Error: GCC_ANALYZER_WARNING (CWE-401): [#def1] libinput-1.30.1/src/libinput-plugin-lua.c:184:33: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ libinput-1.30.1/src/libinput-plugin-lua.c:156:1: enter_function: entry to ‘lua_push_evdev_device’ libinput-1.30.1/src/libinput-plugin-lua.c:175:16: branch_true: following ‘true’ branch (when ‘e’ is non-NULL)... libinput-1.30.1/src/libinput-plugin-lua.c:176:35: branch_true: ...to here libinput-1.30.1/src/libinput-plugin-lua.c:177:21: call_function: calling ‘strstartswith’ from ‘lua_push_evdev_device’ libinput-1.30.1/src/libinput-plugin-lua.c:177:21: return_function: returning to ‘lua_push_evdev_device’ from ‘strstartswith’ libinput-1.30.1/src/libinput-plugin-lua.c:177:20: branch_true: following ‘true’ branch... libinput-1.30.1/src/libinput-plugin-lua.c:178:22: branch_true: ...to here libinput-1.30.1/src/libinput-plugin-lua.c:177:21: branch_false: following ‘false’ branch... libinput-1.30.1/src/libinput-plugin-lua.c:179:22: branch_false: ...to here libinput-1.30.1/src/libinput-plugin-lua.c:177:21: branch_false: following ‘false’ branch... libinput-1.30.1/src/libinput-plugin-lua.c:180:45: branch_false: ...to here libinput-1.30.1/src/libinput-plugin-lua.c:181:28: branch_false: following ‘false’ branch... libinput-1.30.1/src/libinput-plugin-lua.c:183:41: branch_false: ...to here libinput-1.30.1/src/libinput-plugin-lua.c:183:41: call_function: calling ‘udev_property_new’ from ‘lua_push_evdev_device’ libinput-1.30.1/src/libinput-plugin-lua.c:183:41: return_function: returning to ‘lua_push_evdev_device’ from ‘udev_property_new’ libinput-1.30.1/src/libinput-plugin-lua.c:184:33: danger: ‘<unknown>’ leaks here; was allocated at [(35)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/34) # 182| struct udev_property *prop = # 183| udev_property_new(key, value); # 184|-> list_insert(&lua_device->udev_properties_list, # 185| &prop->link); # 186| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def2] libinput-1.30.1/src/libinput-plugin-lua.c:184:33: warning[-Wanalyzer-malloc-leak]: leak of ‘udev_property_new(udev_list_entry_get_name(e), udev_list_entry_get_value(e))’ libinput-1.30.1/src/libinput-plugin-lua.c:156:1: enter_function: entry to ‘lua_push_evdev_device’ libinput-1.30.1/src/libinput-plugin-lua.c:175:16: branch_true: following ‘true’ branch (when ‘e’ is non-NULL)... libinput-1.30.1/src/libinput-plugin-lua.c:176:35: branch_true: ...to here libinput-1.30.1/src/libinput-plugin-lua.c:177:21: call_function: calling ‘strstartswith’ from ‘lua_push_evdev_device’ libinput-1.30.1/src/libinput-plugin-lua.c:177:21: return_function: returning to ‘lua_push_evdev_device’ from ‘strstartswith’ libinput-1.30.1/src/libinput-plugin-lua.c:177:20: branch_true: following ‘true’ branch... libinput-1.30.1/src/libinput-plugin-lua.c:178:22: branch_true: ...to here libinput-1.30.1/src/libinput-plugin-lua.c:177:21: branch_false: following ‘false’ branch... libinput-1.30.1/src/libinput-plugin-lua.c:179:22: branch_false: ...to here libinput-1.30.1/src/libinput-plugin-lua.c:177:21: branch_false: following ‘false’ branch... libinput-1.30.1/src/libinput-plugin-lua.c:180:45: branch_false: ...to here libinput-1.30.1/src/libinput-plugin-lua.c:181:28: branch_false: following ‘false’ branch... libinput-1.30.1/src/libinput-plugin-lua.c:183:41: branch_false: ...to here libinput-1.30.1/src/libinput-plugin-lua.c:183:41: call_function: calling ‘udev_property_new’ from ‘lua_push_evdev_device’ libinput-1.30.1/src/libinput-plugin-lua.c:183:41: return_function: returning to ‘lua_push_evdev_device’ from ‘udev_property_new’ libinput-1.30.1/src/libinput-plugin-lua.c:184:33: danger: ‘udev_property_new(udev_list_entry_get_name(e), udev_list_entry_get_value(e))’ leaks here; was allocated at [(28)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/27) # 182| struct udev_property *prop = # 183| udev_property_new(key, value); # 184|-> list_insert(&lua_device->udev_properties_list, # 185| &prop->link); # 186| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def3] libinput-1.30.1/src/libinput-plugin-lua.c:944:9: warning[-Wanalyzer-malloc-leak]: leak of ‘zalloc(544)’ libinput-1.30.1/src/libinput-plugin-lua.c:941:1: enter_function: entry to ‘evdevdevice_frame’ libinput-1.30.1/src/libinput-plugin-lua.c:943:22: call_function: inlined call to ‘evdev_frame_new’ from ‘evdevdevice_frame’ libinput-1.30.1/src/libinput-plugin-lua.c:943:22: call_function: inlined call to ‘evdev_frame_new’ from ‘evdevdevice_frame’ libinput-1.30.1/src/libinput-plugin-lua.c:944:9: call_function: calling ‘lua_pop_evdev_frame’ from ‘evdevdevice_frame’ # 942| { # 943| auto frame = evdev_frame_new(64); # 944|-> lua_pop_evdev_frame(plugin, device->evdev, frame); # 945| # 946| struct libinput *libinput = lua_get_libinput(L); Error: GCC_ANALYZER_WARNING (CWE-457): [#def4] libinput-1.30.1/src/libinput-plugin-lua.c:1096:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘plugin’ libinput-1.30.1/src/libinput-plugin-lua.c:1285:1: enter_function: entry to ‘libinput_lua_plugin_new_from_path’ libinput-1.30.1/src/libinput-plugin-lua.c:1287:50: call_function: calling ‘zalloc’ from ‘libinput_lua_plugin_new_from_path’ libinput-1.30.1/src/libinput-plugin-lua.c:1287:50: return_function: returning to ‘libinput_lua_plugin_new_from_path’ from ‘zalloc’ libinput-1.30.1/src/libinput-plugin-lua.c:1288:33: call_function: calling ‘safe_strdup’ from ‘libinput_lua_plugin_new_from_path’ libinput-1.30.1/src/libinput-plugin-lua.c:1288:33: return_function: returning to ‘libinput_lua_plugin_new_from_path’ from ‘safe_strdup’ libinput-1.30.1/src/libinput-plugin-lua.c:1294:17: throw: if ‘libinput_plugin_new’ throws an exception... libinput-1.30.1/src/libinput-plugin-lua.c:1287:41: call_function: inlined call to ‘libinput_lua_plugin_destroyp’ from ‘libinput_lua_plugin_new_from_path’ # 1094| } # 1095| # 1096|-> DEFINE_DESTROY_CLEANUP_FUNC(libinput_lua_plugin); # 1097| # 1098| static void Error: GCC_ANALYZER_WARNING (CWE-401): [#def5] libinput-1.30.1/src/libinput-plugin-lua.c:1288:33: warning[-Wanalyzer-malloc-leak]: leak of ‘zalloc(72)’ libinput-1.30.1/src/libinput-plugin-lua.c:1285:1: enter_function: entry to ‘libinput_lua_plugin_new_from_path’ libinput-1.30.1/src/libinput-plugin-lua.c:1287:50: call_function: calling ‘zalloc’ from ‘libinput_lua_plugin_new_from_path’ libinput-1.30.1/src/libinput-plugin-lua.c:1287:50: return_function: returning to ‘libinput_lua_plugin_new_from_path’ from ‘zalloc’ libinput-1.30.1/src/libinput-plugin-lua.c:1288:33: throw: if ‘safe_basename’ throws an exception... libinput-1.30.1/src/libinput-plugin-lua.c:1288:33: danger: ‘zalloc(72)’ leaks here; was allocated at [(6)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/5) # 1286| { # 1287| _destroy_(libinput_lua_plugin) *plugin = zalloc(sizeof(*plugin)); # 1288|-> _autofree_ char *name = safe_strdup(safe_basename(path)); # 1289| # 1290| /* libinput's plugin system keeps a ref, we don't need Error: GCC_ANALYZER_WARNING (CWE-401): [#def6] libinput-1.30.1/src/libinput-plugin-lua.c:1294:17: warning[-Wanalyzer-malloc-leak]: leak of ‘zalloc(72)’ libinput-1.30.1/src/libinput-plugin-lua.c:1285:1: enter_function: entry to ‘libinput_lua_plugin_new_from_path’ libinput-1.30.1/src/libinput-plugin-lua.c:1287:50: call_function: calling ‘zalloc’ from ‘libinput_lua_plugin_new_from_path’ libinput-1.30.1/src/libinput-plugin-lua.c:1287:50: return_function: returning to ‘libinput_lua_plugin_new_from_path’ from ‘zalloc’ libinput-1.30.1/src/libinput-plugin-lua.c:1288:33: call_function: calling ‘safe_strdup’ from ‘libinput_lua_plugin_new_from_path’ libinput-1.30.1/src/libinput-plugin-lua.c:1288:33: return_function: returning to ‘libinput_lua_plugin_new_from_path’ from ‘safe_strdup’ libinput-1.30.1/src/libinput-plugin-lua.c:1294:17: throw: if ‘libinput_plugin_new’ throws an exception... libinput-1.30.1/src/libinput-plugin-lua.c:1294:17: danger: ‘zalloc(72)’ leaks here; was allocated at [(6)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/5) # 1292| */ # 1293| _unref_(libinput_plugin) *p = # 1294|-> libinput_plugin_new(libinput, name, &interface, NULL); # 1295| # 1296| plugin->parent = p; Error: GCC_ANALYZER_WARNING (CWE-401): [#def7] libinput-1.30.1/src/libinput-plugin-lua.c:1301:9: warning[-Wanalyzer-malloc-leak]: leak of ‘zalloc(72)’ libinput-1.30.1/src/libinput-plugin-lua.c:1285:1: enter_function: entry to ‘libinput_lua_plugin_new_from_path’ libinput-1.30.1/src/libinput-plugin-lua.c:1287:50: call_function: calling ‘zalloc’ from ‘libinput_lua_plugin_new_from_path’ libinput-1.30.1/src/libinput-plugin-lua.c:1287:50: return_function: returning to ‘libinput_lua_plugin_new_from_path’ from ‘zalloc’ libinput-1.30.1/src/libinput-plugin-lua.c:1288:33: call_function: calling ‘safe_strdup’ from ‘libinput_lua_plugin_new_from_path’ libinput-1.30.1/src/libinput-plugin-lua.c:1288:33: return_function: returning to ‘libinput_lua_plugin_new_from_path’ from ‘safe_strdup’ libinput-1.30.1/src/libinput-plugin-lua.c:1301:9: throw: if ‘list_init’ throws an exception... libinput-1.30.1/src/libinput-plugin-lua.c:1301:9: danger: ‘zalloc(72)’ leaks here; was allocated at [(6)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/5) # 1299| plugin->device_new_refid = LUA_NOREF; # 1300| plugin->timer_expired_refid = LUA_NOREF; # 1301|-> list_init(&plugin->evdev_devices); # 1302| # 1303| _cleanup_(lua_closep) lua_State *L = Error: GCC_ANALYZER_WARNING (CWE-401): [#def8] libinput-1.30.1/src/libinput-plugin-tablet-forced-tool.c:234:22: warning[-Wanalyzer-malloc-leak]: leak of ‘zalloc(40)’ libinput-1.30.1/src/libinput-plugin-tablet-forced-tool.c:224:1: enter_function: entry to ‘forced_tool_plugin_device_added’ libinput-1.30.1/src/libinput-plugin-tablet-forced-tool.c:233:36: call_function: calling ‘zalloc’ from ‘forced_tool_plugin_device_added’ libinput-1.30.1/src/libinput-plugin-tablet-forced-tool.c:233:36: return_function: returning to ‘forced_tool_plugin_device_added’ from ‘zalloc’ libinput-1.30.1/src/libinput-plugin-tablet-forced-tool.c:234:22: throw: if ‘libinput_device_ref’ throws an exception... libinput-1.30.1/src/libinput-plugin-tablet-forced-tool.c:234:22: danger: ‘zalloc(40)’ leaks here; was allocated at [(6)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/5) # 232| struct plugin_data *plugin = libinput_plugin_get_user_data(libinput_plugin); # 233| struct plugin_device *pd = zalloc(sizeof(*pd)); # 234|-> pd->device = libinput_device_ref(device); # 235| list_take_append(&plugin->devices, pd, link); # 236| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def9] libinput-1.30.1/src/libinput-plugin-tablet-forced-tool.c:235:9: warning[-Wanalyzer-malloc-leak]: leak of ‘zalloc(40)’ libinput-1.30.1/src/libinput-plugin-tablet-forced-tool.c:224:1: enter_function: entry to ‘forced_tool_plugin_device_added’ libinput-1.30.1/src/libinput-plugin-tablet-forced-tool.c:233:36: call_function: calling ‘zalloc’ from ‘forced_tool_plugin_device_added’ libinput-1.30.1/src/libinput-plugin-tablet-forced-tool.c:233:36: return_function: returning to ‘forced_tool_plugin_device_added’ from ‘zalloc’ libinput-1.30.1/src/libinput-plugin-tablet-forced-tool.c:235:9: danger: ‘zalloc(40)’ leaks here; was allocated at [(6)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/5) # 233| struct plugin_device *pd = zalloc(sizeof(*pd)); # 234| pd->device = libinput_device_ref(device); # 235|-> list_take_append(&plugin->devices, pd, link); # 236| } # 237| Error: GCC_ANALYZER_WARNING (CWE-401): [#def10] libinput-1.30.1/src/libinput-util.h:76:1: warning[-Wanalyzer-malloc-leak]: leak of ‘safe_strdup(modalias)’ libinput-1.30.1/src/quirks.c:1245:1: enter_function: entry to ‘quirks_init_subsystem’ libinput-1.30.1/src/quirks.c:1251:40: call_function: calling ‘zalloc’ from ‘quirks_init_subsystem’ libinput-1.30.1/src/quirks.c:1251:40: return_function: returning to ‘quirks_init_subsystem’ from ‘zalloc’ libinput-1.30.1/src/quirks.c:1253:9: branch_true: following ‘true’ branch (when ‘data_path’ is non-NULL)... libinput-1.30.1/src/quirks.c:1255:9: branch_true: ...to here libinput-1.30.1/src/quirks.c:1262:9: call_function: calling ‘quirk_log_msg’ from ‘quirks_init_subsystem’ libinput-1.30.1/src/quirks.c:1262:9: return_function: returning to ‘quirks_init_subsystem’ from ‘quirk_log_msg’ libinput-1.30.1/src/quirks.c:1264:20: call_function: calling ‘init_dmi’ from ‘quirks_init_subsystem’ # 74| /* Commonly-used cleanup */ # 75| #ifdef udev_list_entry_foreach # 76|-> DEFINE_UNREF_CLEANUP_FUNC(udev); # 77| DEFINE_UNREF_CLEANUP_FUNC(udev_device); # 78| DEFINE_UNREF_CLEANUP_FUNC(udev_enumerate); Error: GCC_ANALYZER_WARNING (CWE-401): [#def11] libinput-1.30.1/src/libinput-util.h:77:1: warning[-Wanalyzer-malloc-leak]: leak of ‘safe_strdup(modalias)’ libinput-1.30.1/src/quirks.c:1245:1: enter_function: entry to ‘quirks_init_subsystem’ libinput-1.30.1/src/quirks.c:1251:40: call_function: calling ‘zalloc’ from ‘quirks_init_subsystem’ libinput-1.30.1/src/quirks.c:1251:40: return_function: returning to ‘quirks_init_subsystem’ from ‘zalloc’ libinput-1.30.1/src/quirks.c:1253:9: branch_true: following ‘true’ branch (when ‘data_path’ is non-NULL)... libinput-1.30.1/src/quirks.c:1255:9: branch_true: ...to here libinput-1.30.1/src/quirks.c:1262:9: call_function: calling ‘quirk_log_msg’ from ‘quirks_init_subsystem’ libinput-1.30.1/src/quirks.c:1262:9: return_function: returning to ‘quirks_init_subsystem’ from ‘quirk_log_msg’ libinput-1.30.1/src/quirks.c:1264:20: call_function: calling ‘init_dmi’ from ‘quirks_init_subsystem’ # 75| #ifdef udev_list_entry_foreach # 76| DEFINE_UNREF_CLEANUP_FUNC(udev); # 77|-> DEFINE_UNREF_CLEANUP_FUNC(udev_device); # 78| DEFINE_UNREF_CLEANUP_FUNC(udev_enumerate); # 79| DEFINE_UNREF_CLEANUP_FUNC(udev_monitor); Error: GCC_ANALYZER_WARNING (CWE-401): [#def12] libinput-1.30.1/test/litest-main.c:170:25: warning[-Wanalyzer-malloc-leak]: leak of ‘zalloc(40)’ libinput-1.30.1/test/litest-main.c:157:1: enter_function: entry to ‘setup_tests’ libinput-1.30.1/test/litest-main.c:165:25: branch_true: following ‘true’ branch... libinput-1.30.1/test/litest-main.c:168:21: branch_true: ...to here libinput-1.30.1/test/litest-main.c:168:21: call_function: calling ‘zalloc’ from ‘setup_tests’ libinput-1.30.1/test/litest-main.c:168:21: return_function: returning to ‘setup_tests’ from ‘zalloc’ libinput-1.30.1/test/litest-main.c:169:27: call_function: calling ‘safe_strdup’ from ‘setup_tests’ libinput-1.30.1/test/litest-main.c:169:27: return_function: returning to ‘setup_tests’ from ‘safe_strdup’ libinput-1.30.1/test/litest-main.c:172:17: throw: if ‘list_init’ throws an exception... libinput-1.30.1/test/litest-main.c:170:25: danger: ‘zalloc(40)’ leaks here; was allocated at [(8)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/7) # 168| s = zalloc(sizeof(*s)); # 169| s->name = safe_strdup( # 170|-> c->name); /* NOLINT(clang-analyzer-security.ArrayBound) */ # 171| # 172| list_init(&s->tests); Error: GCC_ANALYZER_WARNING (CWE-126): [#def13] libinput-1.30.1/test/litest-main.c:170:25: warning[-Wanalyzer-out-of-bounds]: buffer over-read libinput-1.30.1/test/litest-main.c:157:1: enter_function: entry to ‘setup_tests’ libinput-1.30.1/test/litest-main.c:165:25: branch_true: following ‘true’ branch... libinput-1.30.1/test/litest-main.c:168:21: branch_true: ...to here libinput-1.30.1/test/litest-main.c:168:21: call_function: calling ‘zalloc’ from ‘setup_tests’ libinput-1.30.1/test/litest-main.c:168:21: return_function: returning to ‘setup_tests’ from ‘zalloc’ libinput-1.30.1/test/litest-main.c:169:27: call_function: calling ‘safe_strdup’ from ‘setup_tests’ libinput-1.30.1/test/litest-main.c:169:27: return_function: returning to ‘setup_tests’ from ‘safe_strdup’ libinput-1.30.1/test/litest-main.c:165:25: branch_true: following ‘true’ branch... libinput-1.30.1/test/litest-main.c:168:21: branch_true: ...to here libinput-1.30.1/test/litest-main.c:168:21: call_function: calling ‘zalloc’ from ‘setup_tests’ libinput-1.30.1/test/litest-main.c:168:21: return_function: returning to ‘setup_tests’ from ‘zalloc’ libinput-1.30.1/test/litest-main.c:170:25: danger: out-of-bounds read from byte 16 till byte 23 but ‘__start_test_collection_section’ ends at byte 16 # 168| s = zalloc(sizeof(*s)); # 169| s->name = safe_strdup( # 170|-> c->name); /* NOLINT(clang-analyzer-security.ArrayBound) */ # 171| # 172| list_init(&s->tests); Error: GCC_ANALYZER_WARNING (CWE-401): [#def14] libinput-1.30.1/test/litest.c:267:9: warning[-Wanalyzer-malloc-leak]: leak of ‘zalloc(32)’ libinput-1.30.1/test/litest.c:4856:1: enter_function: entry to ‘litest_logcapture_setup’ libinput-1.30.1/test/litest.c:4858:39: call_function: calling ‘zalloc’ from ‘litest_logcapture_setup’ libinput-1.30.1/test/litest.c:4858:39: return_function: returning to ‘litest_logcapture_setup’ from ‘zalloc’ libinput-1.30.1/test/litest.c:4859:9: call_function: calling ‘litest_context_set_user_data’ from ‘litest_logcapture_setup’ # 265| const char *comparison) # 266| { # 267|-> litest_log("FAILED COMPARISON: %s\n", comparison); # 268| litest_log("in %s() (%s:%d)\n", func, file, line); # 269| litest_backtrace(func); Error: GCC_ANALYZER_WARNING (CWE-401): [#def15] libinput-1.30.1/test/litest.c:2181:48: warning[-Wanalyzer-malloc-leak]: leak of ‘zalloc(32)’ libinput-1.30.1/test/litest.c:4856:1: enter_function: entry to ‘litest_logcapture_setup’ libinput-1.30.1/test/litest.c:4858:39: call_function: calling ‘zalloc’ from ‘litest_logcapture_setup’ libinput-1.30.1/test/litest.c:4858:39: return_function: returning to ‘litest_logcapture_setup’ from ‘zalloc’ libinput-1.30.1/test/litest.c:4859:9: call_function: calling ‘litest_context_set_user_data’ from ‘litest_logcapture_setup’ # 2179| litest_context_set_user_data(struct libinput *li, void *data) # 2180| { # 2181|-> struct litest_user_data *litest_data = libinput_get_user_data(li); # 2182| litest_assert_ptr_notnull(litest_data); # 2183| litest_data->private = data; Error: COMPILER_WARNING (CWE-252): [#def16] libinput-1.30.1/test/test-plugins-lua.c: scope_hint: In function ‘_litest_write_plugin’ libinput-1.30.1/test/test-plugins-lua.c:47:17: warning[-Wunused-result]: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’ # 47 | write(fd, content, strlen(content)); # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 45| # 46| if (content) { # 47|-> write(fd, content, strlen(content)); # 48| fsync(fd); # 49| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def17] libinput-1.30.1/test/test-plugins-lua.c:776:33: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ libinput-1.30.1/test/test-plugins-lua.c:763:1: enter_function: entry to ‘lua_udev_properties’ libinput-1.30.1/test/test-plugins-lua.c:765:37: call_function: calling ‘tmpdir_create’ from ‘lua_udev_properties’ libinput-1.30.1/test/test-plugins-lua.c:765:37: return_function: returning to ‘lua_udev_properties’ from ‘tmpdir_create’ libinput-1.30.1/test/test-plugins-lua.c:776:33: danger: dereference of NULL ‘tmpdir_create(0)’ # 774| "libinput:connect(\"new-evdev-device\", prop_printer)\n"; # 775| # 776|-> _autofree_ char *path = litest_write_plugin(tmpdir->path, lua); # 777| _litest_context_destroy_ struct libinput *li = # 778| litest_create_context_with_plugindir(tmpdir->path); Error: GCC_ANALYZER_WARNING (CWE-476): [#def18] libinput-1.30.1/test/test-plugins-lua.c:851:33: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ libinput-1.30.1/test/test-plugins-lua.c:821:1: enter_function: entry to ‘lua_append_prepend_frame’ libinput-1.30.1/test/test-plugins-lua.c:825:37: call_function: calling ‘tmpdir_create’ from ‘lua_append_prepend_frame’ libinput-1.30.1/test/test-plugins-lua.c:825:37: return_function: returning to ‘lua_append_prepend_frame’ from ‘tmpdir_create’ libinput-1.30.1/test/test-plugins-lua.c:826:32: call_function: calling ‘strdup_printf’ from ‘lua_append_prepend_frame’ libinput-1.30.1/test/test-plugins-lua.c:826:32: return_function: returning to ‘lua_append_prepend_frame’ from ‘strdup_printf’ libinput-1.30.1/test/test-plugins-lua.c:851:33: danger: dereference of NULL ‘tmpdir_create(0)’ # 849| in_timer ? "" : "-- ", # 850| append ? "append" : "prepend"); # 851|-> _autofree_ char *path = litest_write_plugin(tmpdir->path, lua); # 852| _litest_context_destroy_ struct libinput *li = # 853| litest_create_context_with_plugindir(tmpdir->path); Error: GCC_ANALYZER_WARNING (CWE-476): [#def19] libinput-1.30.1/test/test-plugins-lua.c:908:33: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ libinput-1.30.1/test/test-plugins-lua.c:888:1: enter_function: entry to ‘lua_ignore_unsupported_codes’ libinput-1.30.1/test/test-plugins-lua.c:890:37: call_function: calling ‘tmpdir_create’ from ‘lua_ignore_unsupported_codes’ libinput-1.30.1/test/test-plugins-lua.c:890:37: return_function: returning to ‘lua_ignore_unsupported_codes’ from ‘tmpdir_create’ libinput-1.30.1/test/test-plugins-lua.c:891:32: call_function: calling ‘strdup_printf’ from ‘lua_ignore_unsupported_codes’ libinput-1.30.1/test/test-plugins-lua.c:891:32: return_function: returning to ‘lua_ignore_unsupported_codes’ from ‘strdup_printf’ libinput-1.30.1/test/test-plugins-lua.c:908:33: danger: dereference of NULL ‘tmpdir_create(0)’ # 906| " device:connect(\"evdev-frame\", frame_handler)\n" # 907| "end)\n"); # 908|-> _autofree_ char *path = litest_write_plugin(tmpdir->path, lua); # 909| _litest_context_destroy_ struct libinput *li = # 910| litest_create_context_with_plugindir(tmpdir->path); Error: GCC_ANALYZER_WARNING (CWE-476): [#def20] libinput-1.30.1/test/test-plugins-lua.c:953:33: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ libinput-1.30.1/test/test-plugins-lua.c:937:1: enter_function: entry to ‘lua_disable_button_debounce’ libinput-1.30.1/test/test-plugins-lua.c:940:37: call_function: calling ‘tmpdir_create’ from ‘lua_disable_button_debounce’ libinput-1.30.1/test/test-plugins-lua.c:940:37: return_function: returning to ‘lua_disable_button_debounce’ from ‘tmpdir_create’ libinput-1.30.1/test/test-plugins-lua.c:941:32: call_function: calling ‘strdup_printf’ from ‘lua_disable_button_debounce’ libinput-1.30.1/test/test-plugins-lua.c:941:32: return_function: returning to ‘lua_disable_button_debounce’ from ‘strdup_printf’ libinput-1.30.1/test/test-plugins-lua.c:953:33: danger: dereference of NULL ‘tmpdir_create(0)’ # 951| when == DEVICE_NEW ? "" : "--", # 952| when == FIRST_FRAME ? "" : "--"); # 953|-> _autofree_ char *path = litest_write_plugin(tmpdir->path, lua); # 954| etrace("%s", lua); # 955| _litest_context_destroy_ struct libinput *li = Error: GCC_ANALYZER_WARNING (CWE-476): [#def21] libinput-1.30.1/test/test-plugins-lua.c:1016:33: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ libinput-1.30.1/test/test-plugins-lua.c:997:1: enter_function: entry to ‘lua_disable_touchpad_jump_detection’ libinput-1.30.1/test/test-plugins-lua.c:1000:37: call_function: calling ‘tmpdir_create’ from ‘lua_disable_touchpad_jump_detection’ libinput-1.30.1/test/test-plugins-lua.c:1000:37: return_function: returning to ‘lua_disable_touchpad_jump_detection’ from ‘tmpdir_create’ libinput-1.30.1/test/test-plugins-lua.c:1001:32: call_function: calling ‘strdup_printf’ from ‘lua_disable_touchpad_jump_detection’ libinput-1.30.1/test/test-plugins-lua.c:1001:32: return_function: returning to ‘lua_disable_touchpad_jump_detection’ from ‘strdup_printf’ libinput-1.30.1/test/test-plugins-lua.c:1016:33: danger: dereference of NULL ‘tmpdir_create(0)’ # 1014| etrace("plugin data:\n%s", lua); # 1015| # 1016|-> _autofree_ char *path = litest_write_plugin(tmpdir->path, lua); # 1017| _litest_context_destroy_ struct libinput *li = # 1018| litest_create_context_with_plugindir(tmpdir->path);
| analyzer-version-clippy | 1.92.0 |
| analyzer-version-cppcheck | 2.19.1 |
| analyzer-version-gcc | 16.0.0 |
| analyzer-version-gcc-analyzer | 16.0.0 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.92.0 |
| diffbase-analyzer-version-cppcheck | 2.19.1 |
| diffbase-analyzer-version-gcc | 16.0.0 |
| diffbase-analyzer-version-gcc-analyzer | 16.0.0 |
| diffbase-analyzer-version-shellcheck | 0.11.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-49.us-west-2.compute.internal |
| diffbase-known-false-positives | /usr/share/csmock/known-false-positives.js |
| diffbase-known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| diffbase-mock-config | fedora-rawhide-x86_64 |
| diffbase-project-name | libinput-1.29.1-1.fc43 |
| diffbase-store-results-to | /tmp/tmp71_jxd9s/libinput-1.29.1-1.fc43.tar.xz |
| diffbase-time-created | 2026-01-08 18:49:10 |
| diffbase-time-finished | 2026-01-08 18:51:39 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmp71_jxd9s/libinput-1.29.1-1.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmp71_jxd9s/libinput-1.29.1-1.fc43.src.rpm' |
| diffbase-tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-49.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | libinput-1.30.1-1.fc44 |
| store-results-to | /tmp/tmp8dt2v9bg/libinput-1.30.1-1.fc44.tar.xz |
| time-created | 2026-01-08 18:52:16 |
| time-finished | 2026-01-08 18:54:21 |
| title | Newly introduced findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmp8dt2v9bg/libinput-1.30.1-1.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmp8dt2v9bg/libinput-1.30.1-1.fc44.src.rpm' |
| tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |