Error: GCC_ANALYZER_WARNING (CWE-401): [#def1] patch-2.8/lib/backupfile.c:237:33: warning[-Wanalyzer-malloc-leak]: leak of 'dirp' patch-2.8/lib/backupfile.c:311:1: enter_function: entry to 'backupfile_internal' patch-2.8/lib/backupfile.c:330:6: branch_false: following 'false' branch... patch-2.8/lib/backupfile.c:333:8: branch_false: ...to here patch-2.8/lib/backupfile.c:341:10: branch_false: following 'false' branch (when 'backup_type != 1')... patch-2.8/lib/backupfile.c:344:17: branch_false: ...to here patch-2.8/lib/backupfile.c:344:17: call_function: calling 'numbered_backup' from 'backupfile_internal' # 235| } # 236| # 237|-> for (struct dirent *dp; (dp = readdir (dirp)) != NULL; ) # 238| { # 239| if (_D_EXACT_NAMLEN (dp) < baselen + 4) Error: GCC_ANALYZER_WARNING (CWE-401): [#def2] patch-2.8/lib/diffseq.h:242:15: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>' patch-2.8/src/merge.c:505:1: enter_function: entry to 'compute_changes' patch-2.8/src/merge.c:513:6: branch_false: following 'false' branch... patch-2.8/src/merge.c:522:3: call_function: calling 'compareseq' from 'compute_changes' # 240| big_snake = true; # 241| fd[d] = x; # 242|-> if (odd && bmin <= d && d <= bmax && bd[d] <= x) # 243| { # 244| part->xmid = x; Error: GCC_ANALYZER_WARNING (CWE-401): [#def3] patch-2.8/lib/diffseq.h:275:15: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>' patch-2.8/src/merge.c:505:1: enter_function: entry to 'compute_changes' patch-2.8/src/merge.c:513:6: branch_false: following 'false' branch... patch-2.8/src/merge.c:522:3: call_function: calling 'compareseq' from 'compute_changes' # 273| big_snake = true; # 274| bd[d] = x; # 275|-> if (!odd && fmin <= d && d <= fmax && x <= fd[d]) # 276| { # 277| part->xmid = x; Error: GCC_ANALYZER_WARNING (CWE-401): [#def4] patch-2.8/lib/diffseq.h:406:26: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>' patch-2.8/src/merge.c:505:1: enter_function: entry to 'compute_changes' patch-2.8/src/merge.c:513:6: branch_false: following 'false' branch... patch-2.8/src/merge.c:522:3: call_function: calling 'compareseq' from 'compute_changes' # 404| /* Find backward diagonal that minimizes X + Y. */ # 405| OFFSET bxybest = OFFSET_MAX, bxbest; # 406|-> for (d = bmax; d >= bmin; d -= 2) # 407| { # 408| OFFSET x = MAX (xoff, bd[d]); Error: GCC_ANALYZER_WARNING (CWE-401): [#def5] patch-2.8/lib/diffseq.h:493:15: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>' patch-2.8/src/merge.c:505:1: enter_function: entry to 'compute_changes' patch-2.8/src/merge.c:513:6: branch_false: following 'false' branch... patch-2.8/src/merge.c:522:3: call_function: calling 'compareseq' from 'compute_changes' # 491| while (yoff < ylim) # 492| { # 493|-> NOTE_INSERT (ctxt, yoff); # 494| if (EARLY_ABORT (ctxt)) # 495| return true; Error: GCC_ANALYZER_WARNING (CWE-401): [#def6] patch-2.8/lib/diffseq.h:504:15: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>' patch-2.8/src/merge.c:505:1: enter_function: entry to 'compute_changes' patch-2.8/src/merge.c:513:6: branch_false: following 'false' branch... patch-2.8/src/merge.c:522:3: call_function: calling 'compareseq' from 'compute_changes' # 502| while (xoff < xlim) # 503| { # 504|-> NOTE_DELETE (ctxt, xoff); # 505| if (EARLY_ABORT (ctxt)) # 506| return true; Error: GCC_ANALYZER_WARNING (CWE-404): [#def7] patch-2.8/lib/error.c:157:15: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end' /usr/include/bits/error.h:37:1: enter_function: entry to 'error' patch-2.8/lib/error.c:288:3: acquire_resource: 'va_start' called here patch-2.8/lib/error.c:289:3: call_function: calling 'verror' from 'error' # 155| # error Please port fcntl to your platform # 156| # endif # 157|-> return 0 <= fcntl (fd, F_GETFL); # 158| # endif # 159| } Error: GCC_ANALYZER_WARNING (CWE-404): [#def8] patch-2.8/lib/error.c:184:5: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end' /usr/include/bits/error.h:37:1: enter_function: entry to 'error' patch-2.8/lib/error.c:288:3: acquire_resource: 'va_start' called here patch-2.8/lib/error.c:289:3: call_function: calling 'verror' from 'error' # 182| if (0 <= stdout_fd && is_open (stdout_fd)) # 183| #endif # 184|-> fflush (stdout); # 185| } # 186| Error: GCC_ANALYZER_WARNING (CWE-404): [#def9] patch-2.8/lib/error.c:266:5: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end' /usr/include/bits/error.h:37:1: enter_function: entry to 'error' patch-2.8/lib/error.c:288:3: acquire_resource: 'va_start' called here patch-2.8/lib/error.c:289:3: call_function: calling 'verror' from 'error' # 264| #endif # 265| if (error_print_progname) # 266|-> (*error_print_progname) (); # 267| else # 268| { Error: GCC_ANALYZER_WARNING (CWE-404): [#def10] patch-2.8/lib/error.c:332:5: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end' /usr/include/bits/error.h:64:1: enter_function: entry to 'error_at_line' patch-2.8/lib/error.c:363:3: acquire_resource: 'va_start' called here patch-2.8/lib/error.c:364:3: call_function: calling 'verror_at_line' from 'error_at_line' # 330| #endif # 331| if (error_print_progname) # 332|-> (*error_print_progname) (); # 333| else # 334| { Error: GCC_ANALYZER_WARNING (CWE-404): [#def11] patch-2.8/lib/fcntl.c:328:22: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end' patch-2.8/lib/fcntl.c:210:3: acquire_resource: 'va_start' called here patch-2.8/lib/fcntl.c:328:22: throw: if 'fcntl' throws an exception... patch-2.8/lib/fcntl.c:328:22: danger: missing call to 'va_end' to match 'va_start' at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0) # 326| #endif # 327| /* These actions take no argument. */ # 328|-> result = fcntl (fd, action); # 329| break; # 330| Error: GCC_ANALYZER_WARNING (CWE-404): [#def12] patch-2.8/lib/fcntl.c:424:24: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end' patch-2.8/lib/fcntl.c:210:3: acquire_resource: 'va_start' called here patch-2.8/lib/fcntl.c:424:24: throw: if 'fcntl' throws an exception... patch-2.8/lib/fcntl.c:424:24: danger: missing call to 'va_end' to match 'va_start' at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0) # 422| { # 423| int x = va_arg (arg, int); # 424|-> result = fcntl (fd, action, x); # 425| } # 426| break; Error: GCC_ANALYZER_WARNING (CWE-404): [#def13] patch-2.8/lib/fcntl.c:432:24: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end' patch-2.8/lib/fcntl.c:210:3: acquire_resource: 'va_start' called here patch-2.8/lib/fcntl.c:432:24: throw: if 'fcntl' throws an exception... patch-2.8/lib/fcntl.c:432:24: danger: missing call to 'va_end' to match 'va_start' at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0) # 430| { # 431| void *p = va_arg (arg, void *); # 432|-> result = fcntl (fd, action, p); # 433| } # 434| break; Error: GCC_ANALYZER_WARNING (CWE-404): [#def14] patch-2.8/lib/fcntl.c:482:12: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end' patch-2.8/lib/fcntl.c:202:1: enter_function: entry to 'rpl_fcntl' patch-2.8/lib/fcntl.c:210:3: acquire_resource: 'va_start' called here patch-2.8/lib/fcntl.c:216:18: call_function: inlined call to 'rpl_fcntl_DUPFD' from 'rpl_fcntl' # 480| } # 481| #else # 482|-> result = fcntl (fd, F_DUPFD, target); # 483| #endif # 484| return result; Error: GCC_ANALYZER_WARNING (CWE-404): [#def15] patch-2.8/lib/fcntl.c:512:16: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end' patch-2.8/lib/fcntl.c:202:1: enter_function: entry to 'rpl_fcntl' patch-2.8/lib/fcntl.c:210:3: acquire_resource: 'va_start' called here patch-2.8/lib/fcntl.c:223:18: call_function: calling 'rpl_fcntl_DUPFD_CLOEXEC' from 'rpl_fcntl' # 510| if (0 <= have_dupfd_cloexec) # 511| { # 512|-> result = fcntl (fd, F_DUPFD_CLOEXEC, target); # 513| if (0 <= result || errno != EINVAL) # 514| { Error: GCC_ANALYZER_WARNING (CWE-404): [#def16] patch-2.8/lib/fcntl.c:533:19: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end' patch-2.8/lib/fcntl.c:202:1: enter_function: entry to 'rpl_fcntl' patch-2.8/lib/fcntl.c:210:3: acquire_resource: 'va_start' called here patch-2.8/lib/fcntl.c:223:18: call_function: calling 'rpl_fcntl_DUPFD_CLOEXEC' from 'rpl_fcntl' # 531| if (0 <= result && have_dupfd_cloexec == -1) # 532| { # 533|-> int flags = fcntl (result, F_GETFD); # 534| if (flags < 0 || fcntl (result, F_SETFD, flags | FD_CLOEXEC) == -1) # 535| { Error: GCC_ANALYZER_WARNING (CWE-404): [#def17] patch-2.8/lib/fcntl.c:534:24: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end' patch-2.8/lib/fcntl.c:202:1: enter_function: entry to 'rpl_fcntl' patch-2.8/lib/fcntl.c:210:3: acquire_resource: 'va_start' called here patch-2.8/lib/fcntl.c:223:18: call_function: calling 'rpl_fcntl_DUPFD_CLOEXEC' from 'rpl_fcntl' # 532| { # 533| int flags = fcntl (result, F_GETFD); # 534|-> if (flags < 0 || fcntl (result, F_SETFD, flags | FD_CLOEXEC) == -1) # 535| { # 536| int saved_errno = errno; Error: GCC_ANALYZER_WARNING (CWE-404): [#def18] patch-2.8/lib/fcntl.c:537:11: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end' patch-2.8/lib/fcntl.c:202:1: enter_function: entry to 'rpl_fcntl' patch-2.8/lib/fcntl.c:210:3: acquire_resource: 'va_start' called here patch-2.8/lib/fcntl.c:223:18: call_function: calling 'rpl_fcntl_DUPFD_CLOEXEC' from 'rpl_fcntl' # 535| { # 536| int saved_errno = errno; # 537|-> close (result); # 538| errno = saved_errno; # 539| result = -1; Error: GCC_ANALYZER_WARNING (CWE-401): [#def19] patch-2.8/lib/hash.c:235:14: warning[-Wanalyzer-malloc-leak]: leak of 'storage.bucket' patch-2.8/lib/hash.c:1029:1: enter_function: entry to 'hash_remove' patch-2.8/lib/hash.c:1046:10: branch_true: following 'true' branch... patch-2.8/lib/hash.c:1051:11: branch_true: ...to here patch-2.8/lib/hash.c:1052:14: branch_true: following 'true' branch... patch-2.8/lib/hash.c:1057:18: branch_true: ...to here patch-2.8/lib/hash.c:1062:20: call_function: calling 'hash_rehash' from 'hash_remove' # 233| safe_hasher (const Hash_table *table, const void *key) # 234| { # 235|-> size_t n = table->hasher (key, table->n_buckets); # 236| if (! (n < table->n_buckets)) # 237| abort (); Error: COMPILER_WARNING: [#def20] patch-2.8/lib/parse-datetime.c: scope_hint: In function 'yyparse' patch-2.8/lib/parse-datetime.c:1596:9: warning[-Wunused-but-set-variable=]: variable 'yynerrs' set but not used # 1596 | int yynerrs = 0; # | ^~~~~~~ # 1594| # 1595| /* Number of syntax errors so far. */ # 1596|-> int yynerrs = 0; # 1597| # 1598| yy_state_fast_t yystate = 0; Error: GCC_ANALYZER_WARNING (CWE-457): [#def21] patch-2.8/lib/parse-datetime.c:1831:3: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value '*<unknown>' patch-2.8/lib/parse-datetime.y:2404:1: enter_function: entry to 'parse_datetime' patch-2.8/lib/parse-datetime.y:2409:6: branch_false: following 'false' branch... patch-2.8/lib/parse-datetime.y:2411:13: branch_false: ...to here patch-2.8/lib/parse-datetime.y:2411:13: call_function: calling 'parse_datetime_body' from 'parse_datetime' # 1829| unconditionally makes the parser a bit smaller, and it avoids a # 1830| GCC warning that YYVAL may be used uninitialized. */ # 1831|-> yyval = yyvsp[1-yylen]; # 1832| # 1833| Error: GCC_ANALYZER_WARNING (CWE-401): [#def22] patch-2.8/lib/time_rz.c:88:22: warning[-Wanalyzer-malloc-leak]: leak of 'tzalloc(getenv("TZ"))' patch-2.8/lib/time.h:1114:1: enter_function: entry to 'mktime_z' patch-2.8/lib/time_rz.c:282:6: branch_false: following 'false' branch (when 'tz' is non-NULL)... patch-2.8/lib/time_rz.c:286:27: branch_false: ...to here patch-2.8/lib/time_rz.c:286:27: call_function: calling 'set_tz' from 'mktime_z' # 86| { # 87| size_t name_size = name ? strlen (name) + 1 : 0; # 88|-> size_t abbr_size = name_size < ABBR_SIZE_MIN ? ABBR_SIZE_MIN : name_size + 1; # 89| timezone_t tz = malloc (FLEXSIZEOF (struct tm_zone, abbrs, abbr_size)); # 90| if (tz) Error: GCC_ANALYZER_WARNING (CWE-401): [#def23] patch-2.8/lib/time_rz.c:206:10: warning[-Wanalyzer-malloc-leak]: leak of 'set_tz(tz)' patch-2.8/lib/time.h:1114:1: enter_function: entry to 'mktime_z' patch-2.8/lib/time_rz.c:282:6: branch_false: following 'false' branch (when 'tz' is non-NULL)... patch-2.8/lib/time_rz.c:286:27: branch_false: ...to here patch-2.8/lib/time_rz.c:286:27: call_function: calling 'set_tz' from 'mktime_z' patch-2.8/lib/time_rz.c:286:27: return_function: returning to 'mktime_z' from 'set_tz' patch-2.8/lib/time_rz.c:287:10: branch_true: following 'true' branch... patch-2.8/lib/time_rz.c:290:25: branch_true: ...to here patch-2.8/lib/time_rz.c:206:10: danger: 'set_tz(tz)' leaks here; was allocated at [(10)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/9) # 204| if (env_tz # 205| ? tz->tz_is_set && strcmp (tz->abbrs, env_tz) == 0 # 206|-> : !tz->tz_is_set) # 207| return local_tz; # 208| else Error: GCC_ANALYZER_WARNING (CWE-401): [#def24] patch-2.8/src/inp.c:206:22: warning[-Wanalyzer-malloc-leak]: leak of 'lim' patch-2.8/src/inp.c:172:6: branch_false: following 'false' branch... patch-2.8/src/inp.c:201:21: branch_false: ...to here patch-2.8/src/inp.c:204:33: branch_true: following 'true' branch (when 's' is non-NULL)... patch-2.8/src/inp.c:205:5: branch_true: ...to here patch-2.8/src/inp.c:206:22: throw: if 'xireallocarray' throws an exception... patch-2.8/src/inp.c:206:22: danger: 'lim' leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0) # 204| for (char const *s = buffer; (s = memchr (s, '\n', lim - s)); s++) # 205| iline++; # 206|-> char const **ptr = xireallocarray (nullptr, iline, sizeof *ptr); # 207| iline = 0; # 208| for (char const *s = buffer; ; s++) Error: GCC_ANALYZER_WARNING (CWE-401): [#def25] patch-2.8/src/inp.c:206:22: warning[-Wanalyzer-malloc-leak]: leak of 's' patch-2.8/src/inp.c:172:6: branch_false: following 'false' branch... patch-2.8/src/inp.c:201:21: branch_false: ...to here patch-2.8/src/inp.c:204:33: branch_false: following 'false' branch (when 's' is NULL)... patch-2.8/src/inp.c:206:22: branch_false: ...to here patch-2.8/src/inp.c:206:22: throw: if 'xireallocarray' throws an exception... patch-2.8/src/inp.c:206:22: danger: 's' leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0) # 204| for (char const *s = buffer; (s = memchr (s, '\n', lim - s)); s++) # 205| iline++; # 206|-> char const **ptr = xireallocarray (nullptr, iline, sizeof *ptr); # 207| iline = 0; # 208| for (char const *s = buffer; ; s++) Error: GCC_ANALYZER_WARNING (CWE-416): [#def26] patch-2.8/src/list.h:53:10: warning[-Wanalyzer-use-after-free]: use after 'free' of 'entry' patch-2.8/src/safe.c:721:1: enter_function: entry to 'safe_access' patch-2.8/src/safe.c:723:15: call_function: inlined call to 'traverse_path' from 'safe_access' # 51| list_empty (const struct list_head *head) # 52| { # 53|-> return head->next == head; # 54| } # 55| Error: GCC_ANALYZER_WARNING (CWE-401): [#def27] patch-2.8/src/merge.c:526:1: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>' patch-2.8/src/merge.c:505:1: enter_function: entry to 'compute_changes' patch-2.8/src/merge.c:513:6: branch_false: following 'false' branch... patch-2.8/src/merge.c:522:3: call_function: calling 'compareseq' from 'compute_changes' patch-2.8/src/merge.c:522:3: return_function: returning to 'compute_changes' from 'compareseq' patch-2.8/src/merge.c:526:1: danger: '<unknown>' leaks here; was allocated at [(4)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/3) # 524| ctxt.fdiag -= ymax + 1; # 525| free (ctxt.fdiag); # 526|-> } Error: GCC_ANALYZER_WARNING (CWE-401): [#def28] patch-2.8/src/patch.c:1603:9: warning[-Wanalyzer-malloc-leak]: leak of 'ofp' patch-2.8/src/patch.c:1592:6: branch_false: following 'false' branch (when the strings are equal)... patch-2.8/src/patch.c:1596:24: branch_false: ...to here patch-2.8/src/patch.c:1597:10: branch_false: following 'false' branch (when 'stdout_dup >= 0')... patch-2.8/src/patch.c:1599:19: branch_false: ...to here patch-2.8/src/patch.c:1599:19: acquire_memory: allocated here patch-2.8/src/patch.c:1600:10: branch_false: following 'false' branch (when 'ofp' is non-NULL)... patch-2.8/src/patch.c:1602:11: branch_false: ...to here patch-2.8/src/patch.c:1602:10: branch_true: following 'true' branch... patch-2.8/src/patch.c:1603:9: branch_true: ...to here patch-2.8/src/patch.c:1603:9: throw: if 'pfatal' throws an exception... patch-2.8/src/patch.c:1603:9: danger: 'ofp' leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4) # 1601| pfatal ("Failed to duplicate standard output"); # 1602| if (dup2 (STDERR_FILENO, STDOUT_FILENO) < 0) # 1603|-> pfatal ("Failed to redirect messages to standard error"); # 1604| /* FIXME: Do we need to switch stdout_dup into O_BINARY mode here? */ # 1605| return ofp; Error: GCC_ANALYZER_WARNING (CWE-401): [#def29] patch-2.8/src/patch.c:1778:26: warning[-Wanalyzer-malloc-leak]: leak of 'xmalloc(168)' patch-2.8/src/patch.c:1778:26: throw: if 'xstrdup' throws an exception... patch-2.8/src/patch.c:1778:26: danger: 'xmalloc(168)' leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0) # 1776| } # 1777| file_to_delete = xmalloc (sizeof *file_to_delete); # 1778|-> file_to_delete->name = xstrdup (name); # 1779| file_to_delete->st = *st; # 1780| file_to_delete->backup = backup; Error: GCC_ANALYZER_WARNING (CWE-401): [#def30] patch-2.8/src/patch.c:1830:59: warning[-Wanalyzer-malloc-leak]: leak of 'ximalloc((long int)((long unsigned int)tosize + 200))' patch-2.8/src/patch.c:1830:34: branch_true: following 'true' branch (when 'alloc' is NULL)... patch-2.8/src/patch.c:1830:59: branch_true: ...to here patch-2.8/src/patch.c:1830:50: throw: if 'xstrdup' throws an exception... patch-2.8/src/patch.c:1830:59: danger: 'ximalloc((long int)((long unsigned int)tosize + 200))' leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0) # 1828| struct file_to_output *f = ximalloc (sizeof *f + tosize); # 1829| char *alloc = from->alloc; # 1830|-> f->from.name = f->from.alloc = alloc ? alloc : xstrdup (from->name); # 1831| if (alloc) # 1832| from->alloc = nullptr; Error: GCC_ANALYZER_WARNING (CWE-401): [#def31] patch-2.8/src/patch.c:1833:20: warning[-Wanalyzer-malloc-leak]: leak of 'ximalloc((long int)((long unsigned int)tosize + 200))' patch-2.8/src/patch.c:1830:34: branch_false: following 'false' branch (when 'alloc' is non-NULL)... patch-2.8/src/patch.c:1830:18: branch_false: ...to here patch-2.8/src/patch.c:1831:6: branch_true: following 'true' branch (when 'alloc' is non-NULL)... patch-2.8/src/patch.c:1832:5: branch_true: ...to here patch-2.8/src/patch.c:1836:11: branch_false: following 'false' branch (when 'to' is NULL)... patch-2.8/src/patch.c:1836:3: branch_false: ...to here patch-2.8/src/patch.c:1842:3: throw: if 'defer_signals' throws an exception... patch-2.8/src/patch.c:1833:20: danger: 'ximalloc((long int)((long unsigned int)tosize + 200))' leaks here; was allocated at [(1)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/0) # 1831| if (alloc) # 1832| from->alloc = nullptr; # 1833|-> f->from.exists = alloc ? from->exists : volatilize (f->from.alloc); # 1834| f->from.temporary = from->temporary; # 1835| f->from_st = *from_st; Error: GCC_ANALYZER_WARNING (CWE-401): [#def32] patch-2.8/src/patch.c:1833:43: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>' patch-2.8/src/patch.c:1830:34: branch_true: following 'true' branch (when 'alloc' is NULL)... patch-2.8/src/patch.c:1830:59: branch_true: ...to here patch-2.8/src/patch.c:1831:6: branch_false: following 'false' branch (when 'alloc' is NULL)... patch-2.8/src/patch.c:1833:43: branch_false: ...to here patch-2.8/src/patch.c:1833:43: danger: '<unknown>' leaks here; was allocated at [(3)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/2) # 1831| if (alloc) # 1832| from->alloc = nullptr; # 1833|-> f->from.exists = alloc ? from->exists : volatilize (f->from.alloc); # 1834| f->from.temporary = from->temporary; # 1835| f->from_st = *from_st; Error: CPPCHECK_WARNING (CWE-476): [#def33] patch-2.8/src/patch.c:1835: error[ctunullpointer]: Null pointer dereference: from_st # 1833| f->from.exists = alloc ? from->exists : volatilize (f->from.alloc); # 1834| f->from.temporary = from->temporary; # 1835|-> f->from_st = *from_st; # 1836| f->to = to ? memcpy (f + 1, to, tosize) : nullptr; # 1837| f->mode = mode; Error: CPPCHECK_WARNING (CWE-457): [#def34] patch-2.8/src/pch.c:986: warning[uninitvar]: Uninitialized variable: above_minimum # 984| /* The best of the filenames that create the fewest # 985| directories. */ # 986|-> i = best_name (p_name, above_minimum); # 987| } # 988| } Error: CPPCHECK_WARNING (CWE-457): [#def35] patch-2.8/src/pch.c:1759: error[legacyUninitvar]: Uninitialized variable: s # 1757| for (s = patchbuf; c_isblank (*s); s++) # 1758| continue; # 1759|-> if (invalid_line || !c_isdigit (*s)) # 1760| { # 1761| next_intuit_at(line_beginning,p_input_line); Error: GCC_ANALYZER_WARNING (CWE-401): [#def36] patch-2.8/src/pch.c:2333:34: warning[-Wanalyzer-malloc-leak]: leak of 'tmpfp' patch-2.8/src/pch.c:2315:8: branch_false: following 'false' branch... patch-2.8/src/pch.c:2324:12: branch_false: following 'false' branch... patch-2.8/src/pch.c:2326:17: branch_false: ...to here patch-2.8/src/pch.c:2326:17: acquire_memory: allocated here patch-2.8/src/pch.c:2327:12: branch_false: following 'false' branch (when 'tmpfp' is non-NULL)... patch-2.8/src/pch.c:2327:12: branch_false: ...to here patch-2.8/src/pch.c:2333:34: throw: if 'Ftello' throws an exception... patch-2.8/src/pch.c:2333:34: danger: 'tmpfp' leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4) # 2331| for (;;) { # 2332| char ed_command_letter; # 2333|-> beginning_of_this_line = Ftello (pfp); # 2334| idx_t chars_read = get_line (false); # 2335| if (! chars_read) { Error: CPPCHECK_WARNING (CWE-476): [#def37] patch-2.8/src/pch.c:2399: warning[nullPointerOutOfResources]: If resource allocation fails, then there is a possible null pointer dereference: ifp # 2397| if (!ifp) # 2398| pfatal ("can't open '%s'", output_name); # 2399|-> while (0 <= (c = getc (ifp))) # 2400| Fputc (c, ofp); # 2401| if (ferror (ifp) || fclose (ifp) < 0) Error: CPPCHECK_WARNING (CWE-476): [#def38] patch-2.8/src/pch.c:2401: warning[nullPointerOutOfResources]: If resource allocation fails, then there is a possible null pointer dereference: ifp # 2399| while (0 <= (c = getc (ifp))) # 2400| Fputc (c, ofp); # 2401|-> if (ferror (ifp) || fclose (ifp) < 0) # 2402| read_fatal (); # 2403| } Error: GCC_ANALYZER_WARNING (CWE-415): [#def39] patch-2.8/src/safe.c:100:3: warning[-Wanalyzer-double-free]: double-'free' of '((struct cached_dirfd)*((struct list_head *)entry)).name' patch-2.8/src/safe.c:721:1: enter_function: entry to 'safe_access' patch-2.8/src/safe.c:723:15: call_function: inlined call to 'traverse_path' from 'safe_access' # 98| { # 99| list_del (&entry->children_link); # 100|-> free (entry->name); # 101| free (entry); # 102| } Error: GCC_ANALYZER_WARNING (CWE-1341): [#def40] patch-2.8/src/safe.c:154:3: warning[-Wanalyzer-fd-double-close]: double 'close' of file descriptor '((struct cached_dirfd)*((struct list_head *)entry)).fd' patch-2.8/src/safe.c:721:1: enter_function: entry to 'safe_access' patch-2.8/src/safe.c:723:15: call_function: inlined call to 'traverse_path' from 'safe_access' # 152| list_del (&entry->lru_link); # 153| hash_remove (cached_dirfds, entry); /* noop when not hashed */ # 154|-> close (entry->fd); # 155| free_cached_dirfd (entry); # 156| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def41] patch-2.8/src/safe.c:186:9: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>' patch-2.8/src/safe.c:721:1: enter_function: entry to 'safe_access' patch-2.8/src/safe.c:723:15: call_function: inlined call to 'traverse_path' from 'safe_access' # 184| /* Only insert if the parent still exists. */ # 185| if (! list_empty (&entry->children_link)) # 186|-> if (hash_insert (cached_dirfds, entry) != entry) # 187| xalloc_die (); # 188| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def42] patch-2.8/src/safe.c:227:3: warning[-Wanalyzer-malloc-leak]: leak of 'new_cached_dirfd(dir, xstrdup(name), __openat_alias(*dir.fd, name, 2293760))' patch-2.8/src/safe.c:721:1: enter_function: entry to 'safe_access' patch-2.8/src/safe.c:723:15: call_function: inlined call to 'traverse_path' from 'safe_access' # 225| struct cached_dirfd *entry = xmalloc (sizeof (struct cached_dirfd)); # 226| # 227|-> INIT_LIST_HEAD (&entry->lru_link); # 228| list_add (&entry->children_link, &dir->children); # 229| INIT_LIST_HEAD (&entry->children); Error: GCC_ANALYZER_WARNING (CWE-401): [#def43] patch-2.8/src/safe.c:227:3: warning[-Wanalyzer-malloc-leak]: leak of 'xstrdup(name)' patch-2.8/src/safe.c:721:1: enter_function: entry to 'safe_access' patch-2.8/src/safe.c:723:15: call_function: inlined call to 'traverse_path' from 'safe_access' # 225| struct cached_dirfd *entry = xmalloc (sizeof (struct cached_dirfd)); # 226| # 227|-> INIT_LIST_HEAD (&entry->lru_link); # 228| list_add (&entry->children_link, &dir->children); # 229| INIT_LIST_HEAD (&entry->children); Error: GCC_ANALYZER_WARNING (CWE-401): [#def44] patch-2.8/src/util.c:474:13: warning[-Wanalyzer-malloc-leak]: leak of 'bakname' patch-2.8/src/util.c:507:1: enter_function: entry to 'move_file' patch-2.8/src/util.c:514:6: branch_true: following 'true' branch (when 'backup != 0')... patch-2.8/src/util.c:515:5: branch_true: ...to here patch-2.8/src/util.c:515:5: branch_true: following 'true' branch... patch-2.8/src/util.c:515:5: branch_true: ...to here patch-2.8/src/util.c:515:5: call_function: calling 'create_backup' from 'move_file' # 472| { # 473| if (debug & 4) # 474|-> say ("Renaming file %s to %s\n", # 475| quotearg_n (0, to), quotearg_n (1, bakname)); # 476| while (safe_rename (to, bakname) != 0) Error: GCC_ANALYZER_WARNING (CWE-401): [#def45] patch-2.8/src/util.c:476:18: warning[-Wanalyzer-malloc-leak]: leak of 'bakname' patch-2.8/src/util.c:507:1: enter_function: entry to 'move_file' patch-2.8/src/util.c:514:6: branch_true: following 'true' branch (when 'backup != 0')... patch-2.8/src/util.c:515:5: branch_true: ...to here patch-2.8/src/util.c:515:5: branch_true: following 'true' branch... patch-2.8/src/util.c:515:5: branch_true: ...to here patch-2.8/src/util.c:515:5: call_function: calling 'create_backup' from 'move_file' # 474| say ("Renaming file %s to %s\n", # 475| quotearg_n (0, to), quotearg_n (1, bakname)); # 476|-> while (safe_rename (to, bakname) != 0) # 477| { # 478| if (errno == try_makedirs_errno) Error: GCC_ANALYZER_WARNING (CWE-401): [#def46] patch-2.8/src/util.c:693:19: warning[-Wanalyzer-malloc-leak]: leak of 'ximalloc(__real__ <unknown>)' patch-2.8/src/util.c:687:6: branch_true: following 'true' branch... patch-2.8/src/util.c:690:11: branch_true: ...to here patch-2.8/src/util.c:690:10: branch_false: following 'false' branch... patch-2.8/src/util.c:692:22: branch_false: ...to here patch-2.8/src/util.c:693:19: throw: if 'safe_readlink' throws an exception... patch-2.8/src/util.c:693:19: danger: 'ximalloc(__real__ <unknown>)' leaks here; was allocated at [(5)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/4) # 691| xalloc_die (); # 692| char *buffer = ximalloc (alloc); # 693|-> ssize_t r = safe_readlink (from, buffer, alloc); # 694| # 695| if (r < 0) Error: GCC_ANALYZER_WARNING (CWE-401): [#def47] patch-2.8/src/util.c:1023:3: warning[-Wanalyzer-malloc-leak]: leak of 'bakname' patch-2.8/src/util.c:507:1: enter_function: entry to 'move_file' patch-2.8/src/util.c:514:6: branch_true: following 'true' branch (when 'backup != 0')... patch-2.8/src/util.c:515:5: branch_true: ...to here patch-2.8/src/util.c:515:5: branch_true: following 'true' branch... patch-2.8/src/util.c:515:5: branch_true: ...to here patch-2.8/src/util.c:515:5: call_function: calling 'create_backup' from 'move_file' # 1021| fprintf (stderr, " : %s\n", # 1022| errnum == EILSEQ ? "Invalid byte sequence" : strerror (errnum)); # 1023|-> fflush (stderr); # 1024| fatal_exit (); # 1025| } Error: GCC_ANALYZER_WARNING (CWE-404): [#def48] patch-2.8/src/util.c:1023:3: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end' patch-2.8/src/util.c:999:1: enter_function: entry to 'putline' patch-2.8/src/util.c:1002:3: acquire_resource: 'va_start' called here patch-2.8/src/util.c:1003:19: branch_true: following 'true' branch (when 'arg' is non-NULL)... patch-2.8/src/util.c:1004:5: branch_true: ...to here patch-2.8/src/util.c:1004:5: call_function: calling 'Fputs' from 'putline' # 1021| fprintf (stderr, " : %s\n", # 1022| errnum == EILSEQ ? "Invalid byte sequence" : strerror (errnum)); # 1023|-> fflush (stderr); # 1024| fatal_exit (); # 1025| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def49] patch-2.8/src/util.c:1024:3: warning[-Wanalyzer-malloc-leak]: leak of 'bakname' patch-2.8/src/util.c:507:1: enter_function: entry to 'move_file' patch-2.8/src/util.c:514:6: branch_true: following 'true' branch (when 'backup != 0')... patch-2.8/src/util.c:515:5: branch_true: ...to here patch-2.8/src/util.c:515:5: branch_true: following 'true' branch... patch-2.8/src/util.c:515:5: branch_true: ...to here patch-2.8/src/util.c:515:5: call_function: calling 'create_backup' from 'move_file' # 1022| errnum == EILSEQ ? "Invalid byte sequence" : strerror (errnum)); # 1023| fflush (stderr); # 1024|-> fatal_exit (); # 1025| } # 1026| Error: GCC_ANALYZER_WARNING (CWE-404): [#def50] patch-2.8/src/util.c:1024:3: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end' patch-2.8/src/util.c:999:1: enter_function: entry to 'putline' patch-2.8/src/util.c:1002:3: acquire_resource: 'va_start' called here patch-2.8/src/util.c:1003:19: branch_true: following 'true' branch (when 'arg' is non-NULL)... patch-2.8/src/util.c:1004:5: branch_true: ...to here patch-2.8/src/util.c:1004:5: call_function: calling 'Fputs' from 'putline' # 1022| errnum == EILSEQ ? "Invalid byte sequence" : strerror (errnum)); # 1023| fflush (stderr); # 1024|-> fatal_exit (); # 1025| } # 1026| Error: GCC_ANALYZER_WARNING (CWE-401): [#def51] patch-2.8/src/util.c:1287:59: warning[-Wanalyzer-malloc-leak]: leak of 'xstrdup(file)' patch-2.8/src/util.c:634:1: enter_function: entry to 'create_file' patch-2.8/src/util.c:644:6: branch_true: following 'true' branch... patch-2.8/src/util.c:647:7: call_function: calling 'makedirs' from 'create_file' # 1285| char const *component_start; # 1286| # 1287|-> for (f = filename + FILE_SYSTEM_PREFIX_LEN (filename); ISSLASH (*f); f++) # 1288| /* do nothing */ ; # 1289| Error: GCC_ANALYZER_WARNING (CWE-401): [#def52] patch-2.8/src/util.c:1287:59: warning[-Wanalyzer-malloc-leak]: leak of 'xstrdup(name)' patch-2.8/src/util.c:1323:1: enter_function: entry to 'makedirs' patch-2.8/src/util.c:1327:16: call_function: calling 'replace_slashes' from 'makedirs' patch-2.8/src/util.c:1327:16: return_function: returning to 'makedirs' from 'replace_slashes' patch-2.8/src/util.c:1332:6: branch_true: following 'true' branch... patch-2.8/src/util.c:1332:6: branch_true: ...to here patch-2.8/src/util.c:1339:27: branch_true: following 'true' branch... patch-2.8/src/util.c:1340:14: branch_true: ...to here patch-2.8/src/util.c:1340:12: branch_false: following 'false' branch... patch-2.8/src/util.c:1339:39: branch_false: ...to here patch-2.8/src/util.c:1339:27: branch_true: following 'true' branch... patch-2.8/src/util.c:1340:14: branch_true: ...to here patch-2.8/src/util.c:1340:12: branch_true: following 'true' branch... patch-2.8/src/util.c:1342:13: branch_true: ...to here patch-2.8/src/util.c:1342:13: throw: if 'safe_mkdir' throws an exception... patch-2.8/src/util.c:1287:59: danger: 'xstrdup(name)' leaks here; was allocated at [(2)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/1) # 1285| char const *component_start; # 1286| # 1287|-> for (f = filename + FILE_SYSTEM_PREFIX_LEN (filename); ISSLASH (*f); f++) # 1288| /* do nothing */ ; # 1289| Error: GCC_ANALYZER_WARNING (CWE-401): [#def53] patch-2.8/src/util.c:1325:20: warning[-Wanalyzer-malloc-leak]: leak of 'xstrdup(file)' patch-2.8/src/util.c:634:1: enter_function: entry to 'create_file' patch-2.8/src/util.c:644:6: branch_true: following 'true' branch... patch-2.8/src/util.c:647:7: call_function: calling 'makedirs' from 'create_file' # 1323| makedirs (char const *name) # 1324| { # 1325|-> char *filename = xstrdup (name); # 1326| char *f; # 1327| char *flim = replace_slashes (filename); Error: GCC_ANALYZER_WARNING (CWE-401): [#def54] patch-2.8/src/util.c:1361:9: warning[-Wanalyzer-malloc-leak]: leak of 'xstrdup(name)' patch-2.8/src/util.c:1360:38: branch_true: following 'true' branch (when 'i != 0')... patch-2.8/src/util.c:1361:9: branch_true: ...to here patch-2.8/src/util.c:1361:8: branch_true: following 'true' branch... patch-2.8/src/util.c:1362:15: branch_true: ...to here patch-2.8/src/util.c:1361:9: branch_true: following 'true' branch... patch-2.8/src/util.c:1362:12: branch_true: ...to here patch-2.8/src/util.c:1371:13: throw: if 'safe_rmdir' throws an exception... patch-2.8/src/util.c:1361:9: danger: 'xstrdup(name)' leaks here; was allocated at [(1)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/0) # 1359| # 1360| for (idx_t i = strlen (filename); i != 0; i--) # 1361|-> if (ISSLASH (filename[i]) # 1362| && ! (ISSLASH (filename[i - 1]) # 1363| || (filename[i - 1] == '.' Error: GCC_ANALYZER_WARNING (CWE-401): [#def55] patch-2.8/src/util.c:1586:16: warning[-Wanalyzer-malloc-leak]: leak of 'timestr' patch-2.8/src/util.c:1494:1: enter_function: entry to 'fetchname' patch-2.8/src/util.c:1539:8: branch_false: following 'false' branch (when the strings are non-equal)... patch-2.8/src/util.c:1551:11: branch_false: ...to here patch-2.8/src/util.c:1551:11: call_function: calling 'strip_leading_slashes' from 'fetchname' patch-2.8/src/util.c:1551:11: return_function: returning to 'fetchname' from 'strip_leading_slashes' patch-2.8/src/util.c:1551:8: branch_true: following 'true' branch... patch-2.8/src/util.c:1557:8: branch_true: ...to here patch-2.8/src/util.c:1557:8: branch_true: following 'true' branch (when 'ptimestr' is non-NULL)... patch-2.8/src/util.c:1559:25: branch_true: ...to here patch-2.8/src/util.c:1568:10: branch_true: following 'true' branch... patch-2.8/src/util.c:1570:14: branch_true: ...to here patch-2.8/src/util.c:1570:14: branch_false: following 'false' branch (when 'pstamp' is non-NULL)... patch-2.8/src/util.c:1586:16: branch_false: ...to here patch-2.8/src/util.c:1586:16: throw: if 'parse_datetime' throws an exception... patch-2.8/src/util.c:1586:16: danger: 'timestr' leaks here; was allocated at [(15)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/14) # 1584| situation is so rare that it is perhaps not worth fixing. */ # 1585| # 1586|-> if ((parse_datetime (&stamp, t, &initial_time) # 1587| & ! (set_time | set_utc)) # 1588| && (!TYPE_SIGNED (time_t) Error: GCC_ANALYZER_WARNING (CWE-401): [#def56] patch-2.8/src/util.c:1653:7: warning[-Wanalyzer-malloc-leak]: leak of 'bakname' patch-2.8/src/util.c:507:1: enter_function: entry to 'move_file' patch-2.8/src/util.c:514:6: branch_true: following 'true' branch (when 'backup != 0')... patch-2.8/src/util.c:515:5: branch_true: ...to here patch-2.8/src/util.c:515:5: branch_true: following 'true' branch... patch-2.8/src/util.c:515:5: branch_true: ...to here patch-2.8/src/util.c:515:5: call_function: calling 'create_backup' from 'move_file' # 1651| Fflush (FILE *stream) # 1652| { # 1653|-> if (fflush (stream) < 0) # 1654| write_fatal (); # 1655| }
| analyzer-version-clippy | 1.92.0 |
| analyzer-version-cppcheck | 2.19.1 |
| analyzer-version-gcc | 16.0.0 |
| analyzer-version-gcc-analyzer | 16.0.0 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-96.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | patch-2.8-3.fc44 |
| store-results-to | /tmp/tmpxjwgh6cu/patch-2.8-3.fc44.tar.xz |
| time-created | 2026-01-08 20:06:11 |
| time-finished | 2026-01-08 20:08:09 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmpxjwgh6cu/patch-2.8-3.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpxjwgh6cu/patch-2.8-3.fc44.src.rpm' |
| tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |