libtpms-0.10.2-2.fc44

List of Findings

Error: GCC_ANALYZER_WARNING (CWE-476): [#def1]
libtpms-0.10.2/src/tpm12/tpm_counter.c:421:44: warning[-Wanalyzer-null-dereference]: dereference of NULL 'tpm_counter_value'
libtpms-0.10.2/src/tpm12/tpm_counter.c:507:12: enter_function: entry to 'TPM_Process_CreateCounter'
libtpms-0.10.2/src/tpm12/tpm_counter.c:546:26: release_memory: 'counterValue' is NULL
libtpms-0.10.2/src/tpm12/tpm_counter.c:686:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_counter.c:687:12: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_counter.c:687:12: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_counter.c:689:29: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_counter.c:693:12: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_counter.c:695:26: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_counter.c:695:26: release_memory: 'counterValue' is NULL
libtpms-0.10.2/src/tpm12/tpm_counter.c:695:26: call_function: calling 'TPM_CounterValue_StorePublic' from 'TPM_Process_CreateCounter'
#  419|       /* store counter */
#  420|       if (rc == 0) {
#  421|-> 	rc = TPM_Sbuffer_Append32(sbuffer, tpm_counter_value->counter); 
#  422|       }
#  423|       return rc;

Error: GCC_ANALYZER_WARNING (CWE-404): [#def2]
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:919:5: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1353:12: enter_function: entry to 'TPM_MGF1_GenerateArray'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1370:5: acquire_resource: 'va_start' called here
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1405:8: branch_true: following 'true' branch (when 'rc == 0')...
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1406:14: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1409:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1410:14: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1410:14: call_function: calling 'TPM_MGF1' from 'TPM_MGF1_GenerateArray'
#  917|       va_list	ap;
#  918|   
#  919|->     printf(" TPM_SHA1:\n");
#  920|       va_start(ap, md);
#  921|       rc = TPM_SHA1_valist(md, 0, NULL, ap);

Error: GCC_ANALYZER_WARNING (CWE-404): [#def3]
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:966:5: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:929:12: enter_function: entry to 'TPM_SHA1_Check'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:937:9: acquire_resource: 'va_start' called here
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:938:14: call_function: calling 'TPM_SHA1_valist' from 'TPM_SHA1_Check'
#  964|       TPM_BOOL		done = FALSE;
#  965|       
#  966|->     printf(" TPM_SHA1_valist:\n");
#  967|       if (rc == 0) {
#  968|   	rc = TPM_SHA1InitCmd(&context);

Error: GCC_ANALYZER_WARNING (CWE-404): [#def4]
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:968:14: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:929:12: enter_function: entry to 'TPM_SHA1_Check'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:937:9: acquire_resource: 'va_start' called here
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:938:14: call_function: calling 'TPM_SHA1_valist' from 'TPM_SHA1_Check'
#  966|       printf(" TPM_SHA1_valist:\n");
#  967|       if (rc == 0) {
#  968|-> 	rc = TPM_SHA1InitCmd(&context);
#  969|       }
#  970|       if (rc == 0) {	

Error: GCC_ANALYZER_WARNING (CWE-404): [#def5]
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:972:13: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1163:12: enter_function: entry to 'TPM_HMAC_Check'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1174:5: acquire_resource: 'va_start' called here
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1176:14: call_function: calling 'TPM_HMAC_Generatevalist' from 'TPM_HMAC_Check'
#  970|       if (rc == 0) {	
#  971|   	if (length0 !=0) {		/* optional first text block */
#  972|-> 	    printf("  TPM_SHA1_valist: Digesting %u bytes\n", length0);
#  973|   	    rc = TPM_SHA1UpdateCmd(context, buffer0, length0);	/* hash the buffer */
#  974|   	}

Error: GCC_ANALYZER_WARNING (CWE-404): [#def6]
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:973:18: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1163:12: enter_function: entry to 'TPM_HMAC_Check'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1174:5: acquire_resource: 'va_start' called here
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1176:14: call_function: calling 'TPM_HMAC_Generatevalist' from 'TPM_HMAC_Check'
#  971|   	if (length0 !=0) {		/* optional first text block */
#  972|   	    printf("  TPM_SHA1_valist: Digesting %u bytes\n", length0);
#  973|-> 	    rc = TPM_SHA1UpdateCmd(context, buffer0, length0);	/* hash the buffer */
#  974|   	}
#  975|       }

Error: GCC_ANALYZER_WARNING (CWE-686): [#def7]
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:977:9: warning[-Wanalyzer-va-arg-type-mismatch]: 'va_arg' expected 'uint32_t' {{aka 'unsigned int'}} but received 'long unsigned int' for variadic argument 1 of 'ap'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:2307:12: enter_function: entry to 'TPM_CryptoTest'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:2376:14: call_function: calling 'TPM_SHA1' from 'TPM_CryptoTest' with 4 variadic arguments
#  975|       }
#  976|       while ((rc == 0) && !done) {
#  977|-> 	length = va_arg(ap, uint32_t);		/* first vararg is the length */
#  978|   	if (length != 0) {			/* loop until a zero length argument terminates */
#  979|   	    buffer = va_arg(ap, unsigned char *);	/* second vararg is the array */

Error: GCC_ANALYZER_WARNING (CWE-404): [#def8]
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:980:13: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:929:12: enter_function: entry to 'TPM_SHA1_Check'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:937:9: acquire_resource: 'va_start' called here
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:938:14: call_function: calling 'TPM_SHA1_valist' from 'TPM_SHA1_Check'
#  978|   	if (length != 0) {			/* loop until a zero length argument terminates */
#  979|   	    buffer = va_arg(ap, unsigned char *);	/* second vararg is the array */
#  980|-> 	    printf("  TPM_SHA1_valist: Digesting %u bytes\n", length);
#  981|   	    rc = TPM_SHA1UpdateCmd(context, buffer, length);	/* hash the buffer */
#  982|   	}

Error: GCC_ANALYZER_WARNING (CWE-404): [#def9]
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:981:18: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:929:12: enter_function: entry to 'TPM_SHA1_Check'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:937:9: acquire_resource: 'va_start' called here
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:938:14: call_function: calling 'TPM_SHA1_valist' from 'TPM_SHA1_Check'
#  979|   	    buffer = va_arg(ap, unsigned char *);	/* second vararg is the array */
#  980|   	    printf("  TPM_SHA1_valist: Digesting %u bytes\n", length);
#  981|-> 	    rc = TPM_SHA1UpdateCmd(context, buffer, length);	/* hash the buffer */
#  982|   	}
#  983|   	else {

Error: GCC_ANALYZER_WARNING (CWE-404): [#def10]
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:988:14: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:929:12: enter_function: entry to 'TPM_SHA1_Check'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:937:9: acquire_resource: 'va_start' called here
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:938:14: call_function: calling 'TPM_SHA1_valist' from 'TPM_SHA1_Check'
#  986|       }
#  987|       if (rc == 0) {
#  988|-> 	rc = TPM_SHA1FinalCmd(md, context);
#  989|       }
#  990|       if (rc == 0) {

Error: GCC_ANALYZER_WARNING (CWE-404): [#def11]
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:991:9: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:929:12: enter_function: entry to 'TPM_SHA1_Check'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:937:9: acquire_resource: 'va_start' called here
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:938:14: call_function: calling 'TPM_SHA1_valist' from 'TPM_SHA1_Check'
#  989|       }
#  990|       if (rc == 0) {
#  991|-> 	TPM_PrintFour("  TPM_SHA1_valist: Digest", md);
#  992|       }	 
#  993|       /* call TPM_SHA1Delete even if there was an error */

Error: GCC_ANALYZER_WARNING (CWE-404): [#def12]
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:994:5: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:929:12: enter_function: entry to 'TPM_SHA1_Check'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:937:9: acquire_resource: 'va_start' called here
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:938:14: call_function: calling 'TPM_SHA1_valist' from 'TPM_SHA1_Check'
#  992|       }	 
#  993|       /* call TPM_SHA1Delete even if there was an error */
#  994|->     TPM_SHA1Delete(&context);
#  995|       return rc;
#  996|   }

Error: GCC_ANALYZER_WARNING (CWE-404): [#def13]
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1096:5: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1163:12: enter_function: entry to 'TPM_HMAC_Check'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1174:5: acquire_resource: 'va_start' called here
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1176:14: call_function: calling 'TPM_HMAC_Generatevalist' from 'TPM_HMAC_Check'
# 1094|       TPM_DIGEST		inner_hash;
# 1095|   
# 1096|->     printf(" TPM_HMAC_Generatevalist:\n");
# 1097|       /* calculate key XOR ipad and key XOR opad */
# 1098|       if (rc == 0) {

Error: GCC_ANALYZER_WARNING (CWE-404): [#def14]
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1302:5: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1353:12: enter_function: entry to 'TPM_MGF1_GenerateArray'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1370:5: acquire_resource: 'va_start' called here
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1405:8: branch_true: following 'true' branch (when 'rc == 0')...
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1406:14: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1409:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1410:14: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1410:14: call_function: calling 'TPM_MGF1' from 'TPM_MGF1_GenerateArray'
# 1300|       TPM_DIGEST          lastDigest;     
# 1301|       
# 1302|->     printf(" TPM_MGF1: Output length %u\n", maskLen);
# 1303|       if (rc == 0) {
# 1304|           /* this is possible with arrayLen on a 64 bit architecture, comment to quiet beam */

Error: GCC_ANALYZER_WARNING (CWE-404): [#def15]
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1373:14: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1370:5: acquire_resource: 'va_start' called here
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1373:14: throw: if 'TPM_Malloc' throws an exception...
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1373:14: danger: missing call to 'va_end' to match 'va_start' at [(1)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/0)
# 1371|       /* allocate temporary memory for the seed */
# 1372|       if (rc == 0) {
# 1373|-> 	rc = TPM_Malloc(&seed, seedLen);
# 1374|   	seedBuffer = seed;
# 1375|   	seedLeft = seedLen;

Error: GCC_ANALYZER_WARNING (CWE-404): [#def16]
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1382:17: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1370:5: acquire_resource: 'va_start' called here
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1378:12: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1379:28: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1380:12: branch_true: following 'true' branch (when 'vaLength != 0')...
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1382:17: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1382:17: throw: if 'TPMLIB_LogPrintf' throws an exception...
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1382:17: danger: missing call to 'va_end' to match 'va_start' at [(1)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/0)
# 1380|   	if (vaLength != 0) {			/* loop until a zero length argument terminates */
# 1381|   	    if (rc == 0) {
# 1382|-> 		printf("  TPM_MGF1_GenerateArray: Appending %lu bytes\n", (unsigned long)vaLength);
# 1383|   		if (vaLength > seedLeft) {
# 1384|   		    printf("TPM_MGF1_GenerateArray: Error (fatal), seedLen too small\n");

Error: GCC_ANALYZER_WARNING (CWE-404): [#def17]
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1384:21: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1370:5: acquire_resource: 'va_start' called here
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1378:12: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1379:28: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1380:12: branch_true: following 'true' branch (when 'vaLength != 0')...
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1382:17: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1383:20: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1384:21: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1384:21: throw: if 'TPMLIB_LogPrintf' throws an exception...
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1384:21: danger: missing call to 'va_end' to match 'va_start' at [(1)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/0)
# 1382|   		printf("  TPM_MGF1_GenerateArray: Appending %lu bytes\n", (unsigned long)vaLength);
# 1383|   		if (vaLength > seedLeft) {
# 1384|-> 		    printf("TPM_MGF1_GenerateArray: Error (fatal), seedLen too small\n");
# 1385|   		    rc = TPM_FAIL;	/* internal error, should never occur */
# 1386|   		}

Error: GCC_ANALYZER_WARNING (CWE-404): [#def18]
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1398:17: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1370:5: acquire_resource: 'va_start' called here
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1378:12: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1379:28: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1398:17: throw: if 'TPMLIB_LogPrintf' throws an exception...
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1398:17: danger: missing call to 'va_end' to match 'va_start' at [(1)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/0)
# 1396|   	    done = TRUE;
# 1397|   	    if (seedLeft != 0) {
# 1398|-> 		printf("TPM_MGF1_GenerateArray: Error (fatal), seedLen too large by %u\n",
# 1399|   		       seedLeft);
# 1400|   		rc = TPM_FAIL;	/* internal error, should never occur */

Error: GCC_ANALYZER_WARNING (CWE-404): [#def19]
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1406:14: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1370:5: acquire_resource: 'va_start' called here
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1405:8: branch_true: following 'true' branch (when 'rc == 0')...
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1406:14: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1406:14: throw: if 'TPM_Malloc' throws an exception...
libtpms-0.10.2/src/tpm12/tpm_cryptoh.c:1406:14: danger: missing call to 'va_end' to match 'va_start' at [(1)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/0)
# 1404|       /* allocate memory for the array */
# 1405|       if (rc == 0) {
# 1406|-> 	rc = TPM_Malloc(array, arrayLen);
# 1407|       }
# 1408|       /* generate the MGF1 array */

Error: CPPCHECK_WARNING (CWE-457): [#def20]
libtpms-0.10.2/src/tpm12/tpm_key.c:3763: error[legacyUninitvar]: Uninitialized variable: keyCount
# 3761|   	printf("  TPM_KeyHandleEntries_OwnerEvictLoad: Count %hu\n", keyCount);
# 3762|       }
# 3763|->     for (i = 0 ; (rc == 0) && (i < keyCount) ; i++) {
# 3764|   	/* Must init each time through.  This just resets the structure members.  It does not free
# 3765|   	   the key that is in the structure after the first time through.  That key has been added

Error: GCC_ANALYZER_WARNING (CWE-457): [#def21]
libtpms-0.10.2/src/tpm12/tpm_migration.c:3389:10: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'continueAuthSession'
libtpms-0.10.2/src/tpm12/tpm_migration.c:3342:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_migration.c:3343:12: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_migration.c:3387:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm12/tpm_migration.c:3388:11: branch_false: ...to here
libtpms-0.10.2/src/tpm12/tpm_migration.c:3387:10: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm12/tpm_migration.c:3389:10: branch_false: ...to here
libtpms-0.10.2/src/tpm12/tpm_migration.c:3389:10: danger: use of uninitialized value 'continueAuthSession' here
# 3387|       if (((rcf != 0) ||
# 3388|   	 ((returnCode != TPM_SUCCESS) && (returnCode != TPM_DEFEND_LOCK_RUNNING)) ||
# 3389|-> 	 !continueAuthSession) &&
# 3390|   	authHandleValid) {
# 3391|   	TPM_AuthSessions_TerminateHandle(tpm_state->tpm_stclear_data.authSessions,

Error: GCC_ANALYZER_WARNING (CWE-476): [#def22]
libtpms-0.10.2/src/tpm12/tpm_session.c:187:44: warning[-Wanalyzer-null-dereference]: dereference of NULL 'tpm_auth_session_data'
libtpms-0.10.2/src/tpm12/tpm_session.c:3026:12: enter_function: entry to 'TPM_Process_SaveContext'
libtpms-0.10.2/src/tpm12/tpm_session.c:3051:34: release_memory: 'tpm_auth_session_data' is NULL
libtpms-0.10.2/src/tpm12/tpm_session.c:3090:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_session.c:3091:9: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3094:8: branch_true: following 'true' branch (when 'returnCode == 0')...
libtpms-0.10.2/src/tpm12/tpm_session.c:3095:9: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3112:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_session.c:3113:22: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3116:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_session.c:3117:22: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3119:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_session.c:3120:13: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3120:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm12/tpm_session.c:3131:9: branch_false: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3173:12: branch_false: following 'false' branch (when 'returnCode == 0')...
libtpms-0.10.2/src/tpm12/tpm_session.c:3180:9: branch_false: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3182:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm12/tpm_session.c:3207:43: branch_false: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3214:16: branch_true: following 'true' branch (when 'returnCode == 0')...
libtpms-0.10.2/src/tpm12/tpm_session.c:3220:9: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3233:26: release_memory: 'tpm_auth_session_data' is NULL
libtpms-0.10.2/src/tpm12/tpm_session.c:3233:26: call_function: calling 'TPM_AuthSessionData_Store' from 'TPM_Process_SaveContext'
#  185|       /* store handle */
#  186|       if (rc == 0) {
#  187|-> 	rc = TPM_Sbuffer_Append32(sbuffer, tpm_auth_session_data->handle);
#  188|       }
#  189|       /* store protocolID */

Error: GCC_ANALYZER_WARNING (CWE-457): [#def23]
libtpms-0.10.2/src/tpm12/tpm_session.c:3197:41: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'tpm_key_handle_entry'
libtpms-0.10.2/src/tpm12/tpm_session.c:3026:12: enter_function: entry to 'TPM_Process_SaveContext'
libtpms-0.10.2/src/tpm12/tpm_session.c:3090:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_session.c:3091:9: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3094:8: branch_true: following 'true' branch (when 'returnCode == 0')...
libtpms-0.10.2/src/tpm12/tpm_session.c:3095:9: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3112:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_session.c:3113:22: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3116:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_session.c:3117:22: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3119:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_session.c:3120:13: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3120:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm12/tpm_session.c:3131:9: branch_false: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3150:26: call_function: calling 'TPM_AuthSessions_GetEntry' from 'TPM_Process_SaveContext'
libtpms-0.10.2/src/tpm12/tpm_session.c:3150:26: return_function: returning to 'TPM_Process_SaveContext' from 'TPM_AuthSessions_GetEntry'
libtpms-0.10.2/src/tpm12/tpm_session.c:3173:12: branch_false: following 'false' branch (when 'returnCode == 0')...
libtpms-0.10.2/src/tpm12/tpm_session.c:3180:9: branch_false: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3182:12: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_session.c:3185:43: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3192:16: branch_true: following 'true' branch (when 'returnCode == 0')...
libtpms-0.10.2/src/tpm12/tpm_session.c:3197:41: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3197:41: danger: use of uninitialized value 'tpm_key_handle_entry' here
# 3195|   		/* iii. If the key has TPM_KEY_CONTROL_OWNER_EVICT set then return TPM_OWNER_CONTROL
# 3196|   		 */
# 3197|-> 		if (tpm_key_handle_entry->keyControl & TPM_KEY_CONTROL_OWNER_EVICT) {
# 3198|   		    printf("TPM_Process_SaveContext: Error, key under owner control\n");
# 3199|   		    returnCode = TPM_OWNER_CONTROL;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def24]
libtpms-0.10.2/src/tpm12/tpm_session.c:3230:26: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'tpm_key_handle_entry'
libtpms-0.10.2/src/tpm12/tpm_session.c:3026:12: enter_function: entry to 'TPM_Process_SaveContext'
libtpms-0.10.2/src/tpm12/tpm_session.c:3090:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_session.c:3091:9: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3094:8: branch_true: following 'true' branch (when 'returnCode == 0')...
libtpms-0.10.2/src/tpm12/tpm_session.c:3095:9: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3112:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_session.c:3113:22: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3116:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_session.c:3117:22: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3119:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_session.c:3120:13: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3120:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm12/tpm_session.c:3131:9: branch_false: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3150:26: call_function: calling 'TPM_AuthSessions_GetEntry' from 'TPM_Process_SaveContext'
libtpms-0.10.2/src/tpm12/tpm_session.c:3150:26: return_function: returning to 'TPM_Process_SaveContext' from 'TPM_AuthSessions_GetEntry'
libtpms-0.10.2/src/tpm12/tpm_session.c:3173:12: branch_false: following 'false' branch (when 'returnCode == 0')...
libtpms-0.10.2/src/tpm12/tpm_session.c:3180:9: branch_false: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3182:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm12/tpm_session.c:3207:43: branch_false: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3214:16: branch_true: following 'true' branch (when 'returnCode == 0')...
libtpms-0.10.2/src/tpm12/tpm_session.c:3220:9: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3230:26: danger: use of uninitialized value 'tpm_key_handle_entry' here
# 3228|   	switch (resourceType) {
# 3229|   	  case TPM_RT_KEY:
# 3230|-> 	    returnCode = TPM_KeyHandleEntry_Store(&r1ContextSensitive, tpm_key_handle_entry);
# 3231|   	    break;
# 3232|   	  case TPM_RT_AUTH:

Error: GCC_ANALYZER_WARNING (CWE-457): [#def25]
libtpms-0.10.2/src/tpm12/tpm_session.c:3236:26: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'tpm_transport_internal'
libtpms-0.10.2/src/tpm12/tpm_session.c:3026:12: enter_function: entry to 'TPM_Process_SaveContext'
libtpms-0.10.2/src/tpm12/tpm_session.c:3090:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_session.c:3091:9: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3094:8: branch_true: following 'true' branch (when 'returnCode == 0')...
libtpms-0.10.2/src/tpm12/tpm_session.c:3095:9: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3112:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_session.c:3113:22: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3116:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_session.c:3117:22: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3119:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_session.c:3120:13: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3120:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm12/tpm_session.c:3131:9: branch_false: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3150:26: call_function: calling 'TPM_AuthSessions_GetEntry' from 'TPM_Process_SaveContext'
libtpms-0.10.2/src/tpm12/tpm_session.c:3150:26: return_function: returning to 'TPM_Process_SaveContext' from 'TPM_AuthSessions_GetEntry'
libtpms-0.10.2/src/tpm12/tpm_session.c:3173:12: branch_false: following 'false' branch (when 'returnCode == 0')...
libtpms-0.10.2/src/tpm12/tpm_session.c:3180:9: branch_false: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3182:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm12/tpm_session.c:3207:43: branch_false: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3214:16: branch_true: following 'true' branch (when 'returnCode == 0')...
libtpms-0.10.2/src/tpm12/tpm_session.c:3220:9: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3236:26: danger: use of uninitialized value 'tpm_transport_internal' here
# 3234|   	    break;
# 3235|   	  case TPM_RT_TRANS:
# 3236|-> 	    returnCode = TPM_TransportInternal_Store(&r1ContextSensitive, tpm_transport_internal);
# 3237|   	    break;
# 3238|   	  case TPM_RT_DAA_TPM:

Error: GCC_ANALYZER_WARNING (CWE-457): [#def26]
libtpms-0.10.2/src/tpm12/tpm_session.c:3239:26: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'tpm_daa_session_data'
libtpms-0.10.2/src/tpm12/tpm_session.c:3026:12: enter_function: entry to 'TPM_Process_SaveContext'
libtpms-0.10.2/src/tpm12/tpm_session.c:3090:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_session.c:3091:9: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3094:8: branch_true: following 'true' branch (when 'returnCode == 0')...
libtpms-0.10.2/src/tpm12/tpm_session.c:3095:9: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3112:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_session.c:3113:22: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3116:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_session.c:3117:22: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3119:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm12/tpm_session.c:3120:13: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3120:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm12/tpm_session.c:3131:9: branch_false: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3150:26: call_function: calling 'TPM_AuthSessions_GetEntry' from 'TPM_Process_SaveContext'
libtpms-0.10.2/src/tpm12/tpm_session.c:3150:26: return_function: returning to 'TPM_Process_SaveContext' from 'TPM_AuthSessions_GetEntry'
libtpms-0.10.2/src/tpm12/tpm_session.c:3173:12: branch_false: following 'false' branch (when 'returnCode == 0')...
libtpms-0.10.2/src/tpm12/tpm_session.c:3180:9: branch_false: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3182:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm12/tpm_session.c:3207:43: branch_false: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3214:16: branch_true: following 'true' branch (when 'returnCode == 0')...
libtpms-0.10.2/src/tpm12/tpm_session.c:3220:9: branch_true: ...to here
libtpms-0.10.2/src/tpm12/tpm_session.c:3239:26: danger: use of uninitialized value 'tpm_daa_session_data' here
# 3237|   	    break;
# 3238|   	  case TPM_RT_DAA_TPM:
# 3239|-> 	    returnCode = TPM_DaaSessionData_Store(&r1ContextSensitive, tpm_daa_session_data);
# 3240|   	    break;
# 3241|   	  default:

Error: GCC_ANALYZER_WARNING (CWE-476): [#def27]
libtpms-0.10.2/src/tpm2/Object.c:229:12: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
libtpms-0.10.2/src/tpm2/Object.c:226:1: enter_function: entry to 'GetHierarchy'
libtpms-0.10.2/src/tpm2/Object.c:229:12: call_function: calling 'HandleToObject' from 'GetHierarchy'
libtpms-0.10.2/src/tpm2/Object.c:229:12: return_function: returning to 'GetHierarchy' from 'HandleToObject'
libtpms-0.10.2/src/tpm2/Object.c:229:12: danger: dereference of NULL 'HandleToObject(handle)'
#  227|   	     )
#  228|   {
#  229|->     return HandleToObject(handle)->hierarchy;
#  230|   }
#  231|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def28]
libtpms-0.10.2/src/tpm2/RuntimeCommands.c:409:5: warning[-Wanalyzer-malloc-leak]: leak of 'buffer'
libtpms-0.10.2/src/tpm2/RuntimeCommands.c:468:1: enter_function: entry to 'RuntimeCommandsPrint'
libtpms-0.10.2/src/tpm2/RuntimeCommands.c:476:14: acquire_memory: allocated here
libtpms-0.10.2/src/tpm2/RuntimeCommands.c:477:8: branch_false: following 'false' branch (when 'buffer' is non-NULL)...
libtpms-0.10.2/src/tpm2/RuntimeCommands.c:477:8: branch_false: ...to here
libtpms-0.10.2/src/tpm2/RuntimeCommands.c:480:28: branch_true: following 'true' branch (when 'commandIndex != 129')...
libtpms-0.10.2/src/tpm2/RuntimeCommands.c:482:14: branch_true: ...to here
libtpms-0.10.2/src/tpm2/RuntimeCommands.c:482:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/RuntimeCommands.c:485:9: branch_false: ...to here
libtpms-0.10.2/src/tpm2/RuntimeCommands.c:495:23: call_function: calling 'RuntimeCommandsCheckEnabled' from 'RuntimeCommandsPrint'
#  407|           return FALSE;
#  408|       }
#  409|->     TPMLIB_LogPrintf("IsEnEnabled(0x%x = '%s'): %d\n",
#  410|   		     commandCode,
#  411|   		     s_CommandProperties[CcToIdx(commandCode)].name,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def29]
libtpms-0.10.2/src/tpm2/RuntimeCommands.c:413:10: warning[-Wanalyzer-malloc-leak]: leak of 'buffer'
libtpms-0.10.2/src/tpm2/RuntimeCommands.c:468:1: enter_function: entry to 'RuntimeCommandsPrint'
libtpms-0.10.2/src/tpm2/RuntimeCommands.c:476:14: acquire_memory: allocated here
libtpms-0.10.2/src/tpm2/RuntimeCommands.c:477:8: branch_false: following 'false' branch (when 'buffer' is non-NULL)...
libtpms-0.10.2/src/tpm2/RuntimeCommands.c:477:8: branch_false: ...to here
libtpms-0.10.2/src/tpm2/RuntimeCommands.c:480:28: branch_true: following 'true' branch (when 'commandIndex != 129')...
libtpms-0.10.2/src/tpm2/RuntimeCommands.c:482:14: branch_true: ...to here
libtpms-0.10.2/src/tpm2/RuntimeCommands.c:482:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/RuntimeCommands.c:485:9: branch_false: ...to here
libtpms-0.10.2/src/tpm2/RuntimeCommands.c:495:23: call_function: calling 'RuntimeCommandsCheckEnabled' from 'RuntimeCommandsPrint'
#  411|   		     s_CommandProperties[CcToIdx(commandCode)].name,
#  412|   		     TEST_BIT(commandCode, RuntimeCommands->enabledCommands));
#  413|->     if (!TEST_BIT(commandCode, RuntimeCommands->enabledCommands))
#  414|   	return FALSE;
#  415|       return TRUE;

Error: GCC_ANALYZER_WARNING (CWE-688): [#def30]
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:257:17: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 'pos' where non-null expected
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:462:1: enter_function: entry to 'GetParametersFromJSON'
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:486:14: call_function: calling 'RuntimeProfileGetNameFromJSON' from 'GetParametersFromJSON'
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:486:14: return_function: returning to 'GetParametersFromJSON' from 'RuntimeProfileGetNameFromJSON'
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:487:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:490:8: branch_false: ...to here
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:490:8: branch_true: following 'true' branch (when 'jsonProfileIsFromUser != 0')...
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:492:18: branch_true: ...to here
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:492:18: call_function: calling 'GetStateFormatLevelFromJSON' from 'GetParametersFromJSON'
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:492:18: return_function: returning to 'GetParametersFromJSON' from 'GetStateFormatLevelFromJSON'
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:507:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:514:14: branch_false: ...to here
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:514:14: call_function: calling 'GetAlgorithmsProfileFromJSON' from 'GetParametersFromJSON'
#  255|   
#  256|       while (true) {
#  257|->         comma = index(pos, ',');
#  258|           if (!comma)
#  259|               return;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def31]
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:339:5: warning[-Wanalyzer-malloc-leak]: leak of 'profileName'
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:696:1: enter_function: entry to 'RuntimeProfileSet'
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:711:14: call_function: calling 'GetParametersFromJSON' from 'RuntimeProfileSet'
#  337|   
#  338|   exit:
#  339|->     regfree(&r);
#  340|   
#  341|       return retVal;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def32]
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:339:5: warning[-Wanalyzer-malloc-leak]: leak of 'str'
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:462:1: enter_function: entry to 'GetParametersFromJSON'
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:486:14: call_function: calling 'RuntimeProfileGetNameFromJSON' from 'GetParametersFromJSON'
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:486:14: return_function: returning to 'GetParametersFromJSON' from 'RuntimeProfileGetNameFromJSON'
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:487:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:490:8: branch_false: ...to here
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:490:8: branch_true: following 'true' branch (when 'jsonProfileIsFromUser != 0')...
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:492:18: branch_true: ...to here
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:492:18: call_function: calling 'GetStateFormatLevelFromJSON' from 'GetParametersFromJSON'
#  337|   
#  338|   exit:
#  339|->     regfree(&r);
#  340|   
#  341|       return retVal;

Error: GCC_ANALYZER_WARNING (CWE-688): [#def33]
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:397:9: warning[-Wanalyzer-null-argument]: use of NULL 'str' where non-null expected
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:462:1: enter_function: entry to 'GetParametersFromJSON'
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:486:14: call_function: calling 'RuntimeProfileGetNameFromJSON' from 'GetParametersFromJSON'
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:486:14: return_function: returning to 'GetParametersFromJSON' from 'RuntimeProfileGetNameFromJSON'
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:487:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:490:8: branch_false: ...to here
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:490:8: branch_true: following 'true' branch (when 'jsonProfileIsFromUser != 0')...
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:492:18: branch_true: ...to here
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:492:18: call_function: calling 'GetStateFormatLevelFromJSON' from 'GetParametersFromJSON'
#  395|   
#  396|       errno = 0;
#  397|->     v = strtoul(str, NULL, 10);
#  398|       if (v > UINT_MAX || errno) {
#  399|   	TPMLIB_LogTPM2Error("StateFormatLevel value '%s' is not a valid positive number.\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def34]
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:399:9: warning[-Wanalyzer-malloc-leak]: leak of 'str'
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:462:1: enter_function: entry to 'GetParametersFromJSON'
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:486:14: call_function: calling 'RuntimeProfileGetNameFromJSON' from 'GetParametersFromJSON'
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:486:14: return_function: returning to 'GetParametersFromJSON' from 'RuntimeProfileGetNameFromJSON'
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:487:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:490:8: branch_false: ...to here
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:490:8: branch_true: following 'true' branch (when 'jsonProfileIsFromUser != 0')...
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:492:18: branch_true: ...to here
libtpms-0.10.2/src/tpm2/RuntimeProfile.c:492:18: call_function: calling 'GetStateFormatLevelFromJSON' from 'GetParametersFromJSON'
#  397|       v = strtoul(str, NULL, 10);
#  398|       if (v > UINT_MAX || errno) {
#  399|-> 	TPMLIB_LogTPM2Error("StateFormatLevel value '%s' is not a valid positive number.\n",
#  400|   			    str);
#  401|   	retVal = TPM_RC_VALUE;

Error: GCC_ANALYZER_WARNING (CWE-835): [#def35]
libtpms-0.10.2/src/tpm2/crypto/openssl/CryptCmac.c:130:11: warning[-Wanalyzer-infinite-loop]: infinite loop
libtpms-0.10.2/src/tpm2/crypto/openssl/CryptCmac.c:130:11: danger: infinite loop here
libtpms-0.10.2/src/tpm2/crypto/openssl/CryptCmac.c:130:11: branch_true: when 'size != 0': always following 'true' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/CryptCmac.c:132:16: branch_true: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/CryptCmac.c:132:15: branch_false: if it ever follows 'false' branch, it will always do so...
libtpms-0.10.2/src/tpm2/crypto/openssl/CryptCmac.c:132:15: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/CryptCmac.c:137:19: branch_true: when 'size != 0': always following 'true' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/CryptCmac.c:137:34: branch_true: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/CryptCmac.c:137:19: branch_false: if it ever follows 'false' branch, it will always do so...
libtpms-0.10.2/src/tpm2/crypto/openssl/CryptCmac.c:137:19: branch_false: ...to here
#  128|   	    FAIL(FATAL_ERROR_INTERNAL);
#  129|   	}
#  130|->     while(size > 0)
#  131|   	{
#  132|   	    if(cmacState->bcount == cmacState->iv.t.size)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def36]
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1164:11: warning[-Wanalyzer-malloc-leak]: leak of 'buffer'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1119:8: enter_function: entry to 'OSSLCryptKDFe'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1140:5: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1143:7: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1146:12: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1146:12: call_function: calling 'GetDigestNameByHashAlg' from 'OSSLCryptKDFe'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1146:12: return_function: returning to 'OSSLCryptKDFe' from 'GetDigestNameByHashAlg'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1147:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1149:9: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1149:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1151:5: call_function: inlined call to 'strcpy' from 'OSSLCryptKDFe'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1160:14: acquire_memory: allocated here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1161:8: branch_false: following 'false' branch (when 'buffer' is non-NULL)...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1164:11: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1164:11: throw: if 'EVP_KDF_fetch' throws an exception...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1164:11: danger: 'buffer' leaks here; was allocated at [(16)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/15)
# 1162|   	return 0;
# 1163|   
# 1164|->     kdf = EVP_KDF_fetch(NULL, OSSL_KDF_NAME_SSKDF, NULL);
# 1165|       if (!kdf)
# 1166|   	goto out;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def37]
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1168:11: warning[-Wanalyzer-malloc-leak]: leak of 'buffer'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1119:8: enter_function: entry to 'OSSLCryptKDFe'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1140:5: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1143:7: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1146:12: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1146:12: call_function: calling 'GetDigestNameByHashAlg' from 'OSSLCryptKDFe'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1146:12: return_function: returning to 'OSSLCryptKDFe' from 'GetDigestNameByHashAlg'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1147:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1149:9: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1149:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1151:5: call_function: inlined call to 'strcpy' from 'OSSLCryptKDFe'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1160:14: acquire_memory: allocated here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1161:8: branch_false: following 'false' branch (when 'buffer' is non-NULL)...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1164:11: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1165:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1168:11: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1168:11: throw: if 'EVP_KDF_CTX_new' throws an exception...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1168:11: danger: 'buffer' leaks here; was allocated at [(16)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/15)
# 1166|   	goto out;
# 1167|   
# 1168|->     ctx = EVP_KDF_CTX_new(kdf);
# 1169|       if (!ctx)
# 1170|   	goto out;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def38]
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1183:12: warning[-Wanalyzer-malloc-leak]: leak of 'buffer'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1119:8: enter_function: entry to 'OSSLCryptKDFe'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1140:5: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1143:7: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1146:12: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1146:12: call_function: calling 'GetDigestNameByHashAlg' from 'OSSLCryptKDFe'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1146:12: return_function: returning to 'OSSLCryptKDFe' from 'GetDigestNameByHashAlg'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1147:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1149:9: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1149:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1151:5: call_function: inlined call to 'strcpy' from 'OSSLCryptKDFe'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1160:14: acquire_memory: allocated here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1161:8: branch_false: following 'false' branch (when 'buffer' is non-NULL)...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1164:11: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1165:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1168:11: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1169:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1172:8: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1172:8: branch_false: following 'false' branch (when 'label' is NULL)...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1176:8: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1176:8: branch_false: following 'false' branch (when 'partyUInfo' is NULL)...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1180:8: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1180:8: branch_false: following 'false' branch (when 'partyVInfo' is NULL)...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1183:12: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1183:12: throw: if 'OSSL_PARAM_construct_utf8_string' throws an exception...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1183:12: danger: 'buffer' leaks here; was allocated at [(16)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/15)
# 1181|   	memcpy(&buffer[offset], partyVInfo->buffer, partyVInfo->size);
# 1182|   
# 1183|->     *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
# 1184|   					    digestname, 0);
# 1185|       *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SECRET,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def39]
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1185:12: warning[-Wanalyzer-malloc-leak]: leak of 'buffer'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1119:8: enter_function: entry to 'OSSLCryptKDFe'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1140:5: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1143:7: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1146:12: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1146:12: call_function: calling 'GetDigestNameByHashAlg' from 'OSSLCryptKDFe'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1146:12: return_function: returning to 'OSSLCryptKDFe' from 'GetDigestNameByHashAlg'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1147:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1149:9: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1149:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1151:5: call_function: inlined call to 'strcpy' from 'OSSLCryptKDFe'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1160:14: acquire_memory: allocated here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1161:8: branch_false: following 'false' branch (when 'buffer' is non-NULL)...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1164:11: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1165:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1168:11: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1169:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1172:8: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1172:8: branch_false: following 'false' branch (when 'label' is NULL)...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1176:8: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1176:8: branch_false: following 'false' branch (when 'partyUInfo' is NULL)...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1180:8: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1180:8: branch_false: following 'false' branch (when 'partyVInfo' is NULL)...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1183:12: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1185:12: throw: if 'OSSL_PARAM_construct_octet_string' throws an exception...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1185:12: danger: 'buffer' leaks here; was allocated at [(16)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/15)
# 1183|       *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
# 1184|   					    digestname, 0);
# 1185|->     *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SECRET,
# 1186|   					     Z->buffer, Z->size);
# 1187|       *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def40]
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1187:12: warning[-Wanalyzer-malloc-leak]: leak of 'buffer'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1119:8: enter_function: entry to 'OSSLCryptKDFe'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1140:5: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1143:7: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1146:12: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1146:12: call_function: calling 'GetDigestNameByHashAlg' from 'OSSLCryptKDFe'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1146:12: return_function: returning to 'OSSLCryptKDFe' from 'GetDigestNameByHashAlg'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1147:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1149:9: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1149:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1151:5: call_function: inlined call to 'strcpy' from 'OSSLCryptKDFe'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1160:14: acquire_memory: allocated here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1161:8: branch_false: following 'false' branch (when 'buffer' is non-NULL)...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1164:11: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1165:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1168:11: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1169:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1172:8: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1172:8: branch_false: following 'false' branch (when 'label' is NULL)...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1176:8: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1176:8: branch_false: following 'false' branch (when 'partyUInfo' is NULL)...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1180:8: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1180:8: branch_false: following 'false' branch (when 'partyVInfo' is NULL)...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1183:12: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1187:12: throw: if 'OSSL_PARAM_construct_octet_string' throws an exception...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1187:12: danger: 'buffer' leaks here; was allocated at [(16)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/15)
# 1185|       *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SECRET,
# 1186|   					     Z->buffer, Z->size);
# 1187|->     *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO,
# 1188|   					     buffer, buffer_size);
# 1189|       *p = OSSL_PARAM_construct_end();

Error: GCC_ANALYZER_WARNING (CWE-401): [#def41]
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1200:5: warning[-Wanalyzer-malloc-leak]: leak of 'buffer'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1119:8: enter_function: entry to 'OSSLCryptKDFe'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1140:5: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1143:7: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1146:12: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1146:12: call_function: calling 'GetDigestNameByHashAlg' from 'OSSLCryptKDFe'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1146:12: return_function: returning to 'OSSLCryptKDFe' from 'GetDigestNameByHashAlg'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1147:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1149:9: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1149:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1151:5: call_function: inlined call to 'strcpy' from 'OSSLCryptKDFe'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1160:14: acquire_memory: allocated here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1161:8: branch_false: following 'false' branch (when 'buffer' is non-NULL)...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1164:11: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1200:5: throw: if 'EVP_KDF_CTX_free' throws an exception...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1200:5: danger: 'buffer' leaks here; was allocated at [(16)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/15)
# 1198|   
# 1199|   out:
# 1200|->     EVP_KDF_CTX_free(ctx);
# 1201|       EVP_KDF_free(kdf);
# 1202|       free(buffer);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def42]
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1201:5: warning[-Wanalyzer-malloc-leak]: leak of 'buffer'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1119:8: enter_function: entry to 'OSSLCryptKDFe'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1140:5: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1143:7: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1146:12: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1146:12: call_function: calling 'GetDigestNameByHashAlg' from 'OSSLCryptKDFe'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1146:12: return_function: returning to 'OSSLCryptKDFe' from 'GetDigestNameByHashAlg'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1147:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1149:9: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1149:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1151:5: call_function: inlined call to 'strcpy' from 'OSSLCryptKDFe'
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1160:14: acquire_memory: allocated here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1161:8: branch_false: following 'false' branch (when 'buffer' is non-NULL)...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1164:11: branch_false: ...to here
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1201:5: throw: if 'EVP_KDF_free' throws an exception...
libtpms-0.10.2/src/tpm2/crypto/openssl/Helpers.c:1201:5: danger: 'buffer' leaks here; was allocated at [(16)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/15)
# 1199|   out:
# 1200|       EVP_KDF_CTX_free(ctx);
# 1201|->     EVP_KDF_free(kdf);
# 1202|       free(buffer);
# 1203|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def43]
libtpms-0.10.2/src/tpm_library.c:342:9: warning[-Wanalyzer-malloc-leak]: leak of 'res'
libtpms-0.10.2/src/tpm_library.c:324:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_library.c:328:35: branch_false: ...to here
libtpms-0.10.2/src/tpm_library.c:329:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_library.c:333:12: branch_false: ...to here
libtpms-0.10.2/src/tpm_library.c:336:11: acquire_memory: allocated here
libtpms-0.10.2/src/tpm_library.c:337:8: branch_false: following 'false' branch (when 'res' is non-NULL)...
libtpms-0.10.2/src/tpm_library.c:342:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_library.c:342:9: throw: if 'BIO_read' throws an exception...
libtpms-0.10.2/src/tpm_library.c:342:9: danger: 'res' leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  340|       }
#  341|   
#  342|->     n = BIO_read(bmem, res, outputlen);
#  343|       if (n <= 0) {
#  344|           free(res);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def44]
libtpms-0.10.2/src/tpm_nvfile.c:214:15: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(&filename, "rb")'
libtpms-0.10.2/src/tpm_nvfile.c:173:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:175:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:175:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:178:11: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:182:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:188:5: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:197:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:198:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:199:16: acquire_resource: opened here
libtpms-0.10.2/src/tpm_nvfile.c:200:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:214:15: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:214:15: throw: if 'fseek' throws an exception...
libtpms-0.10.2/src/tpm_nvfile.c:214:15: danger: 'fopen(&filename, "rb")' leaks here; was opened at [(9)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/8)
#  212|       /* determine the file length */
#  213|       if (rc == 0) {
#  214|->         irc = fseek(file, 0L, SEEK_END);        /* seek to end of file */
#  215|           if (irc == -1L) {
#  216|               printf("TPM_NVRAM_LoadData: Error (fatal) fseek'ing %s, %s\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def45]
libtpms-0.10.2/src/tpm_nvfile.c:214:15: warning[-Wanalyzer-malloc-leak]: leak of 'fopen(&filename, "rb")'
libtpms-0.10.2/src/tpm_nvfile.c:173:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:175:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:175:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:178:11: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:182:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:188:5: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:197:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:198:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:199:16: acquire_memory: allocated here
libtpms-0.10.2/src/tpm_nvfile.c:200:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:214:15: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:214:15: throw: if 'fseek' throws an exception...
libtpms-0.10.2/src/tpm_nvfile.c:214:15: danger: 'fopen(&filename, "rb")' leaks here; was allocated at [(9)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/8)
#  212|       /* determine the file length */
#  213|       if (rc == 0) {
#  214|->         irc = fseek(file, 0L, SEEK_END);        /* seek to end of file */
#  215|           if (irc == -1L) {
#  216|               printf("TPM_NVRAM_LoadData: Error (fatal) fseek'ing %s, %s\n",

Error: GCC_ANALYZER_WARNING (CWE-775): [#def46]
libtpms-0.10.2/src/tpm_nvfile.c:216:13: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(&filename, "rb")'
libtpms-0.10.2/src/tpm_nvfile.c:173:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:175:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:175:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:178:11: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:182:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:188:5: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:197:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:198:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:199:16: acquire_resource: opened here
libtpms-0.10.2/src/tpm_nvfile.c:200:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:214:15: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:215:12: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:216:13: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:216:13: throw: if 'TPMLIB_LogPrintf' throws an exception...
libtpms-0.10.2/src/tpm_nvfile.c:216:13: danger: 'fopen(&filename, "rb")' leaks here; was opened at [(9)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/8)
#  214|           irc = fseek(file, 0L, SEEK_END);        /* seek to end of file */
#  215|           if (irc == -1L) {
#  216|->             printf("TPM_NVRAM_LoadData: Error (fatal) fseek'ing %s, %s\n",
#  217|                      filename, strerror(errno));
#  218|               rc = TPM_FAIL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def47]
libtpms-0.10.2/src/tpm_nvfile.c:216:13: warning[-Wanalyzer-malloc-leak]: leak of 'fopen(&filename, "rb")'
libtpms-0.10.2/src/tpm_nvfile.c:173:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:175:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:175:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:178:11: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:182:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:188:5: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:197:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:198:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:199:16: acquire_memory: allocated here
libtpms-0.10.2/src/tpm_nvfile.c:200:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:214:15: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:215:12: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:216:13: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:216:13: throw: if 'TPMLIB_LogPrintf' throws an exception...
libtpms-0.10.2/src/tpm_nvfile.c:216:13: danger: 'fopen(&filename, "rb")' leaks here; was allocated at [(9)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/8)
#  214|           irc = fseek(file, 0L, SEEK_END);        /* seek to end of file */
#  215|           if (irc == -1L) {
#  216|->             printf("TPM_NVRAM_LoadData: Error (fatal) fseek'ing %s, %s\n",
#  217|                      filename, strerror(errno));
#  218|               rc = TPM_FAIL;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def48]
libtpms-0.10.2/src/tpm_nvfile.c:222:15: warning[-Wanalyzer-file-leak]: leak of FILE 'file'
libtpms-0.10.2/src/tpm_nvfile.c:173:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:175:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:175:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:178:11: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:182:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:188:5: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:197:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:198:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:199:16: acquire_resource: opened here
libtpms-0.10.2/src/tpm_nvfile.c:200:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:214:15: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:215:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:221:8: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:221:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:222:15: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:222:15: throw: if 'ftell' throws an exception...
libtpms-0.10.2/src/tpm_nvfile.c:222:15: danger: 'file' leaks here; was opened at [(9)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/8)
#  220|       }
#  221|       if (rc == 0) {
#  222|->         lrc = ftell(file);                      /* get position in the stream */
#  223|           if (lrc == -1L) {
#  224|               printf("TPM_NVRAM_LoadData: Error (fatal) ftell'ing %s, %s\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def49]
libtpms-0.10.2/src/tpm_nvfile.c:222:15: warning[-Wanalyzer-malloc-leak]: leak of 'file'
libtpms-0.10.2/src/tpm_nvfile.c:173:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:175:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:175:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:178:11: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:182:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:188:5: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:197:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:198:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:199:16: acquire_memory: allocated here
libtpms-0.10.2/src/tpm_nvfile.c:200:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:214:15: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:215:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:221:8: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:221:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:222:15: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:222:15: throw: if 'ftell' throws an exception...
libtpms-0.10.2/src/tpm_nvfile.c:222:15: danger: 'file' leaks here; was allocated at [(9)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/8)
#  220|       }
#  221|       if (rc == 0) {
#  222|->         lrc = ftell(file);                      /* get position in the stream */
#  223|           if (lrc == -1L) {
#  224|               printf("TPM_NVRAM_LoadData: Error (fatal) ftell'ing %s, %s\n",

Error: GCC_ANALYZER_WARNING (CWE-775): [#def50]
libtpms-0.10.2/src/tpm_nvfile.c:224:13: warning[-Wanalyzer-file-leak]: leak of FILE 'file'
libtpms-0.10.2/src/tpm_nvfile.c:173:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:175:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:175:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:178:11: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:182:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:188:5: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:197:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:198:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:199:16: acquire_resource: opened here
libtpms-0.10.2/src/tpm_nvfile.c:200:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:214:15: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:215:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:221:8: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:221:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:222:15: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:223:12: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:224:13: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:224:13: throw: if 'TPMLIB_LogPrintf' throws an exception...
libtpms-0.10.2/src/tpm_nvfile.c:224:13: danger: 'file' leaks here; was opened at [(9)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/8)
#  222|           lrc = ftell(file);                      /* get position in the stream */
#  223|           if (lrc == -1L) {
#  224|->             printf("TPM_NVRAM_LoadData: Error (fatal) ftell'ing %s, %s\n",
#  225|                      filename, strerror(errno));
#  226|               rc = TPM_FAIL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def51]
libtpms-0.10.2/src/tpm_nvfile.c:224:13: warning[-Wanalyzer-malloc-leak]: leak of 'file'
libtpms-0.10.2/src/tpm_nvfile.c:173:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:175:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:175:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:178:11: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:182:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:188:5: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:197:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:198:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:199:16: acquire_memory: allocated here
libtpms-0.10.2/src/tpm_nvfile.c:200:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:214:15: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:215:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:221:8: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:221:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:222:15: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:223:12: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:224:13: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:224:13: throw: if 'TPMLIB_LogPrintf' throws an exception...
libtpms-0.10.2/src/tpm_nvfile.c:224:13: danger: 'file' leaks here; was allocated at [(9)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/8)
#  222|           lrc = ftell(file);                      /* get position in the stream */
#  223|           if (lrc == -1L) {
#  224|->             printf("TPM_NVRAM_LoadData: Error (fatal) ftell'ing %s, %s\n",
#  225|                      filename, strerror(errno));
#  226|               rc = TPM_FAIL;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def52]
libtpms-0.10.2/src/tpm_nvfile.c:233:15: warning[-Wanalyzer-file-leak]: leak of FILE 'file'
libtpms-0.10.2/src/tpm_nvfile.c:173:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:175:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:175:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:178:11: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:182:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:188:5: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:197:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:198:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:199:16: acquire_resource: opened here
libtpms-0.10.2/src/tpm_nvfile.c:200:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:214:15: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:215:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:221:8: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:221:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:222:15: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:223:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:229:23: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:233:15: throw: if 'fseek' throws an exception...
libtpms-0.10.2/src/tpm_nvfile.c:233:15: danger: 'file' leaks here; was opened at [(9)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/8)
#  231|       }
#  232|       if (rc == 0) {
#  233|->         irc = fseek(file, 0L, SEEK_SET);        /* seek back to the beginning of the file */
#  234|           if (irc == -1L) {
#  235|               printf("TPM_NVRAM_LoadData: Error (fatal) fseek'ing %s, %s\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def53]
libtpms-0.10.2/src/tpm_nvfile.c:233:15: warning[-Wanalyzer-malloc-leak]: leak of 'file'
libtpms-0.10.2/src/tpm_nvfile.c:173:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:175:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:175:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:178:11: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:182:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:188:5: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:197:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:198:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:199:16: acquire_memory: allocated here
libtpms-0.10.2/src/tpm_nvfile.c:200:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:214:15: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:215:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:221:8: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:221:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:222:15: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:223:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:229:23: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:233:15: throw: if 'fseek' throws an exception...
libtpms-0.10.2/src/tpm_nvfile.c:233:15: danger: 'file' leaks here; was allocated at [(9)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/8)
#  231|       }
#  232|       if (rc == 0) {
#  233|->         irc = fseek(file, 0L, SEEK_SET);        /* seek back to the beginning of the file */
#  234|           if (irc == -1L) {
#  235|               printf("TPM_NVRAM_LoadData: Error (fatal) fseek'ing %s, %s\n",

Error: GCC_ANALYZER_WARNING (CWE-775): [#def54]
libtpms-0.10.2/src/tpm_nvfile.c:235:13: warning[-Wanalyzer-file-leak]: leak of FILE 'file'
libtpms-0.10.2/src/tpm_nvfile.c:173:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:175:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:175:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:178:11: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:182:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:188:5: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:197:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:198:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:199:16: acquire_resource: opened here
libtpms-0.10.2/src/tpm_nvfile.c:200:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:214:15: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:215:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:221:8: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:221:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:222:15: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:223:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:229:23: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:234:12: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:235:13: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:235:13: throw: if 'TPMLIB_LogPrintf' throws an exception...
libtpms-0.10.2/src/tpm_nvfile.c:235:13: danger: 'file' leaks here; was opened at [(9)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/8)
#  233|           irc = fseek(file, 0L, SEEK_SET);        /* seek back to the beginning of the file */
#  234|           if (irc == -1L) {
#  235|->             printf("TPM_NVRAM_LoadData: Error (fatal) fseek'ing %s, %s\n",
#  236|                      filename, strerror(errno));
#  237|               rc = TPM_FAIL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def55]
libtpms-0.10.2/src/tpm_nvfile.c:235:13: warning[-Wanalyzer-malloc-leak]: leak of 'file'
libtpms-0.10.2/src/tpm_nvfile.c:173:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:175:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:175:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:178:11: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:182:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:188:5: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:197:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:198:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:199:16: acquire_memory: allocated here
libtpms-0.10.2/src/tpm_nvfile.c:200:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:214:15: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:215:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:221:8: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:221:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:222:15: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:223:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:229:23: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:234:12: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:235:13: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:235:13: throw: if 'TPMLIB_LogPrintf' throws an exception...
libtpms-0.10.2/src/tpm_nvfile.c:235:13: danger: 'file' leaks here; was allocated at [(9)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/8)
#  233|           irc = fseek(file, 0L, SEEK_SET);        /* seek back to the beginning of the file */
#  234|           if (irc == -1L) {
#  235|->             printf("TPM_NVRAM_LoadData: Error (fatal) fseek'ing %s, %s\n",
#  236|                      filename, strerror(errno));
#  237|               rc = TPM_FAIL;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def56]
libtpms-0.10.2/src/tpm_nvfile.c:242:9: warning[-Wanalyzer-file-leak]: leak of FILE 'file'
libtpms-0.10.2/src/tpm_nvfile.c:173:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:175:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:175:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:178:11: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:182:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:188:5: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:197:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:198:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:199:16: acquire_resource: opened here
libtpms-0.10.2/src/tpm_nvfile.c:200:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:214:15: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:215:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:221:8: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:221:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:222:15: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:223:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:229:23: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:234:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:241:22: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:241:9: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:242:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:242:9: throw: if 'TPMLIB_LogPrintf' throws an exception...
libtpms-0.10.2/src/tpm_nvfile.c:242:9: danger: 'file' leaks here; was opened at [(9)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/8)
#  240|       /* allocate a buffer for the actual data */
#  241|       if ((rc == 0) && *length != 0) {
#  242|->         printf(" TPM_NVRAM_LoadData: Reading %u bytes of data\n", *length);
#  243|           rc = TPM_Malloc(data, *length);
#  244|   	if (rc != 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def57]
libtpms-0.10.2/src/tpm_nvfile.c:242:9: warning[-Wanalyzer-malloc-leak]: leak of 'file'
libtpms-0.10.2/src/tpm_nvfile.c:173:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:175:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:175:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:178:11: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:182:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:188:5: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:197:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:198:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:199:16: acquire_memory: allocated here
libtpms-0.10.2/src/tpm_nvfile.c:200:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:214:15: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:215:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:221:8: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:221:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:222:15: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:223:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:229:23: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:234:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:241:22: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:241:9: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:242:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:242:9: throw: if 'TPMLIB_LogPrintf' throws an exception...
libtpms-0.10.2/src/tpm_nvfile.c:242:9: danger: 'file' leaks here; was allocated at [(9)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/8)
#  240|       /* allocate a buffer for the actual data */
#  241|       if ((rc == 0) && *length != 0) {
#  242|->         printf(" TPM_NVRAM_LoadData: Reading %u bytes of data\n", *length);
#  243|           rc = TPM_Malloc(data, *length);
#  244|   	if (rc != 0) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def58]
libtpms-0.10.2/src/tpm_nvfile.c:243:14: warning[-Wanalyzer-file-leak]: leak of FILE 'file'
libtpms-0.10.2/src/tpm_nvfile.c:173:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:175:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:175:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:178:11: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:182:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:188:5: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:197:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:198:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:199:16: acquire_resource: opened here
libtpms-0.10.2/src/tpm_nvfile.c:200:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:214:15: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:215:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:221:8: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:221:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:222:15: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:223:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:229:23: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:234:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:241:22: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:241:9: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:242:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:243:14: throw: if 'TPM_Malloc' throws an exception...
libtpms-0.10.2/src/tpm_nvfile.c:243:14: danger: 'file' leaks here; was opened at [(9)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/8)
#  241|       if ((rc == 0) && *length != 0) {
#  242|           printf(" TPM_NVRAM_LoadData: Reading %u bytes of data\n", *length);
#  243|->         rc = TPM_Malloc(data, *length);
#  244|   	if (rc != 0) {
#  245|               printf("TPM_NVRAM_LoadData: Error (fatal) allocating %u bytes\n", *length);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def59]
libtpms-0.10.2/src/tpm_nvfile.c:243:14: warning[-Wanalyzer-malloc-leak]: leak of 'file'
libtpms-0.10.2/src/tpm_nvfile.c:173:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:175:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:175:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:178:11: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:182:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:188:5: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:197:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:198:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:199:16: acquire_memory: allocated here
libtpms-0.10.2/src/tpm_nvfile.c:200:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:214:15: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:215:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:221:8: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:221:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:222:15: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:223:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:229:23: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:234:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:241:22: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:241:9: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:242:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:243:14: throw: if 'TPM_Malloc' throws an exception...
libtpms-0.10.2/src/tpm_nvfile.c:243:14: danger: 'file' leaks here; was allocated at [(9)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/8)
#  241|       if ((rc == 0) && *length != 0) {
#  242|           printf(" TPM_NVRAM_LoadData: Reading %u bytes of data\n", *length);
#  243|->         rc = TPM_Malloc(data, *length);
#  244|   	if (rc != 0) {
#  245|               printf("TPM_NVRAM_LoadData: Error (fatal) allocating %u bytes\n", *length);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def60]
libtpms-0.10.2/src/tpm_nvfile.c:245:13: warning[-Wanalyzer-file-leak]: leak of FILE 'file'
libtpms-0.10.2/src/tpm_nvfile.c:173:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:175:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:175:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:178:11: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:182:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:188:5: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:197:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:198:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:199:16: acquire_resource: opened here
libtpms-0.10.2/src/tpm_nvfile.c:200:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:214:15: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:215:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:221:8: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:221:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:222:15: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:223:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:229:23: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:234:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:241:22: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:241:9: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:242:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:244:12: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:245:13: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:245:13: throw: if 'TPMLIB_LogPrintf' throws an exception...
libtpms-0.10.2/src/tpm_nvfile.c:245:13: danger: 'file' leaks here; was opened at [(9)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/8)
#  243|           rc = TPM_Malloc(data, *length);
#  244|   	if (rc != 0) {
#  245|->             printf("TPM_NVRAM_LoadData: Error (fatal) allocating %u bytes\n", *length);
#  246|               rc = TPM_FAIL;
#  247|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def61]
libtpms-0.10.2/src/tpm_nvfile.c:245:13: warning[-Wanalyzer-malloc-leak]: leak of 'file'
libtpms-0.10.2/src/tpm_nvfile.c:173:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:175:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:175:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:178:11: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:182:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:188:5: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:197:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:198:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:199:16: acquire_memory: allocated here
libtpms-0.10.2/src/tpm_nvfile.c:200:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:214:15: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:215:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:221:8: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:221:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:222:15: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:223:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:229:23: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:234:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:241:22: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:241:9: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:242:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:244:12: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:245:13: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:245:13: throw: if 'TPMLIB_LogPrintf' throws an exception...
libtpms-0.10.2/src/tpm_nvfile.c:245:13: danger: 'file' leaks here; was allocated at [(9)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/8)
#  243|           rc = TPM_Malloc(data, *length);
#  244|   	if (rc != 0) {
#  245|->             printf("TPM_NVRAM_LoadData: Error (fatal) allocating %u bytes\n", *length);
#  246|               rc = TPM_FAIL;
#  247|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def62]
libtpms-0.10.2/src/tpm_nvfile.c:260:9: warning[-Wanalyzer-file-leak]: leak of FILE 'file'
libtpms-0.10.2/src/tpm_nvfile.c:173:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:175:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:175:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:178:11: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:182:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:188:5: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:197:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:198:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:199:16: acquire_resource: opened here
libtpms-0.10.2/src/tpm_nvfile.c:200:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:214:15: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:259:8: branch_true: following 'true' branch (when 'file' is non-NULL)...
libtpms-0.10.2/src/tpm_nvfile.c:260:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:260:9: throw: if 'TPMLIB_LogPrintf' throws an exception...
libtpms-0.10.2/src/tpm_nvfile.c:260:9: danger: 'file' leaks here; was opened at [(9)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/8)
#  258|       /* close the file */
#  259|       if (file != NULL) {
#  260|->         printf(" TPM_NVRAM_LoadData: Closing file %s\n", filename);
#  261|           irc = fclose(file);             /* @1 */
#  262|           if (irc != 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def63]
libtpms-0.10.2/src/tpm_nvfile.c:260:9: warning[-Wanalyzer-malloc-leak]: leak of 'file'
libtpms-0.10.2/src/tpm_nvfile.c:173:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:175:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:175:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:178:11: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:182:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:188:5: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:197:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:198:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:199:16: acquire_memory: allocated here
libtpms-0.10.2/src/tpm_nvfile.c:200:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:214:15: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:259:8: branch_true: following 'true' branch (when 'file' is non-NULL)...
libtpms-0.10.2/src/tpm_nvfile.c:260:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:260:9: throw: if 'TPMLIB_LogPrintf' throws an exception...
libtpms-0.10.2/src/tpm_nvfile.c:260:9: danger: 'file' leaks here; was allocated at [(9)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/8)
#  258|       /* close the file */
#  259|       if (file != NULL) {
#  260|->         printf(" TPM_NVRAM_LoadData: Closing file %s\n", filename);
#  261|           irc = fclose(file);             /* @1 */
#  262|           if (irc != 0) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def64]
libtpms-0.10.2/src/tpm_nvfile.c:325:9: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(&filename, "wb")'
libtpms-0.10.2/src/tpm_nvfile.c:301:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:307:5: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:313:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:315:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:316:16: acquire_resource: opened here
libtpms-0.10.2/src/tpm_nvfile.c:317:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:325:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:325:9: throw: if 'TPMLIB_LogPrintf' throws an exception...
libtpms-0.10.2/src/tpm_nvfile.c:325:9: danger: 'fopen(&filename, "wb")' leaks here; was opened at [(5)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/4)
#  323|       /* write the data to the file */
#  324|       if (rc == 0) {
#  325|->         printf("  TPM_NVRAM_StoreData: Writing %u bytes of data\n", length);
#  326|           lrc = fwrite(data, 1, length, file);
#  327|           if (lrc != length) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def65]
libtpms-0.10.2/src/tpm_nvfile.c:325:9: warning[-Wanalyzer-malloc-leak]: leak of 'fopen(&filename, "wb")'
libtpms-0.10.2/src/tpm_nvfile.c:301:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:307:5: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:313:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:315:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:316:16: acquire_memory: allocated here
libtpms-0.10.2/src/tpm_nvfile.c:317:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:325:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:325:9: throw: if 'TPMLIB_LogPrintf' throws an exception...
libtpms-0.10.2/src/tpm_nvfile.c:325:9: danger: 'fopen(&filename, "wb")' leaks here; was allocated at [(5)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/4)
#  323|       /* write the data to the file */
#  324|       if (rc == 0) {
#  325|->         printf("  TPM_NVRAM_StoreData: Writing %u bytes of data\n", length);
#  326|           lrc = fwrite(data, 1, length, file);
#  327|           if (lrc != length) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def66]
libtpms-0.10.2/src/tpm_nvfile.c:326:15: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(&filename, "wb")'
libtpms-0.10.2/src/tpm_nvfile.c:301:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:307:5: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:313:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:315:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:316:16: acquire_resource: opened here
libtpms-0.10.2/src/tpm_nvfile.c:317:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:325:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:327:12: branch_true: following 'true' branch (when 'length != lrc')...
libtpms-0.10.2/src/tpm_nvfile.c:328:13: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:328:13: throw: if 'TPMLIB_LogPrintf' throws an exception...
libtpms-0.10.2/src/tpm_nvfile.c:326:15: danger: 'fopen(&filename, "wb")' leaks here; was opened at [(5)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/4)
#  324|       if (rc == 0) {
#  325|           printf("  TPM_NVRAM_StoreData: Writing %u bytes of data\n", length);
#  326|->         lrc = fwrite(data, 1, length, file);
#  327|           if (lrc != length) {
#  328|               printf("TPM_NVRAM_StoreData: Error (fatal), data write of %u only wrote %u\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def67]
libtpms-0.10.2/src/tpm_nvfile.c:326:15: warning[-Wanalyzer-malloc-leak]: leak of 'fopen(&filename, "wb")'
libtpms-0.10.2/src/tpm_nvfile.c:301:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:307:5: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:313:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:315:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:316:16: acquire_memory: allocated here
libtpms-0.10.2/src/tpm_nvfile.c:317:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:325:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:327:12: branch_true: following 'true' branch (when 'length != lrc')...
libtpms-0.10.2/src/tpm_nvfile.c:328:13: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:328:13: throw: if 'TPMLIB_LogPrintf' throws an exception...
libtpms-0.10.2/src/tpm_nvfile.c:326:15: danger: 'fopen(&filename, "wb")' leaks here; was allocated at [(5)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/4)
#  324|       if (rc == 0) {
#  325|           printf("  TPM_NVRAM_StoreData: Writing %u bytes of data\n", length);
#  326|->         lrc = fwrite(data, 1, length, file);
#  327|           if (lrc != length) {
#  328|               printf("TPM_NVRAM_StoreData: Error (fatal), data write of %u only wrote %u\n",

Error: GCC_ANALYZER_WARNING (CWE-775): [#def68]
libtpms-0.10.2/src/tpm_nvfile.c:334:9: warning[-Wanalyzer-file-leak]: leak of FILE 'file'
libtpms-0.10.2/src/tpm_nvfile.c:301:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:307:5: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:313:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:315:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:316:16: acquire_resource: opened here
libtpms-0.10.2/src/tpm_nvfile.c:317:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:325:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:333:8: branch_true: following 'true' branch (when 'file' is non-NULL)...
libtpms-0.10.2/src/tpm_nvfile.c:334:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:334:9: throw: if 'TPMLIB_LogPrintf' throws an exception...
libtpms-0.10.2/src/tpm_nvfile.c:334:9: danger: 'file' leaks here; was opened at [(5)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/4)
#  332|       }
#  333|       if (file != NULL) {
#  334|->         printf("  TPM_NVRAM_StoreData: Closing file %s\n", filename);
#  335|           irc = fclose(file);             /* @1 */
#  336|           if (irc != 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def69]
libtpms-0.10.2/src/tpm_nvfile.c:334:9: warning[-Wanalyzer-malloc-leak]: leak of 'file'
libtpms-0.10.2/src/tpm_nvfile.c:301:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:307:5: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:313:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_nvfile.c:315:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:316:16: acquire_memory: allocated here
libtpms-0.10.2/src/tpm_nvfile.c:317:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_nvfile.c:325:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:333:8: branch_true: following 'true' branch (when 'file' is non-NULL)...
libtpms-0.10.2/src/tpm_nvfile.c:334:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_nvfile.c:334:9: throw: if 'TPMLIB_LogPrintf' throws an exception...
libtpms-0.10.2/src/tpm_nvfile.c:334:9: danger: 'file' leaks here; was allocated at [(5)](sarif:/runs/0/results/27/codeFlows/0/threadFlows/0/locations/4)
#  332|       }
#  333|       if (file != NULL) {
#  334|->         printf("  TPM_NVRAM_StoreData: Closing file %s\n", filename);
#  335|           irc = fclose(file);             /* @1 */
#  336|           if (irc != 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def70]
libtpms-0.10.2/src/tpm_tpm12_interface.c:473:15: warning[-Wanalyzer-malloc-leak]: leak of 'tpm_state'
libtpms-0.10.2/src/tpm_tpm12_interface.c:436:19: enter_function: entry to 'TPM12_SetState'
libtpms-0.10.2/src/tpm_tpm12_interface.c:444:8: branch_false: following 'false' branch (when 'buffer' is non-NULL)...
libtpms-0.10.2/src/tpm_tpm12_interface.c:449:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_tpm12_interface.c:449:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_tpm12_interface.c:453:18: branch_false: ...to here
libtpms-0.10.2/src/tpm_tpm12_interface.c:454:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_tpm12_interface.c:462:9: call_function: inlined call to 'memcpy' from 'TPM12_SetState'
libtpms-0.10.2/src/tpm_tpm12_interface.c:464:21: acquire_memory: allocated here
libtpms-0.10.2/src/tpm_tpm12_interface.c:465:12: branch_false: following 'false' branch (when 'tpm_state' is non-NULL)...
libtpms-0.10.2/src/tpm_tpm12_interface.c:472:8: branch_false: ...to here
libtpms-0.10.2/src/tpm_tpm12_interface.c:472:8: branch_true: following 'true' branch (when 'ret == 0')...
libtpms-0.10.2/src/tpm_tpm12_interface.c:473:15: branch_true: ...to here
libtpms-0.10.2/src/tpm_tpm12_interface.c:473:15: throw: if 'TPM_Global_Init' throws an exception...
libtpms-0.10.2/src/tpm_tpm12_interface.c:473:15: danger: 'tpm_state' leaks here; was allocated at [(9)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/8)
#  471|   
#  472|       if (ret == TPM_SUCCESS) {
#  473|->         ret = TPM_Global_Init(tpm_state);
#  474|       }
#  475|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def71]
libtpms-0.10.2/src/tpm_tpm2_interface.c:276:19: warning[-Wanalyzer-malloc-leak]: leak of 'permanent'
libtpms-0.10.2/src/tpm_tpm2_interface.c:777:19: enter_function: entry to 'TPM2_SetState'
libtpms-0.10.2/src/tpm_tpm2_interface.c:787:8: branch_false: following 'false' branch (when 'buffer' is non-NULL)...
libtpms-0.10.2/src/tpm_tpm2_interface.c:792:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_tpm2_interface.c:792:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_tpm2_interface.c:796:18: branch_false: ...to here
libtpms-0.10.2/src/tpm_tpm2_interface.c:797:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_tpm2_interface.c:803:9: call_function: inlined call to 'memcpy' from 'TPM2_SetState'
libtpms-0.10.2/src/tpm_tpm2_interface.c:807:8: branch_true: following 'true' branch (when 'ret == 0')...
libtpms-0.10.2/src/tpm_tpm2_interface.c:808:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_tpm2_interface.c:814:18: call_function: calling 'TPM2_GetState' from 'TPM2_SetState'
#  274|           *buf = buffer = nbuffer;
#  275|           size = *buflen;
#  276|->         written = PERSISTENT_ALL_Marshal(&buffer, &size);
#  277|       } while (size < 66 * 1024);
#  278|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def72]
libtpms-0.10.2/src/tpm_tpm2_interface.c:433:9: warning[-Wanalyzer-malloc-leak]: leak of 'strdup("{{%s%s%s}}")'
libtpms-0.10.2/src/tpm_tpm2_interface.c:430:20: acquire_memory: allocated here
libtpms-0.10.2/src/tpm_tpm2_interface.c:430:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_tpm2_interface.c:433:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_tpm2_interface.c:433:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_tpm2_interface.c:435:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_tpm2_interface.c:436:13: throw: if 'TPMLIB_asprintf' throws an exception...
libtpms-0.10.2/src/tpm_tpm2_interface.c:433:9: danger: 'strdup("{{%s%s%s}}")' leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  431|           return NULL;
#  432|   
#  433|->     if ((flags & TPMLIB_INFO_TPMSPECIFICATION)) {
#  434|           fmt = buffer;
#  435|           buffer = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def73]
libtpms-0.10.2/src/tpm_tpm2_interface.c:443:32: warning[-Wanalyzer-malloc-leak]: leak of 'buffer'
libtpms-0.10.2/src/tpm_tpm2_interface.c:430:20: acquire_memory: allocated here
libtpms-0.10.2/src/tpm_tpm2_interface.c:430:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_tpm2_interface.c:433:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_tpm2_interface.c:433:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_tpm2_interface.c:442:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_tpm2_interface.c:442:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_tpm2_interface.c:443:32: branch_true: ...to here
libtpms-0.10.2/src/tpm_tpm2_interface.c:443:32: throw: if '_plat__GetTpmFirmwareVersionHigh' throws an exception...
libtpms-0.10.2/src/tpm_tpm2_interface.c:443:32: danger: 'buffer' leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#  441|   
#  442|       if ((flags & TPMLIB_INFO_TPMATTRIBUTES)) {
#  443|->         uint32_t firmware_v1 = _plat__GetTpmFirmwareVersionHigh();
#  444|   
#  445|           fmt = buffer;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def74]
libtpms-0.10.2/src/tpm_tpm2_interface.c:447:13: warning[-Wanalyzer-malloc-leak]: leak of 'fmt'
libtpms-0.10.2/src/tpm_tpm2_interface.c:430:20: acquire_memory: allocated here
libtpms-0.10.2/src/tpm_tpm2_interface.c:430:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_tpm2_interface.c:433:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_tpm2_interface.c:433:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_tpm2_interface.c:442:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_tpm2_interface.c:442:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_tpm2_interface.c:443:32: branch_true: ...to here
libtpms-0.10.2/src/tpm_tpm2_interface.c:447:13: throw: if 'TPMLIB_asprintf' throws an exception...
libtpms-0.10.2/src/tpm_tpm2_interface.c:447:13: danger: 'fmt' leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
#  445|           fmt = buffer;
#  446|           buffer = NULL;
#  447|->         if (TPMLIB_asprintf(&tpmattrs, tpmattrs_temp, firmware_v1) < 0)
#  448|               goto error;
#  449|           if (TPMLIB_asprintf(&buffer, fmt,  printed ? "," : "",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def75]
libtpms-0.10.2/src/tpm_tpm2_interface.c:449:13: warning[-Wanalyzer-malloc-leak]: leak of 'fmt'
libtpms-0.10.2/src/tpm_tpm2_interface.c:430:20: acquire_memory: allocated here
libtpms-0.10.2/src/tpm_tpm2_interface.c:430:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_tpm2_interface.c:433:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_tpm2_interface.c:433:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_tpm2_interface.c:442:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_tpm2_interface.c:442:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_tpm2_interface.c:443:32: branch_true: ...to here
libtpms-0.10.2/src/tpm_tpm2_interface.c:447:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_tpm2_interface.c:449:13: branch_false: ...to here
libtpms-0.10.2/src/tpm_tpm2_interface.c:449:13: branch_false: following 'false' branch (when 'printed == 0')...
libtpms-0.10.2/src/tpm_tpm2_interface.c:449:13: branch_false: ...to here
libtpms-0.10.2/src/tpm_tpm2_interface.c:449:13: throw: if 'TPMLIB_asprintf' throws an exception...
libtpms-0.10.2/src/tpm_tpm2_interface.c:449:13: danger: 'fmt' leaks here; was allocated at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
#  447|           if (TPMLIB_asprintf(&tpmattrs, tpmattrs_temp, firmware_v1) < 0)
#  448|               goto error;
#  449|->         if (TPMLIB_asprintf(&buffer, fmt,  printed ? "," : "",
#  450|                                tpmattrs, "%s%s%s") < 0)
#  451|               goto error;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def76]
libtpms-0.10.2/src/tpm_tpm2_interface.c:471:13: warning[-Wanalyzer-malloc-leak]: leak of 'fmt'
libtpms-0.10.2/src/tpm_tpm2_interface.c:361:14: enter_function: entry to 'TPM2_GetInfo'
libtpms-0.10.2/src/tpm_tpm2_interface.c:430:20: acquire_memory: allocated here
libtpms-0.10.2/src/tpm_tpm2_interface.c:430:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_tpm2_interface.c:433:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_tpm2_interface.c:433:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_tpm2_interface.c:442:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_tpm2_interface.c:442:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_tpm2_interface.c:456:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_tpm2_interface.c:456:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_tpm2_interface.c:457:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_tpm2_interface.c:463:12: branch_false: following 'false' branch (when 'n <= 31')...
libtpms-0.10.2/src/tpm_tpm2_interface.c:465:13: call_function: inlined call to 'snprintf' from 'TPM2_GetInfo'
libtpms-0.10.2/src/tpm_tpm2_interface.c:469:12: branch_false: following 'false' branch (when 'n <= 15')...
libtpms-0.10.2/src/tpm_tpm2_interface.c:471:13: branch_false: ...to here
libtpms-0.10.2/src/tpm_tpm2_interface.c:471:13: throw: if 'TPMLIB_asprintf' throws an exception...
libtpms-0.10.2/src/tpm_tpm2_interface.c:471:13: danger: 'fmt' leaks here; was allocated at [(2)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/1)
#  469|           if (n >= sizeof(camelliakeys))
#  470|               goto error;
#  471|->         if (TPMLIB_asprintf(&tpmfeatures, tpmfeatures_temp,
#  472|                               rsakeys, camelliakeys) < 0)
#  473|               goto error;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def77]
libtpms-0.10.2/src/tpm_tpm2_interface.c:474:13: warning[-Wanalyzer-malloc-leak]: leak of 'fmt'
libtpms-0.10.2/src/tpm_tpm2_interface.c:361:14: enter_function: entry to 'TPM2_GetInfo'
libtpms-0.10.2/src/tpm_tpm2_interface.c:430:20: acquire_memory: allocated here
libtpms-0.10.2/src/tpm_tpm2_interface.c:430:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_tpm2_interface.c:433:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_tpm2_interface.c:433:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_tpm2_interface.c:442:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_tpm2_interface.c:442:8: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_tpm2_interface.c:456:9: branch_false: ...to here
libtpms-0.10.2/src/tpm_tpm2_interface.c:456:8: branch_true: following 'true' branch...
libtpms-0.10.2/src/tpm_tpm2_interface.c:457:9: branch_true: ...to here
libtpms-0.10.2/src/tpm_tpm2_interface.c:463:12: branch_false: following 'false' branch (when 'n <= 31')...
libtpms-0.10.2/src/tpm_tpm2_interface.c:465:13: call_function: inlined call to 'snprintf' from 'TPM2_GetInfo'
libtpms-0.10.2/src/tpm_tpm2_interface.c:469:12: branch_false: following 'false' branch (when 'n <= 15')...
libtpms-0.10.2/src/tpm_tpm2_interface.c:471:13: branch_false: ...to here
libtpms-0.10.2/src/tpm_tpm2_interface.c:471:12: branch_false: following 'false' branch...
libtpms-0.10.2/src/tpm_tpm2_interface.c:474:13: branch_false: ...to here
libtpms-0.10.2/src/tpm_tpm2_interface.c:474:13: branch_false: following 'false' branch (when 'printed == 0')...
libtpms-0.10.2/src/tpm_tpm2_interface.c:474:13: branch_false: ...to here
libtpms-0.10.2/src/tpm_tpm2_interface.c:474:13: throw: if 'TPMLIB_asprintf' throws an exception...
libtpms-0.10.2/src/tpm_tpm2_interface.c:474:13: danger: 'fmt' leaks here; was allocated at [(2)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/1)
#  472|                               rsakeys, camelliakeys) < 0)
#  473|               goto error;
#  474|->         if (TPMLIB_asprintf(&buffer, fmt,  printed ? "," : "",
#  475|                               tpmfeatures, "%s%s%s") < 0)
#  476|               goto error;

Scan Properties