Error: GCC_ANALYZER_WARNING (CWE-401): [#def1] libnftnl-1.3.1/src/obj/tunnel.c:462:13: warning[-Wanalyzer-malloc-leak]: leak of 'opts' libnftnl-1.3.1/src/obj/tunnel.c:614:1: enter_function: entry to 'nftnl_obj_tunnel_parse_opts' libnftnl-1.3.1/src/obj/tunnel.c:621:9: branch_true: following 'true' branch... libnftnl-1.3.1/src/obj/tunnel.c:622:21: branch_true: ...to here libnftnl-1.3.1/src/obj/tunnel.c:622:20: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:625:24: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:627:40: call_function: calling 'nftnl_tunnel_opts_alloc' from 'nftnl_obj_tunnel_parse_opts' libnftnl-1.3.1/src/obj/tunnel.c:627:40: return_function: returning to 'nftnl_obj_tunnel_parse_opts' from 'nftnl_tunnel_opts_alloc' libnftnl-1.3.1/src/obj/tunnel.c:628:36: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:631:39: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:621:9: branch_true: following 'true' branch... libnftnl-1.3.1/src/obj/tunnel.c:622:21: branch_true: ...to here libnftnl-1.3.1/src/obj/tunnel.c:622:20: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:625:24: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:627:40: call_function: calling 'nftnl_tunnel_opts_alloc' from 'nftnl_obj_tunnel_parse_opts' libnftnl-1.3.1/src/obj/tunnel.c:627:40: return_function: returning to 'nftnl_obj_tunnel_parse_opts' from 'nftnl_tunnel_opts_alloc' libnftnl-1.3.1/src/obj/tunnel.c:628:36: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:631:39: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:631:39: call_function: calling 'nftnl_obj_tunnel_parse_vxlan' from 'nftnl_obj_tunnel_parse_opts' # 460| struct nftnl_tunnel_opt *opt; # 461| # 462|-> if (mnl_attr_parse_nested(attr, nftnl_obj_tunnel_vxlan_cb, tb) < 0) # 463| return -1; # 464| Error: GCC_ANALYZER_WARNING (CWE-401): [#def2] libnftnl-1.3.1/src/obj/tunnel.c:469:13: warning[-Wanalyzer-malloc-leak]: leak of 'nftnl_tunnel_opt_alloc(0)' libnftnl-1.3.1/src/obj/tunnel.c:457:1: enter_function: entry to 'nftnl_obj_tunnel_parse_vxlan' libnftnl-1.3.1/src/obj/tunnel.c:462:12: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:465:15: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:465:15: call_function: calling 'nftnl_tunnel_opt_alloc' from 'nftnl_obj_tunnel_parse_vxlan' libnftnl-1.3.1/src/obj/tunnel.c:465:15: return_function: returning to 'nftnl_obj_tunnel_parse_vxlan' from 'nftnl_tunnel_opt_alloc' libnftnl-1.3.1/src/obj/tunnel.c:466:12: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:469:13: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:469:12: branch_true: following 'true' branch... libnftnl-1.3.1/src/obj/tunnel.c:471:25: branch_true: ...to here libnftnl-1.3.1/src/obj/tunnel.c:471:25: throw: if 'mnl_attr_get_u32' throws an exception... libnftnl-1.3.1/src/obj/tunnel.c:469:13: danger: 'nftnl_tunnel_opt_alloc(0)' leaks here; was allocated at [(8)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/7) # 467| return -1; # 468| # 469|-> if (tb[NFTA_TUNNEL_KEY_VXLAN_GBP]) { # 470| opt->vxlan.gbp = # 471| ntohl(mnl_attr_get_u32(tb[NFTA_TUNNEL_KEY_VXLAN_GBP])); Error: GCC_ANALYZER_WARNING (CWE-401): [#def3] libnftnl-1.3.1/src/obj/tunnel.c:471:25: warning[-Wanalyzer-malloc-leak]: leak of 'opts' libnftnl-1.3.1/src/obj/tunnel.c:614:1: enter_function: entry to 'nftnl_obj_tunnel_parse_opts' libnftnl-1.3.1/src/obj/tunnel.c:621:9: branch_true: following 'true' branch... libnftnl-1.3.1/src/obj/tunnel.c:622:21: branch_true: ...to here libnftnl-1.3.1/src/obj/tunnel.c:622:20: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:625:24: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:627:40: call_function: calling 'nftnl_tunnel_opts_alloc' from 'nftnl_obj_tunnel_parse_opts' libnftnl-1.3.1/src/obj/tunnel.c:627:40: return_function: returning to 'nftnl_obj_tunnel_parse_opts' from 'nftnl_tunnel_opts_alloc' libnftnl-1.3.1/src/obj/tunnel.c:628:36: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:631:39: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:621:9: branch_true: following 'true' branch... libnftnl-1.3.1/src/obj/tunnel.c:622:21: branch_true: ...to here libnftnl-1.3.1/src/obj/tunnel.c:622:20: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:625:24: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:627:40: call_function: calling 'nftnl_tunnel_opts_alloc' from 'nftnl_obj_tunnel_parse_opts' libnftnl-1.3.1/src/obj/tunnel.c:627:40: return_function: returning to 'nftnl_obj_tunnel_parse_opts' from 'nftnl_tunnel_opts_alloc' libnftnl-1.3.1/src/obj/tunnel.c:628:36: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:631:39: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:631:39: call_function: calling 'nftnl_obj_tunnel_parse_vxlan' from 'nftnl_obj_tunnel_parse_opts' # 469| if (tb[NFTA_TUNNEL_KEY_VXLAN_GBP]) { # 470| opt->vxlan.gbp = # 471|-> ntohl(mnl_attr_get_u32(tb[NFTA_TUNNEL_KEY_VXLAN_GBP])); # 472| opt->flags |= (1 << NFTNL_TUNNEL_VXLAN_GBP); # 473| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def4] libnftnl-1.3.1/src/obj/tunnel.c:518:13: warning[-Wanalyzer-malloc-leak]: leak of 'nftnl_tunnel_opt_alloc(1)' libnftnl-1.3.1/src/obj/tunnel.c:506:1: enter_function: entry to 'nftnl_obj_tunnel_parse_erspan' libnftnl-1.3.1/src/obj/tunnel.c:511:12: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:514:15: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:514:15: call_function: calling 'nftnl_tunnel_opt_alloc' from 'nftnl_obj_tunnel_parse_erspan' libnftnl-1.3.1/src/obj/tunnel.c:514:15: return_function: returning to 'nftnl_obj_tunnel_parse_erspan' from 'nftnl_tunnel_opt_alloc' libnftnl-1.3.1/src/obj/tunnel.c:515:12: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:518:13: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:518:12: branch_true: following 'true' branch... libnftnl-1.3.1/src/obj/tunnel.c:520:25: branch_true: ...to here libnftnl-1.3.1/src/obj/tunnel.c:520:25: throw: if 'mnl_attr_get_u32' throws an exception... libnftnl-1.3.1/src/obj/tunnel.c:518:13: danger: 'nftnl_tunnel_opt_alloc(1)' leaks here; was allocated at [(8)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/7) # 516| return -1; # 517| # 518|-> if (tb[NFTA_TUNNEL_KEY_ERSPAN_VERSION]) { # 519| opt->erspan.version = # 520| ntohl(mnl_attr_get_u32(tb[NFTA_TUNNEL_KEY_ERSPAN_VERSION])); Error: GCC_ANALYZER_WARNING (CWE-401): [#def5] libnftnl-1.3.1/src/obj/tunnel.c:577:13: warning[-Wanalyzer-malloc-leak]: leak of 'opts' libnftnl-1.3.1/src/obj/tunnel.c:614:1: enter_function: entry to 'nftnl_obj_tunnel_parse_opts' libnftnl-1.3.1/src/obj/tunnel.c:621:9: branch_true: following 'true' branch... libnftnl-1.3.1/src/obj/tunnel.c:622:21: branch_true: ...to here libnftnl-1.3.1/src/obj/tunnel.c:622:20: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:625:24: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:641:36: branch_true: following 'true' branch (when 'opts' is NULL)... libnftnl-1.3.1/src/obj/tunnel.c:642:48: branch_true: ...to here libnftnl-1.3.1/src/obj/tunnel.c:642:48: call_function: calling 'nftnl_tunnel_opts_alloc' from 'nftnl_obj_tunnel_parse_opts' libnftnl-1.3.1/src/obj/tunnel.c:642:48: return_function: returning to 'nftnl_obj_tunnel_parse_opts' from 'nftnl_tunnel_opts_alloc' libnftnl-1.3.1/src/obj/tunnel.c:644:36: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:647:39: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:647:39: call_function: calling 'nftnl_obj_tunnel_parse_geneve' from 'nftnl_obj_tunnel_parse_opts' # 575| struct nftnl_tunnel_opt *opt; # 576| # 577|-> if (mnl_attr_parse_nested(attr, nftnl_obj_tunnel_geneve_cb, tb) < 0) # 578| return -1; # 579| Error: GCC_ANALYZER_WARNING (CWE-401): [#def6] libnftnl-1.3.1/src/obj/tunnel.c:584:13: warning[-Wanalyzer-malloc-leak]: leak of 'nftnl_tunnel_opt_alloc(2)' libnftnl-1.3.1/src/obj/tunnel.c:572:1: enter_function: entry to 'nftnl_obj_tunnel_parse_geneve' libnftnl-1.3.1/src/obj/tunnel.c:577:12: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:580:15: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:580:15: call_function: calling 'nftnl_tunnel_opt_alloc' from 'nftnl_obj_tunnel_parse_geneve' libnftnl-1.3.1/src/obj/tunnel.c:580:15: return_function: returning to 'nftnl_obj_tunnel_parse_geneve' from 'nftnl_tunnel_opt_alloc' libnftnl-1.3.1/src/obj/tunnel.c:581:12: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:584:13: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:584:12: branch_true: following 'true' branch... libnftnl-1.3.1/src/obj/tunnel.c:586:25: branch_true: ...to here libnftnl-1.3.1/src/obj/tunnel.c:586:25: throw: if 'mnl_attr_get_u16' throws an exception... libnftnl-1.3.1/src/obj/tunnel.c:584:13: danger: 'nftnl_tunnel_opt_alloc(2)' leaks here; was allocated at [(8)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/7) # 582| return -1; # 583| # 584|-> if (tb[NFTA_TUNNEL_KEY_GENEVE_CLASS]) { # 585| opt->geneve.geneve_class = # 586| ntohs(mnl_attr_get_u16(tb[NFTA_TUNNEL_KEY_GENEVE_CLASS])); Error: GCC_ANALYZER_WARNING (CWE-401): [#def7] libnftnl-1.3.1/src/obj/tunnel.c:586:25: warning[-Wanalyzer-malloc-leak]: leak of 'opts' libnftnl-1.3.1/src/obj/tunnel.c:614:1: enter_function: entry to 'nftnl_obj_tunnel_parse_opts' libnftnl-1.3.1/src/obj/tunnel.c:621:9: branch_true: following 'true' branch... libnftnl-1.3.1/src/obj/tunnel.c:622:21: branch_true: ...to here libnftnl-1.3.1/src/obj/tunnel.c:622:20: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:625:24: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:641:36: branch_true: following 'true' branch (when 'opts' is NULL)... libnftnl-1.3.1/src/obj/tunnel.c:642:48: branch_true: ...to here libnftnl-1.3.1/src/obj/tunnel.c:642:48: call_function: calling 'nftnl_tunnel_opts_alloc' from 'nftnl_obj_tunnel_parse_opts' libnftnl-1.3.1/src/obj/tunnel.c:642:48: return_function: returning to 'nftnl_obj_tunnel_parse_opts' from 'nftnl_tunnel_opts_alloc' libnftnl-1.3.1/src/obj/tunnel.c:644:36: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:647:39: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:647:39: call_function: calling 'nftnl_obj_tunnel_parse_geneve' from 'nftnl_obj_tunnel_parse_opts' # 584| if (tb[NFTA_TUNNEL_KEY_GENEVE_CLASS]) { # 585| opt->geneve.geneve_class = # 586|-> ntohs(mnl_attr_get_u16(tb[NFTA_TUNNEL_KEY_GENEVE_CLASS])); # 587| opt->flags |= (1 << NFTNL_TUNNEL_GENEVE_CLASS); # 588| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def8] libnftnl-1.3.1/src/obj/tunnel.c:592:25: warning[-Wanalyzer-malloc-leak]: leak of 'opts' libnftnl-1.3.1/src/obj/tunnel.c:614:1: enter_function: entry to 'nftnl_obj_tunnel_parse_opts' libnftnl-1.3.1/src/obj/tunnel.c:621:9: branch_true: following 'true' branch... libnftnl-1.3.1/src/obj/tunnel.c:622:21: branch_true: ...to here libnftnl-1.3.1/src/obj/tunnel.c:622:20: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:625:24: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:641:36: branch_true: following 'true' branch (when 'opts' is NULL)... libnftnl-1.3.1/src/obj/tunnel.c:642:48: branch_true: ...to here libnftnl-1.3.1/src/obj/tunnel.c:642:48: call_function: calling 'nftnl_tunnel_opts_alloc' from 'nftnl_obj_tunnel_parse_opts' libnftnl-1.3.1/src/obj/tunnel.c:642:48: return_function: returning to 'nftnl_obj_tunnel_parse_opts' from 'nftnl_tunnel_opts_alloc' libnftnl-1.3.1/src/obj/tunnel.c:644:36: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:647:39: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:647:39: call_function: calling 'nftnl_obj_tunnel_parse_geneve' from 'nftnl_obj_tunnel_parse_opts' # 590| if (tb[NFTA_TUNNEL_KEY_GENEVE_TYPE]) { # 591| opt->geneve.type = # 592|-> mnl_attr_get_u8(tb[NFTA_TUNNEL_KEY_GENEVE_TYPE]); # 593| opt->flags |= (1 << NFTNL_TUNNEL_GENEVE_TYPE); # 594| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def9] libnftnl-1.3.1/src/obj/tunnel.c:597:32: warning[-Wanalyzer-malloc-leak]: leak of 'opts' libnftnl-1.3.1/src/obj/tunnel.c:614:1: enter_function: entry to 'nftnl_obj_tunnel_parse_opts' libnftnl-1.3.1/src/obj/tunnel.c:621:9: branch_true: following 'true' branch... libnftnl-1.3.1/src/obj/tunnel.c:622:21: branch_true: ...to here libnftnl-1.3.1/src/obj/tunnel.c:622:20: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:625:24: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:641:36: branch_true: following 'true' branch (when 'opts' is NULL)... libnftnl-1.3.1/src/obj/tunnel.c:642:48: branch_true: ...to here libnftnl-1.3.1/src/obj/tunnel.c:642:48: call_function: calling 'nftnl_tunnel_opts_alloc' from 'nftnl_obj_tunnel_parse_opts' libnftnl-1.3.1/src/obj/tunnel.c:642:48: return_function: returning to 'nftnl_obj_tunnel_parse_opts' from 'nftnl_tunnel_opts_alloc' libnftnl-1.3.1/src/obj/tunnel.c:644:36: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:647:39: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:647:39: call_function: calling 'nftnl_obj_tunnel_parse_geneve' from 'nftnl_obj_tunnel_parse_opts' # 595| # 596| if (tb[NFTA_TUNNEL_KEY_GENEVE_DATA]) { # 597|-> uint32_t len = mnl_attr_get_payload_len(tb[NFTA_TUNNEL_KEY_GENEVE_DATA]); # 598| # 599| memcpy(opt->geneve.data, Error: GCC_ANALYZER_WARNING (CWE-401): [#def10] libnftnl-1.3.1/src/obj/tunnel.c:622:21: warning[-Wanalyzer-malloc-leak]: leak of 'opts' libnftnl-1.3.1/src/obj/tunnel.c:614:1: enter_function: entry to 'nftnl_obj_tunnel_parse_opts' libnftnl-1.3.1/src/obj/tunnel.c:621:9: branch_true: following 'true' branch... libnftnl-1.3.1/src/obj/tunnel.c:622:21: branch_true: ...to here libnftnl-1.3.1/src/obj/tunnel.c:622:20: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:625:24: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:627:40: call_function: calling 'nftnl_tunnel_opts_alloc' from 'nftnl_obj_tunnel_parse_opts' libnftnl-1.3.1/src/obj/tunnel.c:627:40: return_function: returning to 'nftnl_obj_tunnel_parse_opts' from 'nftnl_tunnel_opts_alloc' libnftnl-1.3.1/src/obj/tunnel.c:628:36: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:631:39: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:621:9: branch_true: following 'true' branch... libnftnl-1.3.1/src/obj/tunnel.c:622:21: branch_true: ...to here libnftnl-1.3.1/src/obj/tunnel.c:622:21: throw: if 'mnl_attr_validate' throws an exception... libnftnl-1.3.1/src/obj/tunnel.c:622:21: danger: 'opts' leaks here; was allocated at [(10)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/9) # 620| # 621| mnl_attr_for_each_nested(attr, nest) { # 622|-> if (mnl_attr_validate(attr, MNL_TYPE_NESTED) < 0) # 623| abi_breakage(); # 624| Error: GCC_ANALYZER_WARNING (CWE-401): [#def11] libnftnl-1.3.1/src/obj/tunnel.c:623:25: warning[-Wanalyzer-malloc-leak]: leak of 'opts' libnftnl-1.3.1/src/obj/tunnel.c:614:1: enter_function: entry to 'nftnl_obj_tunnel_parse_opts' libnftnl-1.3.1/src/obj/tunnel.c:621:9: branch_true: following 'true' branch... libnftnl-1.3.1/src/obj/tunnel.c:622:21: branch_true: ...to here libnftnl-1.3.1/src/obj/tunnel.c:622:20: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:625:24: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:627:40: call_function: calling 'nftnl_tunnel_opts_alloc' from 'nftnl_obj_tunnel_parse_opts' libnftnl-1.3.1/src/obj/tunnel.c:627:40: return_function: returning to 'nftnl_obj_tunnel_parse_opts' from 'nftnl_tunnel_opts_alloc' libnftnl-1.3.1/src/obj/tunnel.c:628:36: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:631:39: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:621:9: branch_true: following 'true' branch... libnftnl-1.3.1/src/obj/tunnel.c:622:21: branch_true: ...to here libnftnl-1.3.1/src/obj/tunnel.c:622:20: branch_true: following 'true' branch... libnftnl-1.3.1/src/obj/tunnel.c:623:25: branch_true: ...to here libnftnl-1.3.1/src/obj/tunnel.c:623:25: throw: if '__abi_breakage' throws an exception... libnftnl-1.3.1/src/obj/tunnel.c:623:25: danger: 'opts' leaks here; was allocated at [(10)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/9) # 621| mnl_attr_for_each_nested(attr, nest) { # 622| if (mnl_attr_validate(attr, MNL_TYPE_NESTED) < 0) # 623|-> abi_breakage(); # 624| # 625| switch(mnl_attr_get_type(attr)) { Error: GCC_ANALYZER_WARNING (CWE-401): [#def12] libnftnl-1.3.1/src/obj/tunnel.c:625:24: warning[-Wanalyzer-malloc-leak]: leak of 'opts' libnftnl-1.3.1/src/obj/tunnel.c:614:1: enter_function: entry to 'nftnl_obj_tunnel_parse_opts' libnftnl-1.3.1/src/obj/tunnel.c:621:9: branch_true: following 'true' branch... libnftnl-1.3.1/src/obj/tunnel.c:622:21: branch_true: ...to here libnftnl-1.3.1/src/obj/tunnel.c:622:20: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:625:24: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:627:40: call_function: calling 'nftnl_tunnel_opts_alloc' from 'nftnl_obj_tunnel_parse_opts' libnftnl-1.3.1/src/obj/tunnel.c:627:40: return_function: returning to 'nftnl_obj_tunnel_parse_opts' from 'nftnl_tunnel_opts_alloc' libnftnl-1.3.1/src/obj/tunnel.c:628:36: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:631:39: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:621:9: branch_true: following 'true' branch... libnftnl-1.3.1/src/obj/tunnel.c:622:21: branch_true: ...to here libnftnl-1.3.1/src/obj/tunnel.c:622:20: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:625:24: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:625:24: throw: if 'mnl_attr_get_type' throws an exception... libnftnl-1.3.1/src/obj/tunnel.c:625:24: danger: 'opts' leaks here; was allocated at [(10)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/9) # 623| abi_breakage(); # 624| # 625|-> switch(mnl_attr_get_type(attr)) { # 626| case NFTA_TUNNEL_KEY_OPTS_VXLAN: # 627| opts = nftnl_tunnel_opts_alloc(NFTNL_TUNNEL_TYPE_VXLAN); Error: GCC_ANALYZER_WARNING (CWE-401): [#def13] libnftnl-1.3.1/src/obj/tunnel.c:658:1: warning[-Wanalyzer-malloc-leak]: leak of 'opts' libnftnl-1.3.1/src/obj/tunnel.c:614:1: enter_function: entry to 'nftnl_obj_tunnel_parse_opts' libnftnl-1.3.1/src/obj/tunnel.c:621:9: branch_true: following 'true' branch... libnftnl-1.3.1/src/obj/tunnel.c:622:21: branch_true: ...to here libnftnl-1.3.1/src/obj/tunnel.c:622:20: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:625:24: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:627:40: call_function: calling 'nftnl_tunnel_opts_alloc' from 'nftnl_obj_tunnel_parse_opts' libnftnl-1.3.1/src/obj/tunnel.c:627:40: return_function: returning to 'nftnl_obj_tunnel_parse_opts' from 'nftnl_tunnel_opts_alloc' libnftnl-1.3.1/src/obj/tunnel.c:628:36: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:631:39: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:621:9: branch_true: following 'true' branch... libnftnl-1.3.1/src/obj/tunnel.c:622:21: branch_true: ...to here libnftnl-1.3.1/src/obj/tunnel.c:622:20: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:625:24: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:627:40: call_function: calling 'nftnl_tunnel_opts_alloc' from 'nftnl_obj_tunnel_parse_opts' libnftnl-1.3.1/src/obj/tunnel.c:627:40: return_function: returning to 'nftnl_obj_tunnel_parse_opts' from 'nftnl_tunnel_opts_alloc' libnftnl-1.3.1/src/obj/tunnel.c:628:36: branch_true: following 'true' branch... libnftnl-1.3.1/src/obj/tunnel.c:628:36: branch_true: ...to here libnftnl-1.3.1/src/obj/tunnel.c:658:1: danger: 'opts' leaks here; was allocated at [(10)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/9) # 656| # 657| return err; # 658|-> } # 659| # 660| static int Error: GCC_ANALYZER_WARNING (CWE-401): [#def14] libnftnl-1.3.1/src/obj/tunnel.c:741:9: warning[-Wanalyzer-malloc-leak]: leak of 'nftnl_tunnel_opts_alloc(0)' libnftnl-1.3.1/src/obj/tunnel.c:614:1: enter_function: entry to 'nftnl_obj_tunnel_parse_opts' libnftnl-1.3.1/src/obj/tunnel.c:621:9: branch_true: following 'true' branch... libnftnl-1.3.1/src/obj/tunnel.c:622:21: branch_true: ...to here libnftnl-1.3.1/src/obj/tunnel.c:622:20: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:625:24: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:627:40: call_function: calling 'nftnl_tunnel_opts_alloc' from 'nftnl_obj_tunnel_parse_opts' libnftnl-1.3.1/src/obj/tunnel.c:627:40: return_function: returning to 'nftnl_obj_tunnel_parse_opts' from 'nftnl_tunnel_opts_alloc' libnftnl-1.3.1/src/obj/tunnel.c:628:36: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:631:39: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:631:39: call_function: calling 'nftnl_obj_tunnel_parse_vxlan' from 'nftnl_obj_tunnel_parse_opts' # 739| # 740| opts->type = type; # 741|-> INIT_LIST_HEAD(&opts->opts_list); # 742| # 743| return opts; Error: GCC_ANALYZER_WARNING (CWE-401): [#def15] libnftnl-1.3.1/src/obj/tunnel.c:741:9: warning[-Wanalyzer-malloc-leak]: leak of 'nftnl_tunnel_opts_alloc(1)' libnftnl-1.3.1/src/obj/tunnel.c:614:1: enter_function: entry to 'nftnl_obj_tunnel_parse_opts' libnftnl-1.3.1/src/obj/tunnel.c:621:9: branch_true: following 'true' branch... libnftnl-1.3.1/src/obj/tunnel.c:622:21: branch_true: ...to here libnftnl-1.3.1/src/obj/tunnel.c:622:20: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:625:24: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:634:40: call_function: calling 'nftnl_tunnel_opts_alloc' from 'nftnl_obj_tunnel_parse_opts' libnftnl-1.3.1/src/obj/tunnel.c:634:40: return_function: returning to 'nftnl_obj_tunnel_parse_opts' from 'nftnl_tunnel_opts_alloc' libnftnl-1.3.1/src/obj/tunnel.c:635:36: branch_false: following 'false' branch... libnftnl-1.3.1/src/obj/tunnel.c:638:39: branch_false: ...to here libnftnl-1.3.1/src/obj/tunnel.c:638:39: call_function: calling 'nftnl_obj_tunnel_parse_erspan' from 'nftnl_obj_tunnel_parse_opts' # 739| # 740| opts->type = type; # 741|-> INIT_LIST_HEAD(&opts->opts_list); # 742| # 743| return opts;
| analyzer-version-clippy | 1.92.0 |
| analyzer-version-cppcheck | 2.19.1 |
| analyzer-version-gcc | 16.0.0 |
| analyzer-version-gcc-analyzer | 16.0.0 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.92.0 |
| diffbase-analyzer-version-cppcheck | 2.19.1 |
| diffbase-analyzer-version-gcc | 16.0.0 |
| diffbase-analyzer-version-gcc-analyzer | 16.0.0 |
| diffbase-analyzer-version-shellcheck | 0.11.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-34.us-west-2.compute.internal |
| diffbase-known-false-positives | /usr/share/csmock/known-false-positives.js |
| diffbase-known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| diffbase-mock-config | fedora-rawhide-x86_64 |
| diffbase-project-name | libnftnl-1.2.9-2.fc43 |
| diffbase-store-results-to | /tmp/tmp9s5v2gop/libnftnl-1.2.9-2.fc43.tar.xz |
| diffbase-time-created | 2026-01-08 18:53:37 |
| diffbase-time-finished | 2026-01-08 18:55:27 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmp9s5v2gop/libnftnl-1.2.9-2.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmp9s5v2gop/libnftnl-1.2.9-2.fc43.src.rpm' |
| diffbase-tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-34.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | libnftnl-1.3.1-1.fc44 |
| store-results-to | /tmp/tmpq3_gad5u/libnftnl-1.3.1-1.fc44.tar.xz |
| time-created | 2026-01-08 18:55:38 |
| time-finished | 2026-01-08 18:57:00 |
| title | Newly introduced findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmpq3_gad5u/libnftnl-1.3.1-1.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpq3_gad5u/libnftnl-1.3.1-1.fc44.src.rpm' |
| tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |