || ctx->report_in_len == 0 ||
#  307|   	    ctx->report_out_len == 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def304]
libfido2-1.16.0/src/hid_linux.c:308:17: warning[-Wanalyzer-malloc-leak]: leak of ‘ctx’
libfido2-1.16.0/src/hid_linux.c:269:20: acquire_memory: allocated here
libfido2-1.16.0/src/hid_linux.c:269:12: branch_false: following ‘false’ branch (when ‘ctx’ is non-NULL)...
libfido2-1.16.0/src/hid_linux.c:270:24: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:269:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/hid_linux.c:269:13: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:297:12: branch_false: following ‘false’ branch (when ‘looped == 0’)...
libfido2-1.16.0/src/hid_linux.c:303:20: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:303:12: branch_true: following ‘true’ branch (when ‘hrd’ is NULL)...
libfido2-1.16.0/src/hid_linux.c:308:17: branch_true: ...to here
libfido2-1.16.0/src/hid_linux.c:308:17: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/hid_linux.c:308:17: danger: ‘ctx’ leaks here; was allocated at [(1)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/0)
#  306|   	    &ctx->report_out_len) < 0 || ctx->report_in_len == 0 ||
#  307|   	    ctx->report_out_len == 0) {
#  308|-> 		fido_log_debug("%s: using default report sizes", __func__);
#  309|   		ctx->report_in_len = CTAP_MAX_REPORT_LEN;
#  310|   		ctx->report_out_len = CTAP_MAX_REPORT_LEN;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def305]
libfido2-1.16.0/src/hid_linux.c:308:17: warning[-Wanalyzer-malloc-leak]: leak of ‘hrd’
libfido2-1.16.0/src/hid_linux.c:269:12: branch_false: following ‘false’ branch (when ‘ctx’ is non-NULL)...
libfido2-1.16.0/src/hid_linux.c:270:24: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:269:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/hid_linux.c:269:13: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:297:12: branch_false: following ‘false’ branch (when ‘looped == 0’)...
libfido2-1.16.0/src/hid_linux.c:303:20: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:303:20: acquire_memory: allocated here
libfido2-1.16.0/src/hid_linux.c:303:12: branch_false: following ‘false’ branch (when ‘hrd’ is non-NULL)...
libfido2-1.16.0/src/hid_linux.c:304:13: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:303:13: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/hid_linux.c:308:17: branch_true: ...to here
libfido2-1.16.0/src/hid_linux.c:308:17: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/hid_linux.c:308:17: danger: ‘hrd’ leaks here; was allocated at [(7)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/6)
#  306|   	    &ctx->report_out_len) < 0 || ctx->report_in_len == 0 ||
#  307|   	    ctx->report_out_len == 0) {
#  308|-> 		fido_log_debug("%s: using default report sizes", __func__);
#  309|   		ctx->report_in_len = CTAP_MAX_REPORT_LEN;
#  310|   		ctx->report_out_len = CTAP_MAX_REPORT_LEN;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def306]
libfido2-1.16.0/src/hid_linux.c:323:13: warning[-Wanalyzer-malloc-leak]: leak of ‘ctx’
libfido2-1.16.0/src/hid_linux.c:258:1: enter_function: entry to ‘fido_hid_open’
libfido2-1.16.0/src/hid_linux.c:269:20: acquire_memory: allocated here
libfido2-1.16.0/src/hid_linux.c:269:12: branch_false: following ‘false’ branch (when ‘ctx’ is non-NULL)...
libfido2-1.16.0/src/hid_linux.c:270:24: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:269:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/hid_linux.c:269:13: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:275:16: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/hid_linux.c:276:21: branch_true: ...to here
libfido2-1.16.0/src/hid_linux.c:278:25: call_function: calling ‘fido_hid_close’ from ‘fido_hid_open’
#  321|   	struct hid_linux *ctx = handle;
#  322|   
#  323|-> 	if (close(ctx->fd) == -1)
#  324|   		fido_log_error(errno, "%s: close", __func__);
#  325|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def307]
libfido2-1.16.0/src/hid_linux.c:324:17: warning[-Wanalyzer-malloc-leak]: leak of ‘ctx’
libfido2-1.16.0/src/hid_linux.c:258:1: enter_function: entry to ‘fido_hid_open’
libfido2-1.16.0/src/hid_linux.c:269:20: acquire_memory: allocated here
libfido2-1.16.0/src/hid_linux.c:269:12: branch_false: following ‘false’ branch (when ‘ctx’ is non-NULL)...
libfido2-1.16.0/src/hid_linux.c:270:24: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:269:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/hid_linux.c:269:13: branch_false: ...to here
libfido2-1.16.0/src/hid_linux.c:275:16: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/hid_linux.c:276:21: branch_true: ...to here
libfido2-1.16.0/src/hid_linux.c:278:25: call_function: calling ‘fido_hid_close’ from ‘fido_hid_open’
#  322|   
#  323|   	if (close(ctx->fd) == -1)
#  324|-> 		fido_log_error(errno, "%s: close", __func__);
#  325|   
#  326|   	free(ctx);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def308]
libfido2-1.16.0/src/info.c:378:23: warning[-Wanalyzer-malloc-leak]: leak of ‘msg’
libfido2-1.16.0/src/info.c:373:20: acquire_memory: allocated here
libfido2-1.16.0/src/info.c:373:12: branch_false: following ‘false’ branch (when ‘msg’ is non-NULL)...
libfido2-1.16.0/src/info.c:378:23: branch_false: ...to here
libfido2-1.16.0/src/info.c:378:23: throw: if ‘fido_rx’ throws an exception...
libfido2-1.16.0/src/info.c:378:23: danger: ‘msg’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  376|   	}
#  377|   
#  378|-> 	if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) {
#  379|   		fido_log_debug("%s: fido_rx", __func__);
#  380|   		r = FIDO_ERR_RX;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def309]
libfido2-1.16.0/src/info.c:435:9: warning[-Wanalyzer-malloc-leak]: leak of ‘ci’
libfido2-1.16.0/src/info.c:420:1: enter_function: entry to ‘fido_cbor_info_new’
libfido2-1.16.0/src/info.c:424:19: acquire_memory: allocated here
libfido2-1.16.0/src/info.c:424:12: branch_false: following ‘false’ branch (when ‘ci’ is non-NULL)...
libfido2-1.16.0/src/info.c:427:9: branch_false: ...to here
libfido2-1.16.0/src/info.c:427:9: call_function: calling ‘fido_cbor_info_reset’ from ‘fido_cbor_info_new’
#  433|   fido_cbor_info_reset(fido_cbor_info_t *ci)
#  434|   {
#  435|-> 	fido_str_array_free(&ci->versions);
#  436|   	fido_str_array_free(&ci->extensions);
#  437|   	fido_str_array_free(&ci->transports);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def310]
libfido2-1.16.0/src/io.c:188:13: warning[-Wanalyzer-malloc-leak]: leak of ‘msg’
libfido2-1.16.0/src/io.c:333:1: enter_function: entry to ‘fido_rx_cbor_status’
libfido2-1.16.0/src/io.c:339:20: acquire_memory: allocated here
libfido2-1.16.0/src/io.c:339:12: branch_false: following ‘false’ branch (when ‘msg’ is non-NULL)...
libfido2-1.16.0/src/io.c:344:23: branch_false: ...to here
libfido2-1.16.0/src/io.c:344:23: call_function: calling ‘fido_rx’ from ‘fido_rx_cbor_status’
#  186|   	memset(fp, 0, sizeof(*fp));
#  187|   
#  188|-> 	if (fido_time_now(&ts) != 0)
#  189|   		return (-1);
#  190|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def311]
libfido2-1.16.0/src/io.c:191:45: warning[-Wanalyzer-malloc-leak]: leak of ‘msg’
libfido2-1.16.0/src/io.c:333:1: enter_function: entry to ‘fido_rx_cbor_status’
libfido2-1.16.0/src/io.c:339:20: acquire_memory: allocated here
libfido2-1.16.0/src/io.c:339:12: branch_false: following ‘false’ branch (when ‘msg’ is non-NULL)...
libfido2-1.16.0/src/io.c:344:23: branch_false: ...to here
libfido2-1.16.0/src/io.c:344:23: call_function: calling ‘fido_rx’ from ‘fido_rx_cbor_status’
#  189|   		return (-1);
#  190|   
#  191|-> 	if (d->rx_len > sizeof(*fp) || (n = d->io.read(d->io_handle,
#  192|   	    (unsigned char *)fp, d->rx_len, *ms)) < 0 || (size_t)n != d->rx_len)
#  193|   		return (-1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def312]
libfido2-1.16.0/src/io.c:195:16: warning[-Wanalyzer-malloc-leak]: leak of ‘msg’
libfido2-1.16.0/src/io.c:333:1: enter_function: entry to ‘fido_rx_cbor_status’
libfido2-1.16.0/src/io.c:339:20: acquire_memory: allocated here
libfido2-1.16.0/src/io.c:339:12: branch_false: following ‘false’ branch (when ‘msg’ is non-NULL)...
libfido2-1.16.0/src/io.c:344:23: branch_false: ...to here
libfido2-1.16.0/src/io.c:344:23: call_function: calling ‘fido_rx’ from ‘fido_rx_cbor_status’
#  193|   		return (-1);
#  194|   
#  195|-> 	return (fido_time_delta(&ts, ms));
#  196|   }
#  197|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def313]
libfido2-1.16.0/src/io.c:301:13: warning[-Wanalyzer-malloc-leak]: leak of ‘msg’
libfido2-1.16.0/src/io.c:333:1: enter_function: entry to ‘fido_rx_cbor_status’
libfido2-1.16.0/src/io.c:339:20: acquire_memory: allocated here
libfido2-1.16.0/src/io.c:339:12: branch_false: following ‘false’ branch (when ‘msg’ is non-NULL)...
libfido2-1.16.0/src/io.c:344:23: branch_false: ...to here
libfido2-1.16.0/src/io.c:344:23: call_function: calling ‘fido_rx’ from ‘fido_rx_cbor_status’
#  299|   	int n;
#  300|   
#  301|-> 	if (fido_time_now(&ts) != 0)
#  302|   		return (-1);
#  303|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def314]
libfido2-1.16.0/src/io.c:304:13: warning[-Wanalyzer-malloc-leak]: leak of ‘msg’
libfido2-1.16.0/src/io.c:333:1: enter_function: entry to ‘fido_rx_cbor_status’
libfido2-1.16.0/src/io.c:339:20: acquire_memory: allocated here
libfido2-1.16.0/src/io.c:339:12: branch_false: following ‘false’ branch (when ‘msg’ is non-NULL)...
libfido2-1.16.0/src/io.c:344:23: branch_false: ...to here
libfido2-1.16.0/src/io.c:344:23: call_function: calling ‘fido_rx’ from ‘fido_rx_cbor_status’
#  302|   		return (-1);
#  303|   
#  304|-> 	n = d->transport.rx(d, cmd, buf, count, *ms);
#  305|   
#  306|   	if (fido_time_delta(&ts, ms) != 0)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def315]
libfido2-1.16.0/src/io.c:317:9: warning[-Wanalyzer-malloc-leak]: leak of ‘msg’
libfido2-1.16.0/src/io.c:333:1: enter_function: entry to ‘fido_rx_cbor_status’
libfido2-1.16.0/src/io.c:339:20: acquire_memory: allocated here
libfido2-1.16.0/src/io.c:339:12: branch_false: following ‘false’ branch (when ‘msg’ is non-NULL)...
libfido2-1.16.0/src/io.c:344:23: branch_false: ...to here
libfido2-1.16.0/src/io.c:344:23: call_function: calling ‘fido_rx’ from ‘fido_rx_cbor_status’
#  315|   	int n;
#  316|   
#  317|-> 	fido_log_debug("%s: dev=%p, cmd=0x%02x, ms=%d", __func__, (void *)d,
#  318|   	    cmd, *ms);
#  319|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def316]
libfido2-1.16.0/src/io.c:323:17: warning[-Wanalyzer-malloc-leak]: leak of ‘msg’
libfido2-1.16.0/src/io.c:333:1: enter_function: entry to ‘fido_rx_cbor_status’
libfido2-1.16.0/src/io.c:339:20: acquire_memory: allocated here
libfido2-1.16.0/src/io.c:339:12: branch_false: following ‘false’ branch (when ‘msg’ is non-NULL)...
libfido2-1.16.0/src/io.c:344:23: branch_false: ...to here
libfido2-1.16.0/src/io.c:344:23: call_function: calling ‘fido_rx’ from ‘fido_rx_cbor_status’
#  321|   		return (transport_rx(d, cmd, buf, count, ms));
#  322|   	if (d->io_handle == NULL || d->io.read == NULL || count > UINT16_MAX) {
#  323|-> 		fido_log_debug("%s: invalid argument", __func__);
#  324|   		return (-1);
#  325|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def317]
libfido2-1.16.0/src/largeblob.c:61:16: warning[-Wanalyzer-malloc-leak]: leak of ‘blob’
libfido2-1.16.0/src/largeblob.c:332:1: enter_function: entry to ‘largeblob_encode’
libfido2-1.16.0/src/largeblob.c:338:21: call_function: inlined call to ‘largeblob_new’ from ‘largeblob_encode’
libfido2-1.16.0/src/largeblob.c:338:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/largeblob.c:339:13: branch_false: ...to here
libfido2-1.16.0/src/largeblob.c:339:13: call_function: calling ‘largeblob_seal’ from ‘largeblob_encode’
#   59|   	memcpy(&buf[4], &size, sizeof(uint64_t));
#   60|   
#   61|-> 	return fido_blob_set(aad, buf, sizeof(buf));
#   62|   }
#   63|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def318]
libfido2-1.16.0/src/largeblob.c:124:26: warning[-Wanalyzer-malloc-leak]: leak of ‘blob’
libfido2-1.16.0/src/largeblob.c:332:1: enter_function: entry to ‘largeblob_encode’
libfido2-1.16.0/src/largeblob.c:338:21: call_function: inlined call to ‘largeblob_new’ from ‘largeblob_encode’
libfido2-1.16.0/src/largeblob.c:338:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/largeblob.c:339:13: branch_false: ...to here
libfido2-1.16.0/src/largeblob.c:339:13: call_function: calling ‘largeblob_seal’ from ‘largeblob_encode’
#  122|   	int ok = -1;
#  123|   
#  124|-> 	if ((plaintext = fido_blob_new()) == NULL ||
#  125|   	    (aad = fido_blob_new()) == NULL) {
#  126|   		fido_log_debug("%s: fido_blob_new", __func__);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def319]
libfido2-1.16.0/src/largeblob.c:125:20: warning[-Wanalyzer-malloc-leak]: leak of ‘blob’
libfido2-1.16.0/src/largeblob.c:332:1: enter_function: entry to ‘largeblob_encode’
libfido2-1.16.0/src/largeblob.c:338:21: call_function: inlined call to ‘largeblob_new’ from ‘largeblob_encode’
libfido2-1.16.0/src/largeblob.c:338:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/largeblob.c:339:13: branch_false: ...to here
libfido2-1.16.0/src/largeblob.c:339:13: call_function: calling ‘largeblob_seal’ from ‘largeblob_encode’
#  123|   
#  124|   	if ((plaintext = fido_blob_new()) == NULL ||
#  125|-> 	    (aad = fido_blob_new()) == NULL) {
#  126|   		fido_log_debug("%s: fido_blob_new", __func__);
#  127|   		goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def320]
libfido2-1.16.0/src/largeblob.c:126:17: warning[-Wanalyzer-malloc-leak]: leak of ‘blob’
libfido2-1.16.0/src/largeblob.c:332:1: enter_function: entry to ‘largeblob_encode’
libfido2-1.16.0/src/largeblob.c:338:21: call_function: inlined call to ‘largeblob_new’ from ‘largeblob_encode’
libfido2-1.16.0/src/largeblob.c:338:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/largeblob.c:339:13: branch_false: ...to here
libfido2-1.16.0/src/largeblob.c:339:13: call_function: calling ‘largeblob_seal’ from ‘largeblob_encode’
#  124|   	if ((plaintext = fido_blob_new()) == NULL ||
#  125|   	    (aad = fido_blob_new()) == NULL) {
#  126|-> 		fido_log_debug("%s: fido_blob_new", __func__);
#  127|   		goto fail;
#  128|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def321]
libfido2-1.16.0/src/largeblob.c:129:13: warning[-Wanalyzer-malloc-leak]: leak of ‘blob’
libfido2-1.16.0/src/largeblob.c:332:1: enter_function: entry to ‘largeblob_encode’
libfido2-1.16.0/src/largeblob.c:338:21: call_function: inlined call to ‘largeblob_new’ from ‘largeblob_encode’
libfido2-1.16.0/src/largeblob.c:338:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/largeblob.c:339:13: branch_false: ...to here
libfido2-1.16.0/src/largeblob.c:339:13: call_function: calling ‘largeblob_seal’ from ‘largeblob_encode’
#  127|   		goto fail;
#  128|   	}
#  129|-> 	if (fido_compress(plaintext, body) != FIDO_OK) {
#  130|   		fido_log_debug("%s: fido_compress", __func__);
#  131|   		goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def322]
libfido2-1.16.0/src/largeblob.c:130:17: warning[-Wanalyzer-malloc-leak]: leak of ‘blob’
libfido2-1.16.0/src/largeblob.c:332:1: enter_function: entry to ‘largeblob_encode’
libfido2-1.16.0/src/largeblob.c:338:21: call_function: inlined call to ‘largeblob_new’ from ‘largeblob_encode’
libfido2-1.16.0/src/largeblob.c:338:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/largeblob.c:339:13: branch_false: ...to here
libfido2-1.16.0/src/largeblob.c:339:13: call_function: calling ‘largeblob_seal’ from ‘largeblob_encode’
#  128|   	}
#  129|   	if (fido_compress(plaintext, body) != FIDO_OK) {
#  130|-> 		fido_log_debug("%s: fido_compress", __func__);
#  131|   		goto fail;
#  132|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def323]
libfido2-1.16.0/src/largeblob.c:134:17: warning[-Wanalyzer-malloc-leak]: leak of ‘blob’
libfido2-1.16.0/src/largeblob.c:332:1: enter_function: entry to ‘largeblob_encode’
libfido2-1.16.0/src/largeblob.c:338:21: call_function: inlined call to ‘largeblob_new’ from ‘largeblob_encode’
libfido2-1.16.0/src/largeblob.c:338:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/largeblob.c:339:13: branch_false: ...to here
libfido2-1.16.0/src/largeblob.c:339:13: call_function: calling ‘largeblob_seal’ from ‘largeblob_encode’
#  132|   	}
#  133|   	if (largeblob_aad(aad, body->len) < 0) {
#  134|-> 		fido_log_debug("%s: largeblob_aad", __func__);
#  135|   		goto fail;
#  136|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def324]
libfido2-1.16.0/src/largeblob.c:212:23: warning[-Wanalyzer-malloc-leak]: leak of ‘msg’
libfido2-1.16.0/src/largeblob.c:208:20: acquire_memory: allocated here
libfido2-1.16.0/src/largeblob.c:208:12: branch_false: following ‘false’ branch (when ‘msg’ is non-NULL)...
libfido2-1.16.0/src/largeblob.c:212:23: branch_false: ...to here
libfido2-1.16.0/src/largeblob.c:212:23: throw: if ‘fido_rx’ throws an exception...
libfido2-1.16.0/src/largeblob.c:212:23: danger: ‘msg’ leaks here; was allocated at [(1)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/0)
#  210|   		goto out;
#  211|   	}
#  212|-> 	if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) {
#  213|   		fido_log_debug("%s: fido_rx", __func__);
#  214|   		r = FIDO_ERR_RX;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def325]
libfido2-1.16.0/src/netlink.c:115:18: warning[-Wanalyzer-malloc-leak]: leak of ‘nlmsg_new(*nl.nfc_type, 4, 64)’
libfido2-1.16.0/src/netlink.c:594:1: enter_function: entry to ‘nl_nfc_poll’
libfido2-1.16.0/src/netlink.c:601:18: call_function: calling ‘nlmsg_new’ from ‘nl_nfc_poll’
libfido2-1.16.0/src/netlink.c:601:18: return_function: returning to ‘nl_nfc_poll’ from ‘nlmsg_new’
libfido2-1.16.0/src/netlink.c:601:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/netlink.c:602:13: branch_false: ...to here
libfido2-1.16.0/src/netlink.c:602:13: call_function: calling ‘nlmsg_set_genl’ from ‘nl_nfc_poll’
#  113|   	m->siz = siz;
#  114|   	m->len = len;
#  115|-> 	m->ptr = m->payload;
#  116|   	m->u.nlmsg.nlmsg_type = type;
#  117|   	m->u.nlmsg.nlmsg_flags = NLM_F_REQUEST | flags;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def326]
libfido2-1.16.0/src/netlink.c:115:18: warning[-Wanalyzer-malloc-leak]: leak of ‘nlmsg_new(*nl.nfc_type, 768, 64)’
libfido2-1.16.0/src/netlink.c:624:1: enter_function: entry to ‘nl_dump_nfc_target’
libfido2-1.16.0/src/netlink.c:632:18: call_function: calling ‘nlmsg_new’ from ‘nl_dump_nfc_target’
libfido2-1.16.0/src/netlink.c:632:18: return_function: returning to ‘nl_dump_nfc_target’ from ‘nlmsg_new’
libfido2-1.16.0/src/netlink.c:632:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/netlink.c:633:13: branch_false: ...to here
libfido2-1.16.0/src/netlink.c:633:13: call_function: calling ‘nlmsg_set_genl’ from ‘nl_dump_nfc_target’
#  113|   	m->siz = siz;
#  114|   	m->len = len;
#  115|-> 	m->ptr = m->payload;
#  116|   	m->u.nlmsg.nlmsg_type = type;
#  117|   	m->u.nlmsg.nlmsg_flags = NLM_F_REQUEST | flags;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def327]
libfido2-1.16.0/src/netlink.c:115:18: warning[-Wanalyzer-malloc-leak]: leak of ‘nlmsg_new(16, 0, 64)’
libfido2-1.16.0/src/netlink.c:746:1: enter_function: entry to ‘fido_nl_new’
libfido2-1.16.0/src/netlink.c:751:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/netlink.c:753:23: branch_false: ...to here
libfido2-1.16.0/src/netlink.c:753:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/netlink.c:758:11: branch_false: ...to here
libfido2-1.16.0/src/netlink.c:759:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/netlink.c:764:57: branch_false: ...to here
libfido2-1.16.0/src/netlink.c:764:13: call_function: calling ‘nl_get_nfc_family’ from ‘fido_nl_new’
#  113|   	m->siz = siz;
#  114|   	m->len = len;
#  115|-> 	m->ptr = m->payload;
#  116|   	m->u.nlmsg.nlmsg_type = type;
#  117|   	m->u.nlmsg.nlmsg_flags = NLM_F_REQUEST | flags;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def328]
libfido2-1.16.0/src/netlink.c:223:13: warning[-Wanalyzer-malloc-leak]: leak of ‘padding’
libfido2-1.16.0/src/netlink.c:624:1: enter_function: entry to ‘nl_dump_nfc_target’
libfido2-1.16.0/src/netlink.c:632:18: call_function: calling ‘nlmsg_new’ from ‘nl_dump_nfc_target’
libfido2-1.16.0/src/netlink.c:632:18: return_function: returning to ‘nl_dump_nfc_target’ from ‘nlmsg_new’
libfido2-1.16.0/src/netlink.c:632:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/netlink.c:633:13: branch_false: ...to here
libfido2-1.16.0/src/netlink.c:633:13: call_function: calling ‘nlmsg_set_genl’ from ‘nl_dump_nfc_target’
libfido2-1.16.0/src/netlink.c:633:13: return_function: returning to ‘nl_dump_nfc_target’ from ‘nlmsg_set_genl’
libfido2-1.16.0/src/netlink.c:632:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/netlink.c:632:13: branch_false: ...to here
libfido2-1.16.0/src/netlink.c:634:13: call_function: inlined call to ‘nlmsg_set_u32’ from ‘nl_dump_nfc_target’
#  221|   {
#  222|   	if (cnt > UINT32_MAX - m->u.nlmsg.nlmsg_len ||
#  223|-> 	    fido_buf_write(&m->ptr, &m->len, buf, cnt) < 0)
#  224|   		return (-1);
#  225|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def329]
libfido2-1.16.0/src/netlink.c:755:17: warning[-Wanalyzer-malloc-leak]: leak of ‘nl’
libfido2-1.16.0/src/netlink.c:751:19: acquire_memory: allocated here
libfido2-1.16.0/src/netlink.c:751:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/netlink.c:753:23: branch_false: ...to here
libfido2-1.16.0/src/netlink.c:753:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/netlink.c:755:32: branch_true: ...to here
libfido2-1.16.0/src/netlink.c:755:17: throw: if ‘fido_log_error’ throws an exception...
libfido2-1.16.0/src/netlink.c:755:17: danger: ‘nl’ leaks here; was allocated at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
#  753|   	if ((nl->fd = socket(AF_NETLINK, SOCK_RAW | SOCK_CLOEXEC,
#  754|   	    NETLINK_GENERIC)) == -1) {
#  755|-> 		fido_log_error(errno, "%s: socket", __func__);
#  756|   		goto fail;
#  757|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def330]
libfido2-1.16.0/src/nfc_linux.c:87:13: warning[-Wanalyzer-malloc-leak]: leak of ‘get_parent_attr(udev_device_new_from_syspath(udev,  udev_list_entry_get_name(udev_entry)), "usb", "usb_device", "idVendor")’
libfido2-1.16.0/src/nfc_linux.c:57:1: enter_function: entry to ‘copy_info’
libfido2-1.16.0/src/nfc_linux.c:68:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/nfc_linux.c:69:20: branch_false: ...to here
libfido2-1.16.0/src/nfc_linux.c:68:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/nfc_linux.c:71:22: branch_false: ...to here
libfido2-1.16.0/src/nfc_linux.c:71:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/nfc_linux.c:75:25: branch_false: ...to here
libfido2-1.16.0/src/nfc_linux.c:75:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/nfc_linux.c:79:33: call_function: inlined call to ‘get_usb_attr’ from ‘copy_info’
libfido2-1.16.0/src/nfc_linux.c:79:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/nfc_linux.c:80:36: branch_true: ...to here
libfido2-1.16.0/src/nfc_linux.c:81:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/nfc_linux.c:82:31: branch_true: ...to here
libfido2-1.16.0/src/nfc_linux.c:83:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/nfc_linux.c:86:20: call_function: inlined call to ‘get_usb_attr’ from ‘copy_info’
libfido2-1.16.0/src/nfc_linux.c:86:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/nfc_linux.c:87:13: branch_true: ...to here
libfido2-1.16.0/src/nfc_linux.c:87:13: throw: if ‘fido_to_uint64’ throws an exception...
libfido2-1.16.0/src/nfc_linux.c:87:13: danger: ‘get_parent_attr(udev_device_new_from_syspath(udev,  udev_list_entry_get_name(udev_entry)), "usb", "usb_device", "idVendor")’ leaks here; was allocated at [(24)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/23)
#   85|   	/* XXX assumes USB for vendor/product info */
#   86|   	if ((str = get_usb_attr(dev, "idVendor")) != NULL &&
#   87|-> 	    fido_to_uint64(str, 16, &id) == 0 && id <= UINT16_MAX)
#   88|   		di->vendor_id = (int16_t)id;
#   89|   	free(str);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def331]
libfido2-1.16.0/src/nfc_linux.c:91:13: warning[-Wanalyzer-malloc-leak]: leak of ‘get_parent_attr(udev_device_new_from_syspath(udev,  udev_list_entry_get_name(udev_entry)), "usb", "usb_device", "idProduct")’
libfido2-1.16.0/src/nfc_linux.c:57:1: enter_function: entry to ‘copy_info’
libfido2-1.16.0/src/nfc_linux.c:68:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/nfc_linux.c:69:20: branch_false: ...to here
libfido2-1.16.0/src/nfc_linux.c:68:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/nfc_linux.c:71:22: branch_false: ...to here
libfido2-1.16.0/src/nfc_linux.c:71:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/nfc_linux.c:75:25: branch_false: ...to here
libfido2-1.16.0/src/nfc_linux.c:75:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/nfc_linux.c:79:33: call_function: inlined call to ‘get_usb_attr’ from ‘copy_info’
libfido2-1.16.0/src/nfc_linux.c:79:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/nfc_linux.c:80:36: branch_true: ...to here
libfido2-1.16.0/src/nfc_linux.c:81:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/nfc_linux.c:82:31: branch_true: ...to here
libfido2-1.16.0/src/nfc_linux.c:83:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/nfc_linux.c:86:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/nfc_linux.c:89:9: branch_false: ...to here
libfido2-1.16.0/src/nfc_linux.c:90:20: call_function: inlined call to ‘get_usb_attr’ from ‘copy_info’
libfido2-1.16.0/src/nfc_linux.c:90:20: call_function: inlined call to ‘get_usb_attr’ from ‘copy_info’
libfido2-1.16.0/src/nfc_linux.c:90:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/nfc_linux.c:91:13: branch_true: ...to here
libfido2-1.16.0/src/nfc_linux.c:91:13: throw: if ‘fido_to_uint64’ throws an exception...
libfido2-1.16.0/src/nfc_linux.c:91:13: danger: ‘get_parent_attr(udev_device_new_from_syspath(udev,  udev_list_entry_get_name(udev_entry)), "usb", "usb_device", "idProduct")’ leaks here; was allocated at [(27)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/26)
#   89|   	free(str);
#   90|   	if ((str = get_usb_attr(dev, "idProduct")) != NULL &&
#   91|-> 	    fido_to_uint64(str, 16, &id) == 0 && id <= UINT16_MAX)
#   92|   		di->product_id = (int16_t)id;
#   93|   	free(str);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def332]
libfido2-1.16.0/src/nfc_linux.c:224:30: warning[-Wanalyzer-malloc-leak]: leak of ‘ctx’
libfido2-1.16.0/src/nfc_linux.c:234:1: enter_function: entry to ‘nfc_new’
libfido2-1.16.0/src/nfc_linux.c:238:20: acquire_memory: allocated here
libfido2-1.16.0/src/nfc_linux.c:238:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/nfc_linux.c:239:24: branch_false: ...to here
libfido2-1.16.0/src/nfc_linux.c:238:13: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/nfc_linux.c:240:17: branch_true: ...to here
libfido2-1.16.0/src/nfc_linux.c:240:17: call_function: calling ‘nfc_free’ from ‘nfc_new’
#  222|   	if (ctx_p == NULL || (ctx = *ctx_p) == NULL)
#  223|   		return;
#  224|-> 	if (ctx->fd != -1 && close(ctx->fd) == -1)
#  225|   		fido_log_error(errno, "%s: close", __func__);
#  226|   	if (ctx->nl != NULL)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def333]
libfido2-1.16.0/src/nfc_linux.c:225:17: warning[-Wanalyzer-malloc-leak]: leak of ‘ctx’
libfido2-1.16.0/src/nfc_linux.c:234:1: enter_function: entry to ‘nfc_new’
libfido2-1.16.0/src/nfc_linux.c:238:20: acquire_memory: allocated here
libfido2-1.16.0/src/nfc_linux.c:238:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/nfc_linux.c:239:24: branch_false: ...to here
libfido2-1.16.0/src/nfc_linux.c:238:13: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/nfc_linux.c:240:17: branch_true: ...to here
libfido2-1.16.0/src/nfc_linux.c:240:17: call_function: calling ‘nfc_free’ from ‘nfc_new’
#  223|   		return;
#  224|   	if (ctx->fd != -1 && close(ctx->fd) == -1)
#  225|-> 		fido_log_error(errno, "%s: close", __func__);
#  226|   	if (ctx->nl != NULL)
#  227|   		fido_nl_free(&ctx->nl);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def334]
libfido2-1.16.0/src/nfc_linux.c:239:24: warning[-Wanalyzer-malloc-leak]: leak of ‘ctx’
libfido2-1.16.0/src/nfc_linux.c:238:20: acquire_memory: allocated here
libfido2-1.16.0/src/nfc_linux.c:238:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/nfc_linux.c:239:24: branch_false: ...to here
libfido2-1.16.0/src/nfc_linux.c:239:24: throw: if ‘fido_nl_new’ throws an exception...
libfido2-1.16.0/src/nfc_linux.c:239:24: danger: ‘ctx’ leaks here; was allocated at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
#  237|   
#  238|   	if ((ctx = calloc(1, sizeof(*ctx))) == NULL ||
#  239|-> 	    (ctx->nl = fido_nl_new()) == NULL) {
#  240|   		nfc_free(&ctx);
#  241|   		return NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def335]
libfido2-1.16.0/src/pin.c:305:23: warning[-Wanalyzer-malloc-leak]: leak of ‘msg’
libfido2-1.16.0/src/pin.c:295:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/pin.c:300:20: branch_false: ...to here
libfido2-1.16.0/src/pin.c:300:20: acquire_memory: allocated here
libfido2-1.16.0/src/pin.c:300:12: branch_false: following ‘false’ branch (when ‘msg’ is non-NULL)...
libfido2-1.16.0/src/pin.c:305:23: branch_false: ...to here
libfido2-1.16.0/src/pin.c:305:23: throw: if ‘fido_rx’ throws an exception...
libfido2-1.16.0/src/pin.c:305:23: danger: ‘msg’ leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#  303|   	}
#  304|   
#  305|-> 	if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) {
#  306|   		fido_log_debug("%s: fido_rx", __func__);
#  307|   		r = FIDO_ERR_RX;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def336]
libfido2-1.16.0/src/pin.c:602:23: warning[-Wanalyzer-malloc-leak]: leak of ‘msg’
libfido2-1.16.0/src/pin.c:597:20: acquire_memory: allocated here
libfido2-1.16.0/src/pin.c:597:12: branch_false: following ‘false’ branch (when ‘msg’ is non-NULL)...
libfido2-1.16.0/src/pin.c:602:23: branch_false: ...to here
libfido2-1.16.0/src/pin.c:602:23: throw: if ‘fido_rx’ throws an exception...
libfido2-1.16.0/src/pin.c:602:23: danger: ‘msg’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  600|   	}
#  601|   
#  602|-> 	if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) {
#  603|   		fido_log_debug("%s: fido_rx", __func__);
#  604|   		r = FIDO_ERR_RX;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def337]
libfido2-1.16.0/src/pin.c:655:23: warning[-Wanalyzer-malloc-leak]: leak of ‘msg’
libfido2-1.16.0/src/pin.c:650:20: acquire_memory: allocated here
libfido2-1.16.0/src/pin.c:650:12: branch_false: following ‘false’ branch (when ‘msg’ is non-NULL)...
libfido2-1.16.0/src/pin.c:655:23: branch_false: ...to here
libfido2-1.16.0/src/pin.c:655:23: throw: if ‘fido_rx’ throws an exception...
libfido2-1.16.0/src/pin.c:655:23: danger: ‘msg’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#  653|   	}
#  654|   
#  655|-> 	if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) {
#  656|   		fido_log_debug("%s: fido_rx", __func__);
#  657|   		r = FIDO_ERR_RX;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def338]
libfido2-1.16.0/src/touch.c:40:17: warning[-Wanalyzer-malloc-leak]: leak of ‘rp.id’
libfido2-1.16.0/src/touch.c:30:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/touch.c:33:13: branch_true: ...to here
libfido2-1.16.0/src/touch.c:33:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/touch.c:38:22: branch_false: ...to here
libfido2-1.16.0/src/touch.c:38:22: acquire_memory: allocated here
libfido2-1.16.0/src/touch.c:38:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/touch.c:39:26: branch_false: ...to here
libfido2-1.16.0/src/touch.c:38:13: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/touch.c:40:17: branch_true: ...to here
libfido2-1.16.0/src/touch.c:40:17: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/touch.c:40:17: danger: ‘rp.id’ leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#   38|   	if ((rp.id = strdup(FIDO_DUMMY_RP_ID)) == NULL ||
#   39|   	    (user.name = strdup(FIDO_DUMMY_USER_NAME)) == NULL) {
#   40|-> 		fido_log_debug("%s: strdup", __func__);
#   41|   		goto fail;
#   42|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def339]
libfido2-1.16.0/src/touch.c:44:13: warning[-Wanalyzer-malloc-leak]: leak of ‘rp.id’
libfido2-1.16.0/src/touch.c:30:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/touch.c:33:13: branch_true: ...to here
libfido2-1.16.0/src/touch.c:33:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/touch.c:38:22: branch_false: ...to here
libfido2-1.16.0/src/touch.c:38:22: acquire_memory: allocated here
libfido2-1.16.0/src/touch.c:38:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/touch.c:39:26: branch_false: ...to here
libfido2-1.16.0/src/touch.c:38:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/touch.c:44:13: branch_false: ...to here
libfido2-1.16.0/src/touch.c:44:13: throw: if ‘fido_blob_set’ throws an exception...
libfido2-1.16.0/src/touch.c:44:13: danger: ‘rp.id’ leaks here; was allocated at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
#   42|   	}
#   43|   
#   44|-> 	if (fido_blob_set(&user.id, &user_id, sizeof(user_id)) < 0) {
#   45|   		fido_log_debug("%s: fido_blob_set", __func__);
#   46|   		goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def340]
libfido2-1.16.0/src/touch.c:44:13: warning[-Wanalyzer-malloc-leak]: leak of ‘user.name’
libfido2-1.16.0/src/touch.c:30:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/touch.c:33:13: branch_true: ...to here
libfido2-1.16.0/src/touch.c:33:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/touch.c:38:22: branch_false: ...to here
libfido2-1.16.0/src/touch.c:38:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/touch.c:39:26: branch_false: ...to here
libfido2-1.16.0/src/touch.c:39:26: acquire_memory: allocated here
libfido2-1.16.0/src/touch.c:38:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/touch.c:44:13: branch_false: ...to here
libfido2-1.16.0/src/touch.c:44:13: throw: if ‘fido_blob_set’ throws an exception...
libfido2-1.16.0/src/touch.c:44:13: danger: ‘user.name’ leaks here; was allocated at [(7)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/6)
#   42|   	}
#   43|   
#   44|-> 	if (fido_blob_set(&user.id, &user_id, sizeof(user_id)) < 0) {
#   45|   		fido_log_debug("%s: fido_blob_set", __func__);
#   46|   		goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def341]
libfido2-1.16.0/src/touch.c:45:17: warning[-Wanalyzer-malloc-leak]: leak of ‘rp.id’
libfido2-1.16.0/src/touch.c:30:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/touch.c:33:13: branch_true: ...to here
libfido2-1.16.0/src/touch.c:33:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/touch.c:38:22: branch_false: ...to here
libfido2-1.16.0/src/touch.c:38:22: acquire_memory: allocated here
libfido2-1.16.0/src/touch.c:38:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/touch.c:39:26: branch_false: ...to here
libfido2-1.16.0/src/touch.c:38:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/touch.c:44:13: branch_false: ...to here
libfido2-1.16.0/src/touch.c:44:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/touch.c:45:17: branch_true: ...to here
libfido2-1.16.0/src/touch.c:45:17: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/touch.c:45:17: danger: ‘rp.id’ leaks here; was allocated at [(5)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/4)
#   43|   
#   44|   	if (fido_blob_set(&user.id, &user_id, sizeof(user_id)) < 0) {
#   45|-> 		fido_log_debug("%s: fido_blob_set", __func__);
#   46|   		goto fail;
#   47|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def342]
libfido2-1.16.0/src/touch.c:49:24: warning[-Wanalyzer-malloc-leak]: leak of ‘rp.id’
libfido2-1.16.0/src/touch.c:30:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/touch.c:33:13: branch_true: ...to here
libfido2-1.16.0/src/touch.c:33:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/touch.c:38:22: branch_false: ...to here
libfido2-1.16.0/src/touch.c:38:22: acquire_memory: allocated here
libfido2-1.16.0/src/touch.c:38:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/touch.c:39:26: branch_false: ...to here
libfido2-1.16.0/src/touch.c:38:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/touch.c:44:13: branch_false: ...to here
libfido2-1.16.0/src/touch.c:44:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/touch.c:49:24: branch_false: ...to here
libfido2-1.16.0/src/touch.c:49:24: throw: if ‘cbor_build_bytestring’ throws an exception...
libfido2-1.16.0/src/touch.c:49:24: danger: ‘rp.id’ leaks here; was allocated at [(5)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/4)
#   47|   	}
#   48|   
#   49|-> 	if ((argv[0] = cbor_build_bytestring(cdh, sizeof(cdh))) == NULL ||
#   50|   	    (argv[1] = cbor_encode_rp_entity(&rp)) == NULL ||
#   51|   	    (argv[2] = cbor_encode_user_entity(&user)) == NULL ||

Error: GCC_ANALYZER_WARNING (CWE-401): [#def343]
libfido2-1.16.0/src/touch.c:50:24: warning[-Wanalyzer-malloc-leak]: leak of ‘rp.id’
libfido2-1.16.0/src/touch.c:30:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/touch.c:33:13: branch_true: ...to here
libfido2-1.16.0/src/touch.c:33:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/touch.c:38:22: branch_false: ...to here
libfido2-1.16.0/src/touch.c:38:22: acquire_memory: allocated here
libfido2-1.16.0/src/touch.c:38:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/touch.c:39:26: branch_false: ...to here
libfido2-1.16.0/src/touch.c:38:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/touch.c:44:13: branch_false: ...to here
libfido2-1.16.0/src/touch.c:44:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/touch.c:49:24: branch_false: ...to here
libfido2-1.16.0/src/touch.c:49:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/touch.c:50:24: branch_false: ...to here
libfido2-1.16.0/src/touch.c:50:24: throw: if ‘cbor_encode_rp_entity’ throws an exception...
libfido2-1.16.0/src/touch.c:50:24: danger: ‘rp.id’ leaks here; was allocated at [(5)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/4)
#   48|   
#   49|   	if ((argv[0] = cbor_build_bytestring(cdh, sizeof(cdh))) == NULL ||
#   50|-> 	    (argv[1] = cbor_encode_rp_entity(&rp)) == NULL ||
#   51|   	    (argv[2] = cbor_encode_user_entity(&user)) == NULL ||
#   52|   	    (argv[3] = cbor_encode_pubkey_param(COSE_ES256)) == NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def344]
libfido2-1.16.0/src/touch.c:53:17: warning[-Wanalyzer-malloc-leak]: leak of ‘rp.id’
libfido2-1.16.0/src/touch.c:30:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/touch.c:33:13: branch_true: ...to here
libfido2-1.16.0/src/touch.c:33:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/touch.c:38:22: branch_false: ...to here
libfido2-1.16.0/src/touch.c:38:22: acquire_memory: allocated here
libfido2-1.16.0/src/touch.c:38:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/touch.c:39:26: branch_false: ...to here
libfido2-1.16.0/src/touch.c:38:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/touch.c:44:13: branch_false: ...to here
libfido2-1.16.0/src/touch.c:44:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/touch.c:49:24: branch_false: ...to here
libfido2-1.16.0/src/touch.c:49:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/touch.c:53:17: branch_true: ...to here
libfido2-1.16.0/src/touch.c:53:17: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/touch.c:53:17: danger: ‘rp.id’ leaks here; was allocated at [(5)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/4)
#   51|   	    (argv[2] = cbor_encode_user_entity(&user)) == NULL ||
#   52|   	    (argv[3] = cbor_encode_pubkey_param(COSE_ES256)) == NULL) {
#   53|-> 		fido_log_debug("%s: cbor encode", __func__);
#   54|   		goto fail;
#   55|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def345]
libfido2-1.16.0/src/touch.c:74:9: warning[-Wanalyzer-malloc-leak]: leak of ‘rp.id’
libfido2-1.16.0/src/touch.c:30:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/touch.c:33:13: branch_true: ...to here
libfido2-1.16.0/src/touch.c:33:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/touch.c:38:22: branch_false: ...to here
libfido2-1.16.0/src/touch.c:38:22: acquire_memory: allocated here
libfido2-1.16.0/src/touch.c:38:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/touch.c:39:26: branch_false: ...to here
libfido2-1.16.0/src/touch.c:38:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/touch.c:44:13: branch_false: ...to here
libfido2-1.16.0/src/touch.c:44:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/touch.c:45:17: branch_true: ...to here
libfido2-1.16.0/src/touch.c:74:9: throw: if ‘cbor_vector_free’ throws an exception...
libfido2-1.16.0/src/touch.c:74:9: danger: ‘rp.id’ leaks here; was allocated at [(5)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/4)
#   72|   	r = FIDO_OK;
#   73|   fail:
#   74|-> 	cbor_vector_free(argv, nitems(argv));
#   75|   	free(f.ptr);
#   76|   	free(rp.id);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def346]
libfido2-1.16.0/src/u2f.c:89:13: warning[-Wanalyzer-malloc-leak]: leak of ‘x5c.ptr’
libfido2-1.16.0/src/u2f.c:584:1: enter_function: entry to ‘parse_register_reply’
libfido2-1.16.0/src/u2f.c:603:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:611:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:612:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:611:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:618:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:618:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:619:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:618:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:620:19: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:618:13: branch_false: following ‘false’ branch (when ‘kh’ is non-NULL)...
libfido2-1.16.0/src/u2f.c:621:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:618:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:627:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:627:13: call_function: calling ‘x5c_get’ from ‘parse_register_reply’
#   87|   	/* read accordingly */
#   88|   	if ((x5c->ptr = calloc(1, x5c->len)) == NULL ||
#   89|-> 	    fido_buf_read(buf, len, x5c->ptr, x5c->len) < 0) {
#   90|   		fido_log_debug("%s: fido_buf_read", __func__);
#   91|   		goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def347]
libfido2-1.16.0/src/u2f.c:173:21: warning[-Wanalyzer-malloc-leak]: leak of ‘reply’
libfido2-1.16.0/src/u2f.c:157:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:159:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:157:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:160:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:157:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:166:22: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:166:22: acquire_memory: allocated here
libfido2-1.16.0/src/u2f.c:166:12: branch_false: following ‘false’ branch (when ‘reply’ is non-NULL)...
libfido2-1.16.0/src/u2f.c:166:12: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:173:21: throw: if ‘iso7816_len’ throws an exception...
libfido2-1.16.0/src/u2f.c:173:21: danger: ‘reply’ leaks here; was allocated at [(7)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/6)
#  171|   
#  172|   	do {
#  173|-> 		if (fido_tx(dev, CTAP_CMD_MSG, iso7816_ptr(apdu),
#  174|   		    iso7816_len(apdu), ms) < 0) {
#  175|   			fido_log_debug("%s: fido_tx", __func__);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def348]
libfido2-1.16.0/src/u2f.c:173:48: warning[-Wanalyzer-malloc-leak]: leak of ‘reply’
libfido2-1.16.0/src/u2f.c:157:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:159:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:157:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:160:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:157:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:166:22: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:166:22: acquire_memory: allocated here
libfido2-1.16.0/src/u2f.c:166:12: branch_false: following ‘false’ branch (when ‘reply’ is non-NULL)...
libfido2-1.16.0/src/u2f.c:166:12: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:173:48: throw: if ‘iso7816_ptr’ throws an exception...
libfido2-1.16.0/src/u2f.c:173:48: danger: ‘reply’ leaks here; was allocated at [(7)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/6)
#  171|   
#  172|   	do {
#  173|-> 		if (fido_tx(dev, CTAP_CMD_MSG, iso7816_ptr(apdu),
#  174|   		    iso7816_len(apdu), ms) < 0) {
#  175|   			fido_log_debug("%s: fido_tx", __func__);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def349]
libfido2-1.16.0/src/u2f.c:175:25: warning[-Wanalyzer-malloc-leak]: leak of ‘reply’
libfido2-1.16.0/src/u2f.c:157:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:159:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:157:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:160:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:157:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:166:22: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:166:22: acquire_memory: allocated here
libfido2-1.16.0/src/u2f.c:166:12: branch_false: following ‘false’ branch (when ‘reply’ is non-NULL)...
libfido2-1.16.0/src/u2f.c:166:12: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:173:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/u2f.c:175:25: branch_true: ...to here
libfido2-1.16.0/src/u2f.c:175:25: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/u2f.c:175:25: danger: ‘reply’ leaks here; was allocated at [(7)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/6)
#  173|   		if (fido_tx(dev, CTAP_CMD_MSG, iso7816_ptr(apdu),
#  174|   		    iso7816_len(apdu), ms) < 0) {
#  175|-> 			fido_log_debug("%s: fido_tx", __func__);
#  176|   			r = FIDO_ERR_TX;
#  177|   			goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def350]
libfido2-1.16.0/src/u2f.c:179:21: warning[-Wanalyzer-malloc-leak]: leak of ‘reply’
libfido2-1.16.0/src/u2f.c:157:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:159:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:157:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:160:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:157:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:166:22: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:166:22: acquire_memory: allocated here
libfido2-1.16.0/src/u2f.c:166:12: branch_false: following ‘false’ branch (when ‘reply’ is non-NULL)...
libfido2-1.16.0/src/u2f.c:166:12: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:173:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:179:21: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:179:21: throw: if ‘fido_rx’ throws an exception...
libfido2-1.16.0/src/u2f.c:179:21: danger: ‘reply’ leaks here; was allocated at [(7)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/6)
#  177|   			goto fail;
#  178|   		}
#  179|-> 		if (fido_rx(dev, CTAP_CMD_MSG, reply, FIDO_MAXMSG, ms) < 2) {
#  180|   			fido_log_debug("%s: fido_rx", __func__);
#  181|   			r = FIDO_ERR_RX;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def351]
libfido2-1.16.0/src/u2f.c:246:13: warning[-Wanalyzer-malloc-leak]: leak of ‘reply’
libfido2-1.16.0/src/u2f.c:210:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:220:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:227:31: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:229:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:231:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:229:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:232:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:229:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:233:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:229:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:234:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:229:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:240:22: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:240:22: acquire_memory: allocated here
libfido2-1.16.0/src/u2f.c:240:12: branch_false: following ‘false’ branch (when ‘reply’ is non-NULL)...
libfido2-1.16.0/src/u2f.c:246:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:246:13: throw: if ‘iso7816_len’ throws an exception...
libfido2-1.16.0/src/u2f.c:246:13: danger: ‘reply’ leaks here; was allocated at [(15)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/14)
#  244|   	}
#  245|   
#  246|-> 	if (fido_tx(dev, CTAP_CMD_MSG, iso7816_ptr(apdu),
#  247|   	    iso7816_len(apdu), ms) < 0) {
#  248|   		fido_log_debug("%s: fido_tx", __func__);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def352]
libfido2-1.16.0/src/u2f.c:246:40: warning[-Wanalyzer-malloc-leak]: leak of ‘reply’
libfido2-1.16.0/src/u2f.c:210:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:220:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:227:31: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:229:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:231:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:229:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:232:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:229:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:233:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:229:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:234:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:229:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:240:22: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:240:22: acquire_memory: allocated here
libfido2-1.16.0/src/u2f.c:240:12: branch_false: following ‘false’ branch (when ‘reply’ is non-NULL)...
libfido2-1.16.0/src/u2f.c:246:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:246:40: throw: if ‘iso7816_ptr’ throws an exception...
libfido2-1.16.0/src/u2f.c:246:40: danger: ‘reply’ leaks here; was allocated at [(15)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/14)
#  244|   	}
#  245|   
#  246|-> 	if (fido_tx(dev, CTAP_CMD_MSG, iso7816_ptr(apdu),
#  247|   	    iso7816_len(apdu), ms) < 0) {
#  248|   		fido_log_debug("%s: fido_tx", __func__);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def353]
libfido2-1.16.0/src/u2f.c:248:17: warning[-Wanalyzer-malloc-leak]: leak of ‘reply’
libfido2-1.16.0/src/u2f.c:210:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:220:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:227:31: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:229:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:231:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:229:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:232:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:229:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:233:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:229:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:234:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:229:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:240:22: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:240:22: acquire_memory: allocated here
libfido2-1.16.0/src/u2f.c:240:12: branch_false: following ‘false’ branch (when ‘reply’ is non-NULL)...
libfido2-1.16.0/src/u2f.c:246:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:246:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/u2f.c:248:17: branch_true: ...to here
libfido2-1.16.0/src/u2f.c:248:17: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/u2f.c:248:17: danger: ‘reply’ leaks here; was allocated at [(15)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/14)
#  246|   	if (fido_tx(dev, CTAP_CMD_MSG, iso7816_ptr(apdu),
#  247|   	    iso7816_len(apdu), ms) < 0) {
#  248|-> 		fido_log_debug("%s: fido_tx", __func__);
#  249|   		r = FIDO_ERR_TX;
#  250|   		goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def354]
libfido2-1.16.0/src/u2f.c:252:13: warning[-Wanalyzer-malloc-leak]: leak of ‘reply’
libfido2-1.16.0/src/u2f.c:210:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:220:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:227:31: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:229:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:231:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:229:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:232:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:229:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:233:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:229:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:234:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:229:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:240:22: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:240:22: acquire_memory: allocated here
libfido2-1.16.0/src/u2f.c:240:12: branch_false: following ‘false’ branch (when ‘reply’ is non-NULL)...
libfido2-1.16.0/src/u2f.c:246:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:246:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:252:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:252:13: throw: if ‘fido_rx’ throws an exception...
libfido2-1.16.0/src/u2f.c:252:13: danger: ‘reply’ leaks here; was allocated at [(15)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/14)
#  250|   		goto fail;
#  251|   	}
#  252|-> 	if (fido_rx(dev, CTAP_CMD_MSG, reply, FIDO_MAXMSG, ms) != 2) {
#  253|   		fido_log_debug("%s: fido_rx", __func__);
#  254|   		r = FIDO_ERR_RX;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def355]
libfido2-1.16.0/src/u2f.c:363:21: warning[-Wanalyzer-malloc-leak]: leak of ‘reply’
libfido2-1.16.0/src/u2f.c:328:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:336:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:343:31: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:345:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:347:41: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:345:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:348:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:345:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:349:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:345:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:350:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:345:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:356:22: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:356:22: acquire_memory: allocated here
libfido2-1.16.0/src/u2f.c:356:12: branch_false: following ‘false’ branch (when ‘reply’ is non-NULL)...
libfido2-1.16.0/src/u2f.c:356:12: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:363:21: throw: if ‘iso7816_len’ throws an exception...
libfido2-1.16.0/src/u2f.c:363:21: danger: ‘reply’ leaks here; was allocated at [(15)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/14)
#  361|   
#  362|   	do {
#  363|-> 		if (fido_tx(dev, CTAP_CMD_MSG, iso7816_ptr(apdu),
#  364|   		    iso7816_len(apdu), ms) < 0) {
#  365|   			fido_log_debug("%s: fido_tx", __func__);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def356]
libfido2-1.16.0/src/u2f.c:363:48: warning[-Wanalyzer-malloc-leak]: leak of ‘reply’
libfido2-1.16.0/src/u2f.c:328:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:336:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:343:31: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:345:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:347:41: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:345:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:348:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:345:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:349:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:345:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:350:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:345:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:356:22: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:356:22: acquire_memory: allocated here
libfido2-1.16.0/src/u2f.c:356:12: branch_false: following ‘false’ branch (when ‘reply’ is non-NULL)...
libfido2-1.16.0/src/u2f.c:356:12: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:363:48: throw: if ‘iso7816_ptr’ throws an exception...
libfido2-1.16.0/src/u2f.c:363:48: danger: ‘reply’ leaks here; was allocated at [(15)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/14)
#  361|   
#  362|   	do {
#  363|-> 		if (fido_tx(dev, CTAP_CMD_MSG, iso7816_ptr(apdu),
#  364|   		    iso7816_len(apdu), ms) < 0) {
#  365|   			fido_log_debug("%s: fido_tx", __func__);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def357]
libfido2-1.16.0/src/u2f.c:365:25: warning[-Wanalyzer-malloc-leak]: leak of ‘reply’
libfido2-1.16.0/src/u2f.c:328:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:336:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:343:31: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:345:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:347:41: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:345:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:348:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:345:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:349:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:345:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:350:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:345:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:356:22: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:356:22: acquire_memory: allocated here
libfido2-1.16.0/src/u2f.c:356:12: branch_false: following ‘false’ branch (when ‘reply’ is non-NULL)...
libfido2-1.16.0/src/u2f.c:356:12: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:363:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/u2f.c:365:25: branch_true: ...to here
libfido2-1.16.0/src/u2f.c:365:25: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/u2f.c:365:25: danger: ‘reply’ leaks here; was allocated at [(15)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/14)
#  363|   		if (fido_tx(dev, CTAP_CMD_MSG, iso7816_ptr(apdu),
#  364|   		    iso7816_len(apdu), ms) < 0) {
#  365|-> 			fido_log_debug("%s: fido_tx", __func__);
#  366|   			r = FIDO_ERR_TX;
#  367|   			goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def358]
libfido2-1.16.0/src/u2f.c:369:34: warning[-Wanalyzer-malloc-leak]: leak of ‘reply’
libfido2-1.16.0/src/u2f.c:328:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:336:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:343:31: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:345:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:347:41: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:345:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:348:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:345:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:349:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:345:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:350:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:345:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:356:22: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:356:22: acquire_memory: allocated here
libfido2-1.16.0/src/u2f.c:356:12: branch_false: following ‘false’ branch (when ‘reply’ is non-NULL)...
libfido2-1.16.0/src/u2f.c:356:12: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:363:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:369:34: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:369:34: throw: if ‘fido_rx’ throws an exception...
libfido2-1.16.0/src/u2f.c:369:34: danger: ‘reply’ leaks here; was allocated at [(15)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/14)
#  367|   			goto fail;
#  368|   		}
#  369|-> 		if ((reply_len = fido_rx(dev, CTAP_CMD_MSG, reply,
#  370|   		    FIDO_MAXMSG, ms)) < 2) {
#  371|   			fido_log_debug("%s: fido_rx", __func__);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def359]
libfido2-1.16.0/src/u2f.c:621:13: warning[-Wanalyzer-malloc-leak]: leak of ‘kh’
libfido2-1.16.0/src/u2f.c:603:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:611:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:612:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:611:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:618:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:618:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:619:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:618:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:620:19: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:620:19: acquire_memory: allocated here
libfido2-1.16.0/src/u2f.c:618:13: branch_false: following ‘false’ branch (when ‘kh’ is non-NULL)...
libfido2-1.16.0/src/u2f.c:621:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:621:13: throw: if ‘fido_buf_read’ throws an exception...
libfido2-1.16.0/src/u2f.c:621:13: danger: ‘kh’ leaks here; was allocated at [(11)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/10)
#  619|   	    fido_buf_read(&reply, &len, &kh_len, sizeof(kh_len)) < 0 ||
#  620|   	    (kh = calloc(1, kh_len)) == NULL ||
#  621|-> 	    fido_buf_read(&reply, &len, kh, kh_len) < 0) {
#  622|   		fido_log_debug("%s: fido_buf_read", __func__);
#  623|   		goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def360]
libfido2-1.16.0/src/u2f.c:728:21: warning[-Wanalyzer-malloc-leak]: leak of ‘reply’
libfido2-1.16.0/src/u2f.c:675:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:681:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:681:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:681:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:688:28: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:704:9: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:706:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:712:21: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:712:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:714:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:712:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:715:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:712:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:721:22: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:721:22: acquire_memory: allocated here
libfido2-1.16.0/src/u2f.c:721:12: branch_false: following ‘false’ branch (when ‘reply’ is non-NULL)...
libfido2-1.16.0/src/u2f.c:721:12: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:728:21: throw: if ‘iso7816_len’ throws an exception...
libfido2-1.16.0/src/u2f.c:728:21: danger: ‘reply’ leaks here; was allocated at [(17)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/16)
#  726|   
#  727|   	do {
#  728|-> 		if (fido_tx(dev, CTAP_CMD_MSG, iso7816_ptr(apdu),
#  729|   		    iso7816_len(apdu), ms) < 0) {
#  730|   			fido_log_debug("%s: fido_tx", __func__);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def361]
libfido2-1.16.0/src/u2f.c:728:48: warning[-Wanalyzer-malloc-leak]: leak of ‘reply’
libfido2-1.16.0/src/u2f.c:675:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:681:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:681:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:681:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:688:28: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:704:9: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:706:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:712:21: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:712:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:714:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:712:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:715:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:712:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:721:22: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:721:22: acquire_memory: allocated here
libfido2-1.16.0/src/u2f.c:721:12: branch_false: following ‘false’ branch (when ‘reply’ is non-NULL)...
libfido2-1.16.0/src/u2f.c:721:12: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:728:48: throw: if ‘iso7816_ptr’ throws an exception...
libfido2-1.16.0/src/u2f.c:728:48: danger: ‘reply’ leaks here; was allocated at [(17)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/16)
#  726|   
#  727|   	do {
#  728|-> 		if (fido_tx(dev, CTAP_CMD_MSG, iso7816_ptr(apdu),
#  729|   		    iso7816_len(apdu), ms) < 0) {
#  730|   			fido_log_debug("%s: fido_tx", __func__);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def362]
libfido2-1.16.0/src/u2f.c:730:25: warning[-Wanalyzer-malloc-leak]: leak of ‘reply’
libfido2-1.16.0/src/u2f.c:675:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:681:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:681:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:681:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:688:28: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:704:9: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:706:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:712:21: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:712:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:714:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:712:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:715:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:712:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:721:22: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:721:22: acquire_memory: allocated here
libfido2-1.16.0/src/u2f.c:721:12: branch_false: following ‘false’ branch (when ‘reply’ is non-NULL)...
libfido2-1.16.0/src/u2f.c:721:12: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:728:20: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/u2f.c:730:25: branch_true: ...to here
libfido2-1.16.0/src/u2f.c:730:25: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/u2f.c:730:25: danger: ‘reply’ leaks here; was allocated at [(17)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/16)
#  728|   		if (fido_tx(dev, CTAP_CMD_MSG, iso7816_ptr(apdu),
#  729|   		    iso7816_len(apdu), ms) < 0) {
#  730|-> 			fido_log_debug("%s: fido_tx", __func__);
#  731|   			r = FIDO_ERR_TX;
#  732|   			goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def363]
libfido2-1.16.0/src/u2f.c:734:34: warning[-Wanalyzer-malloc-leak]: leak of ‘reply’
libfido2-1.16.0/src/u2f.c:675:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:681:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:681:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:681:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:688:28: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:704:9: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:706:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:712:21: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:712:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:714:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:712:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:715:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:712:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:721:22: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:721:22: acquire_memory: allocated here
libfido2-1.16.0/src/u2f.c:721:12: branch_false: following ‘false’ branch (when ‘reply’ is non-NULL)...
libfido2-1.16.0/src/u2f.c:721:12: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:728:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:734:34: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:734:34: throw: if ‘fido_rx’ throws an exception...
libfido2-1.16.0/src/u2f.c:734:34: danger: ‘reply’ leaks here; was allocated at [(17)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/16)
#  732|   			goto fail;
#  733|   		}
#  734|-> 		if ((reply_len = fido_rx(dev, CTAP_CMD_MSG, reply,
#  735|   		    FIDO_MAXMSG, ms)) < 2) {
#  736|   			fido_log_debug("%s: fido_rx", __func__);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def364]
libfido2-1.16.0/src/u2f.c:899:17: warning[-Wanalyzer-malloc-leak]: leak of ‘reply’
libfido2-1.16.0/src/u2f.c:876:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:877:52: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:876:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:883:21: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:883:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:885:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:883:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:886:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:883:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:892:22: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:892:22: acquire_memory: allocated here
libfido2-1.16.0/src/u2f.c:892:12: branch_false: following ‘false’ branch (when ‘reply’ is non-NULL)...
libfido2-1.16.0/src/u2f.c:898:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:898:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/u2f.c:899:17: branch_true: ...to here
libfido2-1.16.0/src/u2f.c:899:17: throw: if ‘fido_tx’ throws an exception...
libfido2-1.16.0/src/u2f.c:899:17: danger: ‘reply’ leaks here; was allocated at [(11)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/10)
#  897|   
#  898|   	if (dev->attr.flags & FIDO_CAP_WINK) {
#  899|-> 		fido_tx(dev, CTAP_CMD_WINK, NULL, 0, ms);
#  900|   		fido_rx(dev, CTAP_CMD_WINK, reply, FIDO_MAXMSG, ms);
#  901|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def365]
libfido2-1.16.0/src/u2f.c:900:17: warning[-Wanalyzer-malloc-leak]: leak of ‘reply’
libfido2-1.16.0/src/u2f.c:876:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:877:52: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:876:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:883:21: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:883:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:885:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:883:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:886:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:883:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:892:22: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:892:22: acquire_memory: allocated here
libfido2-1.16.0/src/u2f.c:892:12: branch_false: following ‘false’ branch (when ‘reply’ is non-NULL)...
libfido2-1.16.0/src/u2f.c:898:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:898:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/u2f.c:899:17: branch_true: ...to here
libfido2-1.16.0/src/u2f.c:900:17: throw: if ‘fido_rx’ throws an exception...
libfido2-1.16.0/src/u2f.c:900:17: danger: ‘reply’ leaks here; was allocated at [(11)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/10)
#  898|   	if (dev->attr.flags & FIDO_CAP_WINK) {
#  899|   		fido_tx(dev, CTAP_CMD_WINK, NULL, 0, ms);
#  900|-> 		fido_rx(dev, CTAP_CMD_WINK, reply, FIDO_MAXMSG, ms);
#  901|   	}
#  902|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def366]
libfido2-1.16.0/src/u2f.c:903:13: warning[-Wanalyzer-malloc-leak]: leak of ‘reply’
libfido2-1.16.0/src/u2f.c:876:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:877:52: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:876:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:883:21: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:883:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:885:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:883:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:886:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:883:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:892:22: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:892:22: acquire_memory: allocated here
libfido2-1.16.0/src/u2f.c:892:12: branch_false: following ‘false’ branch (when ‘reply’ is non-NULL)...
libfido2-1.16.0/src/u2f.c:898:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:898:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:903:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:903:13: throw: if ‘iso7816_len’ throws an exception...
libfido2-1.16.0/src/u2f.c:903:13: danger: ‘reply’ leaks here; was allocated at [(11)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/10)
#  901|   	}
#  902|   
#  903|-> 	if (fido_tx(dev, CTAP_CMD_MSG, iso7816_ptr(apdu),
#  904|   	    iso7816_len(apdu), ms) < 0) {
#  905|   		fido_log_debug("%s: fido_tx", __func__);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def367]
libfido2-1.16.0/src/u2f.c:903:40: warning[-Wanalyzer-malloc-leak]: leak of ‘reply’
libfido2-1.16.0/src/u2f.c:876:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:877:52: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:876:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:883:21: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:883:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:885:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:883:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:886:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:883:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:892:22: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:892:22: acquire_memory: allocated here
libfido2-1.16.0/src/u2f.c:892:12: branch_false: following ‘false’ branch (when ‘reply’ is non-NULL)...
libfido2-1.16.0/src/u2f.c:898:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:898:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:903:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:903:40: throw: if ‘iso7816_ptr’ throws an exception...
libfido2-1.16.0/src/u2f.c:903:40: danger: ‘reply’ leaks here; was allocated at [(11)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/10)
#  901|   	}
#  902|   
#  903|-> 	if (fido_tx(dev, CTAP_CMD_MSG, iso7816_ptr(apdu),
#  904|   	    iso7816_len(apdu), ms) < 0) {
#  905|   		fido_log_debug("%s: fido_tx", __func__);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def368]
libfido2-1.16.0/src/u2f.c:905:17: warning[-Wanalyzer-malloc-leak]: leak of ‘reply’
libfido2-1.16.0/src/u2f.c:876:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:877:52: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:876:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:883:21: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:883:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:885:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:883:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:886:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:883:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:892:22: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:892:22: acquire_memory: allocated here
libfido2-1.16.0/src/u2f.c:892:12: branch_false: following ‘false’ branch (when ‘reply’ is non-NULL)...
libfido2-1.16.0/src/u2f.c:898:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:898:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:903:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:903:12: branch_true: following ‘true’ branch...
libfido2-1.16.0/src/u2f.c:905:17: branch_true: ...to here
libfido2-1.16.0/src/u2f.c:905:17: throw: if ‘fido_log_debug’ throws an exception...
libfido2-1.16.0/src/u2f.c:905:17: danger: ‘reply’ leaks here; was allocated at [(11)](sarif:/runs/0/results/27/codeFlows/0/threadFlows/0/locations/10)
#  903|   	if (fido_tx(dev, CTAP_CMD_MSG, iso7816_ptr(apdu),
#  904|   	    iso7816_len(apdu), ms) < 0) {
#  905|-> 		fido_log_debug("%s: fido_tx", __func__);
#  906|   		r = FIDO_ERR_TX;
#  907|   		goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def369]
libfido2-1.16.0/src/u2f.c:912:9: warning[-Wanalyzer-malloc-leak]: leak of ‘reply’
libfido2-1.16.0/src/u2f.c:876:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:877:52: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:876:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:883:21: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:883:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:885:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:883:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:886:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:883:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:892:22: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:892:22: acquire_memory: allocated here
libfido2-1.16.0/src/u2f.c:892:12: branch_false: following ‘false’ branch (when ‘reply’ is non-NULL)...
libfido2-1.16.0/src/u2f.c:898:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:898:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:903:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:912:9: throw: if ‘iso7816_free’ throws an exception...
libfido2-1.16.0/src/u2f.c:912:9: danger: ‘reply’ leaks here; was allocated at [(11)](sarif:/runs/0/results/28/codeFlows/0/threadFlows/0/locations/10)
#  910|   	r = FIDO_OK;
#  911|   fail:
#  912|-> 	iso7816_free(&apdu);
#  913|   	freezero(reply, FIDO_MAXMSG);
#  914|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def370]
libfido2-1.16.0/src/u2f.c:913:9: warning[-Wanalyzer-malloc-leak]: leak of ‘reply’
libfido2-1.16.0/src/u2f.c:876:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:877:52: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:876:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:883:21: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:883:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:885:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:883:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:886:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:883:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:892:22: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:892:22: acquire_memory: allocated here
libfido2-1.16.0/src/u2f.c:892:12: branch_false: following ‘false’ branch (when ‘reply’ is non-NULL)...
libfido2-1.16.0/src/u2f.c:898:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:898:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/src/u2f.c:903:13: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:913:9: throw: if ‘freezero’ throws an exception...
libfido2-1.16.0/src/u2f.c:913:9: danger: ‘reply’ leaks here; was allocated at [(11)](sarif:/runs/0/results/29/codeFlows/0/threadFlows/0/locations/10)
#  911|   fail:
#  912|   	iso7816_free(&apdu);
#  913|-> 	freezero(reply, FIDO_MAXMSG);
#  914|   
#  915|   	return (r);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def371]
libfido2-1.16.0/src/u2f.c:931:26: warning[-Wanalyzer-malloc-leak]: leak of ‘reply’
libfido2-1.16.0/src/u2f.c:925:22: acquire_memory: allocated here
libfido2-1.16.0/src/u2f.c:925:12: branch_false: following ‘false’ branch (when ‘reply’ is non-NULL)...
libfido2-1.16.0/src/u2f.c:931:26: branch_false: ...to here
libfido2-1.16.0/src/u2f.c:931:26: throw: if ‘fido_rx’ throws an exception...
libfido2-1.16.0/src/u2f.c:931:26: danger: ‘reply’ leaks here; was allocated at [(1)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/0)
#  929|   	}
#  930|   
#  931|-> 	if ((reply_len = fido_rx(dev, CTAP_CMD_MSG, reply, FIDO_MAXMSG,
#  932|   	    ms)) < 2) {
#  933|   		fido_log_debug("%s: fido_rx", __func__);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def372]
libfido2-1.16.0/tools/assert_get.c:52:17: warning[-Wanalyzer-malloc-leak]: leak of ‘assignment’
libfido2-1.16.0/tools/assert_get.c:49:27: acquire_memory: allocated here
libfido2-1.16.0/tools/assert_get.c:49:12: branch_false: following ‘false’ branch (when ‘assignment’ is non-NULL)...
libfido2-1.16.0/tools/assert_get.c:51:20: branch_false: ...to here
libfido2-1.16.0/tools/assert_get.c:51:12: branch_true: following ‘true’ branch (when ‘val’ is NULL)...
libfido2-1.16.0/tools/assert_get.c:52:17: branch_true: ...to here
libfido2-1.16.0/tools/assert_get.c:52:17: throw: if ‘errx’ throws an exception...
libfido2-1.16.0/tools/assert_get.c:52:17: danger: ‘assignment’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#   50|   		err(1, "strdup");
#   51|   	if ((val = strchr(assignment, '=')) == NULL)
#   52|-> 		errx(1, "invalid assignment '%s'", assignment);
#   53|   
#   54|   	key = assignment;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def373]
libfido2-1.16.0/tools/assert_get.c:62:17: warning[-Wanalyzer-malloc-leak]: leak of ‘assignment’
libfido2-1.16.0/tools/assert_get.c:49:27: acquire_memory: allocated here
libfido2-1.16.0/tools/assert_get.c:49:12: branch_false: following ‘false’ branch (when ‘assignment’ is non-NULL)...
libfido2-1.16.0/tools/assert_get.c:51:20: branch_false: ...to here
libfido2-1.16.0/tools/assert_get.c:51:12: branch_false: following ‘false’ branch (when ‘val’ is non-NULL)...
libfido2-1.16.0/tools/assert_get.c:55:10: branch_false: ...to here
libfido2-1.16.0/tools/assert_get.c:57:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/tools/assert_get.c:59:19: branch_false: ...to here
libfido2-1.16.0/tools/assert_get.c:59:17: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/tools/assert_get.c:62:17: branch_false: ...to here
libfido2-1.16.0/tools/assert_get.c:62:17: throw: if ‘errx’ throws an exception...
libfido2-1.16.0/tools/assert_get.c:62:17: danger: ‘assignment’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#   60|   		v = FIDO_OPT_FALSE;
#   61|   	else
#   62|-> 		errx(1, "unknown value '%s'", val);
#   63|   
#   64|   	if (!strcmp(key, "up"))

Error: GCC_ANALYZER_WARNING (CWE-401): [#def374]
libfido2-1.16.0/tools/assert_get.c:71:17: warning[-Wanalyzer-malloc-leak]: leak of ‘assignment’
libfido2-1.16.0/tools/assert_get.c:49:27: acquire_memory: allocated here
libfido2-1.16.0/tools/assert_get.c:49:12: branch_false: following ‘false’ branch (when ‘assignment’ is non-NULL)...
libfido2-1.16.0/tools/assert_get.c:51:20: branch_false: ...to here
libfido2-1.16.0/tools/assert_get.c:51:12: branch_false: following ‘false’ branch (when ‘val’ is non-NULL)...
libfido2-1.16.0/tools/assert_get.c:55:10: branch_false: ...to here
libfido2-1.16.0/tools/assert_get.c:64:12: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/tools/assert_get.c:66:19: branch_false: ...to here
libfido2-1.16.0/tools/assert_get.c:66:17: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/tools/assert_get.c:68:19: branch_false: ...to here
libfido2-1.16.0/tools/assert_get.c:68:17: branch_false: following ‘false’ branch (when the strings are non-equal)...
libfido2-1.16.0/tools/assert_get.c:71:17: branch_false: ...to here
libfido2-1.16.0/tools/assert_get.c:71:17: throw: if ‘errx’ throws an exception...
libfido2-1.16.0/tools/assert_get.c:71:17: danger: ‘assignment’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#   69|   		k = &opt->pin;
#   70|   	else
#   71|-> 		errx(1, "unknown key '%s'", key);
#   72|   
#   73|   	free(assignment);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def375]
libfido2-1.16.0/tools/config.c:165:46: warning[-Wanalyzer-malloc-leak]: leak of ‘*rpid’
libfido2-1.16.0/tools/config.c:161:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/config.c:161:12: branch_false: ...to here
libfido2-1.16.0/tools/config.c:164:21: branch_true: following ‘true’ branch (when ‘cp’ is non-NULL)...
libfido2-1.16.0/tools/config.c:165:20: branch_true: ...to here
libfido2-1.16.0/tools/config.c:165:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/config.c:168:32: acquire_memory: allocated here
libfido2-1.16.0/tools/config.c:168:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/config.c:170:21: branch_false: ...to here
libfido2-1.16.0/tools/config.c:170:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/config.c:170:20: branch_false: ...to here
libfido2-1.16.0/tools/config.c:164:21: branch_true: following ‘true’ branch (when ‘cp’ is non-NULL)...
libfido2-1.16.0/tools/config.c:165:20: branch_true: ...to here
libfido2-1.16.0/tools/config.c:165:20: branch_false: following ‘false’ branch (when ‘n != 18446744073709551615’)...
libfido2-1.16.0/tools/config.c:165:46: branch_false: ...to here
libfido2-1.16.0/tools/config.c:165:46: danger: ‘*rpid’ leaks here; was allocated at [(7)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/6)
#  163|   	otmp = tmp;
#  164|   	for (n = 0; (cp = strsep(&tmp, ",")) != NULL; n++) {
#  165|-> 		if (n == SIZE_MAX || (rpid = recallocarray(rpid, n, n + 1,
#  166|   		    sizeof(*rpid))) == NULL)
#  167|   			err(1, "recallocarray");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def376]
libfido2-1.16.0/tools/config.c:165:46: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
libfido2-1.16.0/tools/config.c:161:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/config.c:161:12: branch_false: ...to here
libfido2-1.16.0/tools/config.c:164:21: branch_true: following ‘true’ branch (when ‘cp’ is non-NULL)...
libfido2-1.16.0/tools/config.c:165:20: branch_true: ...to here
libfido2-1.16.0/tools/config.c:165:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/config.c:168:32: acquire_memory: allocated here
libfido2-1.16.0/tools/config.c:168:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/config.c:170:21: branch_false: ...to here
libfido2-1.16.0/tools/config.c:170:20: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/config.c:170:20: branch_false: ...to here
libfido2-1.16.0/tools/config.c:164:21: branch_true: following ‘true’ branch (when ‘cp’ is non-NULL)...
libfido2-1.16.0/tools/config.c:165:20: branch_true: ...to here
libfido2-1.16.0/tools/config.c:165:20: branch_false: following ‘false’ branch (when ‘n != 18446744073709551615’)...
libfido2-1.16.0/tools/config.c:165:46: branch_false: ...to here
libfido2-1.16.0/tools/config.c:165:46: danger: ‘<unknown>’ leaks here; was allocated at [(7)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/6)
#  163|   	otmp = tmp;
#  164|   	for (n = 0; (cp = strsep(&tmp, ",")) != NULL; n++) {
#  165|-> 		if (n == SIZE_MAX || (rpid = recallocarray(rpid, n, n + 1,
#  166|   		    sizeof(*rpid))) == NULL)
#  167|   			err(1, "recallocarray");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def377]
libfido2-1.16.0/tools/config.c:165:46: warning[-Wanalyzer-malloc-leak]: leak of ‘tmp’
libfido2-1.16.0/tools/config.c:161:20: acquire_memory: allocated here
libfido2-1.16.0/tools/config.c:161:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/config.c:161:12: branch_false: ...to here
libfido2-1.16.0/tools/config.c:164:21: branch_true: following ‘true’ branch (when ‘cp’ is non-NULL)...
libfido2-1.16.0/tools/config.c:165:20: branch_true: ...to here
libfido2-1.16.0/tools/config.c:165:20: branch_false: following ‘false’ branch (when ‘n != 18446744073709551615’)...
libfido2-1.16.0/tools/config.c:165:46: branch_false: ...to here
libfido2-1.16.0/tools/config.c:165:46: throw: if ‘recallocarray’ throws an exception...
libfido2-1.16.0/tools/config.c:165:46: danger: ‘tmp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  163|   	otmp = tmp;
#  164|   	for (n = 0; (cp = strsep(&tmp, ",")) != NULL; n++) {
#  165|-> 		if (n == SIZE_MAX || (rpid = recallocarray(rpid, n, n + 1,
#  166|   		    sizeof(*rpid))) == NULL)
#  167|   			err(1, "recallocarray");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def378]
libfido2-1.16.0/tools/config.c:167:25: warning[-Wanalyzer-malloc-leak]: leak of ‘tmp’
libfido2-1.16.0/tools/config.c:161:20: acquire_memory: allocated here
libfido2-1.16.0/tools/config.c:161:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/config.c:161:12: branch_false: ...to here
libfido2-1.16.0/tools/config.c:164:21: branch_true: following ‘true’ branch (when ‘cp’ is non-NULL)...
libfido2-1.16.0/tools/config.c:165:20: branch_true: ...to here
libfido2-1.16.0/tools/config.c:165:20: branch_false: following ‘false’ branch (when ‘n != 18446744073709551615’)...
libfido2-1.16.0/tools/config.c:165:46: branch_false: ...to here
libfido2-1.16.0/tools/config.c:165:21: branch_true: following ‘true’ branch...
libfido2-1.16.0/tools/config.c:167:25: branch_true: ...to here
libfido2-1.16.0/tools/config.c:167:25: throw: if ‘err’ throws an exception...
libfido2-1.16.0/tools/config.c:167:25: danger: ‘tmp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
#  165|   		if (n == SIZE_MAX || (rpid = recallocarray(rpid, n, n + 1,
#  166|   		    sizeof(*rpid))) == NULL)
#  167|-> 			err(1, "recallocarray");
#  168|   		if ((rpid[n] = strdup(cp)) == NULL)
#  169|   			err(1, "strdup");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def379]
libfido2-1.16.0/tools/largeblob.c:335:13: warning[-Wanalyzer-malloc-leak]: leak of ‘zs.next_out’
libfido2-1.16.0/tools/largeblob.c:318:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:320:12: branch_false: following ‘false’ branch (when ‘origsiz <= 4294967295’)...
libfido2-1.16.0/tools/largeblob.c:321:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:320:13: branch_false: following ‘false’ branch (when ‘olen <= 1048576’)...
libfido2-1.16.0/tools/largeblob.c:323:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:323:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:326:24: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:326:24: acquire_memory: allocated here
libfido2-1.16.0/tools/largeblob.c:326:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:329:9: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:335:13: throw: if ‘inflate’ throws an exception...
libfido2-1.16.0/tools/largeblob.c:335:13: danger: ‘zs.next_out’ leaks here; was allocated at [(9)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/8)
#  333|   	zs.avail_out = olen;
#  334|   
#  335|-> 	if (inflate(&zs, Z_FINISH) != Z_STREAM_END)
#  336|   		goto fail;
#  337|   	if (zs.avail_out != 0)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def380]
libfido2-1.16.0/tools/largeblob.c:384:20: warning[-Wanalyzer-malloc-leak]: leak of ‘plaintext.ptr’
libfido2-1.16.0/tools/largeblob.c:371:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:373:12: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:373:12: branch_false: following ‘false’ branch (when ‘cred’ is non-NULL)...
libfido2-1.16.0/tools/largeblob.c:374:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:373:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:375:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:373:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:377:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:377:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:381:9: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:382:30: acquire_memory: allocated here
libfido2-1.16.0/tools/largeblob.c:382:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:384:20: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:384:20: throw: if ‘EVP_CIPHER_CTX_new’ throws an exception...
libfido2-1.16.0/tools/largeblob.c:384:20: danger: ‘plaintext.ptr’ leaks here; was allocated at [(11)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/10)
#  382|   	if ((plaintext.ptr = calloc(1, plaintext.len)) == NULL)
#  383|   		return -1;
#  384|-> 	if ((ctx = EVP_CIPHER_CTX_new()) == NULL ||
#  385|   	    (cipher = EVP_aes_256_gcm()) == NULL ||
#  386|   	    EVP_CipherInit(ctx, cipher, fido_cred_largeblob_key_ptr(cred),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def381]
libfido2-1.16.0/tools/largeblob.c:385:23: warning[-Wanalyzer-malloc-leak]: leak of ‘plaintext.ptr’
libfido2-1.16.0/tools/largeblob.c:371:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:373:12: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:373:12: branch_false: following ‘false’ branch (when ‘cred’ is non-NULL)...
libfido2-1.16.0/tools/largeblob.c:374:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:373:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:375:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:373:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:377:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:377:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:381:9: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:382:30: acquire_memory: allocated here
libfido2-1.16.0/tools/largeblob.c:382:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:384:20: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:384:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:385:23: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:385:23: throw: if ‘EVP_aes_256_gcm’ throws an exception...
libfido2-1.16.0/tools/largeblob.c:385:23: danger: ‘plaintext.ptr’ leaks here; was allocated at [(11)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/10)
#  383|   		return -1;
#  384|   	if ((ctx = EVP_CIPHER_CTX_new()) == NULL ||
#  385|-> 	    (cipher = EVP_aes_256_gcm()) == NULL ||
#  386|   	    EVP_CipherInit(ctx, cipher, fido_cred_largeblob_key_ptr(cred),
#  387|   	    nonce->ptr, 0) == 0)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def382]
libfido2-1.16.0/tools/largeblob.c:386:13: warning[-Wanalyzer-malloc-leak]: leak of ‘plaintext.ptr’
libfido2-1.16.0/tools/largeblob.c:371:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:373:12: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:373:12: branch_false: following ‘false’ branch (when ‘cred’ is non-NULL)...
libfido2-1.16.0/tools/largeblob.c:374:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:373:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:375:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:373:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:377:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:377:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:381:9: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:382:30: acquire_memory: allocated here
libfido2-1.16.0/tools/largeblob.c:382:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:384:20: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:384:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:385:23: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:384:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:387:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:386:13: throw: if ‘fido_cred_largeblob_key_ptr’ throws an exception...
libfido2-1.16.0/tools/largeblob.c:386:13: danger: ‘plaintext.ptr’ leaks here; was allocated at [(11)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/10)
#  384|   	if ((ctx = EVP_CIPHER_CTX_new()) == NULL ||
#  385|   	    (cipher = EVP_aes_256_gcm()) == NULL ||
#  386|-> 	    EVP_CipherInit(ctx, cipher, fido_cred_largeblob_key_ptr(cred),
#  387|   	    nonce->ptr, 0) == 0)
#  388|   		goto out;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def383]
libfido2-1.16.0/tools/largeblob.c:389:13: warning[-Wanalyzer-malloc-leak]: leak of ‘plaintext.ptr’
libfido2-1.16.0/tools/largeblob.c:371:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:373:12: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:373:12: branch_false: following ‘false’ branch (when ‘cred’ is non-NULL)...
libfido2-1.16.0/tools/largeblob.c:374:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:373:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:375:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:373:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:377:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:377:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:381:9: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:382:30: acquire_memory: allocated here
libfido2-1.16.0/tools/largeblob.c:382:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:384:20: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:384:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:385:23: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:384:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:387:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:384:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:390:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:389:13: throw: if ‘EVP_CIPHER_CTX_ctrl’ throws an exception...
libfido2-1.16.0/tools/largeblob.c:389:13: danger: ‘plaintext.ptr’ leaks here; was allocated at [(11)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/10)
#  387|   	    nonce->ptr, 0) == 0)
#  388|   		goto out;
#  389|-> 	if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, 16,
#  390|   	    ciphertext->ptr + ciphertext->len - 16) == 0)
#  391|   		goto out;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def384]
libfido2-1.16.0/tools/largeblob.c:398:13: warning[-Wanalyzer-malloc-leak]: leak of ‘plaintext.ptr’
libfido2-1.16.0/tools/largeblob.c:371:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:373:12: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:373:12: branch_false: following ‘false’ branch (when ‘cred’ is non-NULL)...
libfido2-1.16.0/tools/largeblob.c:374:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:373:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:375:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:373:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:377:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:377:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:381:9: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:382:30: acquire_memory: allocated here
libfido2-1.16.0/tools/largeblob.c:382:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:384:20: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:384:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:385:23: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:384:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:387:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:384:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:390:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:389:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:392:9: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:398:13: throw: if ‘EVP_Cipher’ throws an exception...
libfido2-1.16.0/tools/largeblob.c:398:13: danger: ‘plaintext.ptr’ leaks here; was allocated at [(11)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/10)
#  396|   	tmp = htole64(origsiz);
#  397|   	memcpy(&aad[4], &tmp, sizeof(uint64_t));
#  398|-> 	if (EVP_Cipher(ctx, NULL, aad, (u_int)sizeof(aad)) < 0 ||
#  399|   	    EVP_Cipher(ctx, plaintext.ptr, ciphertext->ptr,
#  400|   	    (u_int)plaintext.len) < 0 ||

Error: GCC_ANALYZER_WARNING (CWE-401): [#def385]
libfido2-1.16.0/tools/largeblob.c:399:13: warning[-Wanalyzer-malloc-leak]: leak of ‘plaintext.ptr’
libfido2-1.16.0/tools/largeblob.c:371:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:373:12: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:373:12: branch_false: following ‘false’ branch (when ‘cred’ is non-NULL)...
libfido2-1.16.0/tools/largeblob.c:374:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:373:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:375:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:373:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:377:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:377:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:381:9: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:382:30: acquire_memory: allocated here
libfido2-1.16.0/tools/largeblob.c:382:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:384:20: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:384:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:385:23: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:384:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:387:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:384:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:390:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:389:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:392:9: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:398:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:399:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:399:13: throw: if ‘EVP_Cipher’ throws an exception...
libfido2-1.16.0/tools/largeblob.c:399:13: danger: ‘plaintext.ptr’ leaks here; was allocated at [(11)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/10)
#  397|   	memcpy(&aad[4], &tmp, sizeof(uint64_t));
#  398|   	if (EVP_Cipher(ctx, NULL, aad, (u_int)sizeof(aad)) < 0 ||
#  399|-> 	    EVP_Cipher(ctx, plaintext.ptr, ciphertext->ptr,
#  400|   	    (u_int)plaintext.len) < 0 ||
#  401|   	    EVP_Cipher(ctx, NULL, NULL, 0) < 0)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def386]
libfido2-1.16.0/tools/largeblob.c:408:9: warning[-Wanalyzer-malloc-leak]: leak of ‘plaintext.ptr’
libfido2-1.16.0/tools/largeblob.c:371:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:373:12: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:373:12: branch_false: following ‘false’ branch (when ‘cred’ is non-NULL)...
libfido2-1.16.0/tools/largeblob.c:374:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:373:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:375:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:373:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:377:13: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:377:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:381:9: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:382:30: acquire_memory: allocated here
libfido2-1.16.0/tools/largeblob.c:382:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/largeblob.c:384:20: branch_false: ...to here
libfido2-1.16.0/tools/largeblob.c:408:9: throw: if ‘freezero’ throws an exception...
libfido2-1.16.0/tools/largeblob.c:408:9: danger: ‘plaintext.ptr’ leaks here; was allocated at [(11)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/10)
#  406|   	ok = 0;
#  407|   out:
#  408|-> 	freezero(plaintext.ptr, plaintext.len);
#  409|   
#  410|   	if (ctx != NULL)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def387]
libfido2-1.16.0/tools/util.c:50:17: warning[-Wanalyzer-malloc-leak]: leak of ‘pin’
libfido2-1.16.0/tools/util.c:44:20: acquire_memory: allocated here
libfido2-1.16.0/tools/util.c:44:12: branch_false: following ‘false’ branch (when ‘pin’ is non-NULL)...
libfido2-1.16.0/tools/util.c:48:18: branch_false: ...to here
libfido2-1.16.0/tools/util.c:50:17: throw: if ‘warn’ throws an exception...
libfido2-1.16.0/tools/util.c:50:17: danger: ‘pin’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#   48|   	if ((r = snprintf(prompt, sizeof(prompt), "Enter PIN for %s: ",
#   49|   	    path)) < 0 || (size_t)r >= sizeof(prompt)) {
#   50|-> 		warn("%s: snprintf", __func__);
#   51|   		goto out;
#   52|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def388]
libfido2-1.16.0/tools/util.c:53:14: warning[-Wanalyzer-malloc-leak]: leak of ‘pin’
libfido2-1.16.0/tools/util.c:44:20: acquire_memory: allocated here
libfido2-1.16.0/tools/util.c:44:12: branch_false: following ‘false’ branch (when ‘pin’ is non-NULL)...
libfido2-1.16.0/tools/util.c:48:18: branch_false: ...to here
libfido2-1.16.0/tools/util.c:48:12: branch_false: following ‘false’ branch (when ‘r >= 0’)...
libfido2-1.16.0/tools/util.c:49:27: branch_false: ...to here
libfido2-1.16.0/tools/util.c:48:13: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/util.c:53:14: branch_false: ...to here
libfido2-1.16.0/tools/util.c:53:14: throw: if ‘readpassphrase’ throws an exception...
libfido2-1.16.0/tools/util.c:53:14: danger: ‘pin’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#   51|   		goto out;
#   52|   	}
#   53|-> 	if (!readpassphrase(prompt, pin, PINBUF_LEN, RPP_ECHO_OFF)) {
#   54|   		warnx("%s: readpassphrase", __func__);
#   55|   		goto out;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def389]
libfido2-1.16.0/tools/util.c:61:17: warning[-Wanalyzer-malloc-leak]: leak of ‘pin’
libfido2-1.16.0/tools/util.c:44:20: acquire_memory: allocated here
libfido2-1.16.0/tools/util.c:44:12: branch_false: following ‘false’ branch (when ‘pin’ is non-NULL)...
libfido2-1.16.0/tools/util.c:48:18: branch_false: ...to here
libfido2-1.16.0/tools/util.c:61:17: throw: if ‘freezero’ throws an exception...
libfido2-1.16.0/tools/util.c:61:17: danger: ‘pin’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#   59|   out:
#   60|   	if (ok < 0) {
#   61|-> 		freezero(pin, PINBUF_LEN);
#   62|   		pin = NULL;
#   63|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def390]
libfido2-1.16.0/tools/util.c:228:21: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(path, "r")’
libfido2-1.16.0/tools/util.c:223:19: acquire_resource: opened here
libfido2-1.16.0/tools/util.c:223:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/util.c:228:21: branch_false: ...to here
libfido2-1.16.0/tools/util.c:228:21: throw: if ‘PEM_read_PUBKEY’ throws an exception...
libfido2-1.16.0/tools/util.c:228:21: danger: ‘fopen(path, "r")’ leaks here; was opened at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
#  226|   	}
#  227|   
#  228|-> 	if ((pkey = PEM_read_PUBKEY(fp, NULL, NULL, NULL)) == NULL) {
#  229|   		warnx("PEM_read_PUBKEY");
#  230|   		goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def391]
libfido2-1.16.0/tools/util.c:228:21: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(path, "r")’
libfido2-1.16.0/tools/util.c:223:19: acquire_memory: allocated here
libfido2-1.16.0/tools/util.c:223:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/util.c:228:21: branch_false: ...to here
libfido2-1.16.0/tools/util.c:228:21: throw: if ‘PEM_read_PUBKEY’ throws an exception...
libfido2-1.16.0/tools/util.c:228:21: danger: ‘fopen(path, "r")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
#  226|   	}
#  227|   
#  228|-> 	if ((pkey = PEM_read_PUBKEY(fp, NULL, NULL, NULL)) == NULL) {
#  229|   		warnx("PEM_read_PUBKEY");
#  230|   		goto fail;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def392]
libfido2-1.16.0/tools/util.c:336:21: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(path, "r")’
libfido2-1.16.0/tools/util.c:331:19: acquire_resource: opened here
libfido2-1.16.0/tools/util.c:331:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/util.c:336:21: branch_false: ...to here
libfido2-1.16.0/tools/util.c:336:21: throw: if ‘PEM_read_PUBKEY’ throws an exception...
libfido2-1.16.0/tools/util.c:336:21: danger: ‘fopen(path, "r")’ leaks here; was opened at [(1)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/0)
#  334|   	}
#  335|   
#  336|-> 	if ((pkey = PEM_read_PUBKEY(fp, NULL, NULL, NULL)) == NULL) {
#  337|   		warnx("PEM_read_PUBKEY");
#  338|   		goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def393]
libfido2-1.16.0/tools/util.c:336:21: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(path, "r")’
libfido2-1.16.0/tools/util.c:331:19: acquire_memory: allocated here
libfido2-1.16.0/tools/util.c:331:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/util.c:336:21: branch_false: ...to here
libfido2-1.16.0/tools/util.c:336:21: throw: if ‘PEM_read_PUBKEY’ throws an exception...
libfido2-1.16.0/tools/util.c:336:21: danger: ‘fopen(path, "r")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/0)
#  334|   	}
#  335|   
#  336|-> 	if ((pkey = PEM_read_PUBKEY(fp, NULL, NULL, NULL)) == NULL) {
#  337|   		warnx("PEM_read_PUBKEY");
#  338|   		goto fail;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def394]
libfido2-1.16.0/tools/util.c:405:21: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(path, "r")’
libfido2-1.16.0/tools/util.c:400:19: acquire_resource: opened here
libfido2-1.16.0/tools/util.c:400:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/util.c:405:21: branch_false: ...to here
libfido2-1.16.0/tools/util.c:405:21: throw: if ‘PEM_read_PUBKEY’ throws an exception...
libfido2-1.16.0/tools/util.c:405:21: danger: ‘fopen(path, "r")’ leaks here; was opened at [(1)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/0)
#  403|   	}
#  404|   
#  405|-> 	if ((pkey = PEM_read_PUBKEY(fp, NULL, NULL, NULL)) == NULL) {
#  406|   		warnx("PEM_read_PUBKEY");
#  407|   		goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def395]
libfido2-1.16.0/tools/util.c:405:21: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(path, "r")’
libfido2-1.16.0/tools/util.c:400:19: acquire_memory: allocated here
libfido2-1.16.0/tools/util.c:400:12: branch_false: following ‘false’ branch...
libfido2-1.16.0/tools/util.c:405:21: branch_false: ...to here
libfido2-1.16.0/tools/util.c:405:21: throw: if ‘PEM_read_PUBKEY’ throws an exception...
libfido2-1.16.0/tools/util.c:405:21: danger: ‘fopen(path, "r")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/0)
#  403|   	}
#  404|   
#  405|-> 	if ((pkey = PEM_read_PUBKEY(fp, NULL, NULL, NULL)) == NULL) {
#  406|   		warnx("PEM_read_PUBKEY");
#  407|   		goto fail;