shadow-utils-4.18.0-7.fc44

List of Findings

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1]
shadow-4.18.0/lib/agetpass.c:113:13: warning[-Wanalyzer-malloc-leak]: leak of 'reallocarray(0, 8193, 1)'
shadow-4.18.0/lib/agetpass.c:96:1: enter_function: entry to 'agetpass_internal'
shadow-4.18.0/lib/agetpass.c:109:16: call_function: inlined call to 'mallocarray' from 'agetpass_internal'
shadow-4.18.0/lib/agetpass.c:110:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/agetpass.c:113:13: branch_false: ...to here
shadow-4.18.0/lib/agetpass.c:113:13: throw: if 'readpassphrase' throws an exception...
shadow-4.18.0/lib/agetpass.c:113:13: danger: 'reallocarray(0, 8193, 1)' leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#  111|   		return NULL;
#  112|   
#  113|-> 	if (readpassphrase(prompt, pass, PASS_MAX + 2, flags) == NULL)
#  114|   		goto fail;
#  115|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def2]
shadow-4.18.0/lib/alloc/reallocf.h:33:13: warning[-Wanalyzer-malloc-leak]: leak of 'reallocarrayf(buf,  max(buflen, 1), 1)'
shadow-4.18.0/lib/commonio.c:574:5: enter_function: entry to 'commonio_open'
shadow-4.18.0/lib/commonio.c:586:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:587:20: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:586:16: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:592:9: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:628:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:637:15: call_function: inlined call to 'mallocarray' from 'commonio_open'
shadow-4.18.0/lib/commonio.c:638:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:638:12: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:641:16: branch_true: following 'true' branch...
shadow-4.18.0/lib/commonio.c:641:16: branch_true: ...to here
shadow-4.18.0/lib/commonio.c:644:27: branch_true: following 'true' branch...
shadow-4.18.0/lib/commonio.c:645:28: branch_true: ...to here
shadow-4.18.0/lib/commonio.c:649:31: call_function: calling 'reallocarrayf' from 'commonio_open'
shadow-4.18.0/lib/commonio.c:649:31: return_function: returning to 'commonio_open' from 'reallocarrayf'
shadow-4.18.0/lib/commonio.c:650:28: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:653:31: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:654:29: throw: if the called function throws an exception...
shadow-4.18.0/lib/alloc/reallocf.h:33:13: danger: 'reallocarrayf(buf,  max(buflen, 1), 1)' leaks here; was allocated at [(17)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/16)
#   31|   	void  *q;
#   32|   
#   33|-> 	q = reallocarray(p, nmemb ?: 1, size ?: 1);
#   34|   
#   35|   	if (q == NULL)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def3]
shadow-4.18.0/lib/alloc/x/xmalloc.h:31:16: warning[-Wanalyzer-malloc-leak]: leak of 'dst_entry.full_path'
shadow-4.18.0/lib/copydir.c:874:5: enter_function: entry to 'copy_tree'
shadow-4.18.0/lib/copydir.c:890:16: call_function: calling 'copy_tree_impl' from 'copy_tree'
#   29|   xmallocarray(size_t nmemb, size_t size)
#   30|   {
#   31|-> 	return xreallocarray(NULL, nmemb, size);
#   32|   }
#   33|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def4]
shadow-4.18.0/lib/alloc/x/xmalloc.h:31:16: warning[-Wanalyzer-malloc-leak]: leak of 'src_entry.full_path'
shadow-4.18.0/lib/copydir.c:874:5: enter_function: entry to 'copy_tree'
shadow-4.18.0/lib/copydir.c:890:16: call_function: calling 'copy_tree_impl' from 'copy_tree'
#   29|   xmallocarray(size_t nmemb, size_t size)
#   30|   {
#   31|-> 	return xreallocarray(NULL, nmemb, size);
#   32|   }
#   33|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def5]
shadow-4.18.0/lib/alloc/x/xmalloc.h:31:16: warning[-Wanalyzer-malloc-leak]: leak of ‘default_file’
shadow-4.18.0/src/useradd.c:2397:5: enter_function: entry to ‘main’
shadow-4.18.0/src/useradd.c:2442:9: call_function: calling ‘get_defaults’ from ‘main’
#   29|   xmallocarray(size_t nmemb, size_t size)
#   30|   {
#   31|-> 	return xreallocarray(NULL, nmemb, size);
#   32|   }
#   33|   

Error: COMPILER_WARNING (CWE-252): [#def6]
shadow-4.18.0/lib/audit_help.c: scope_hint: In function 'audit_logger'
shadow-4.18.0/lib/audit_help.c:72:17: warning[-Wunused-result]: ignoring return value of 'audit_log_acct_message' declared with attribute 'warn_unused_result'
#   72 |                 audit_log_acct_message (audit_fd, type, NULL, op, name, id,
#      |                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#   73 |                                         NULL, NULL, NULL, result);
#      |                                         ~~~~~~~~~~~~~~~~~~~~~~~~~
#   70|   		return;
#   71|   	} else {
#   72|-> 		audit_log_acct_message (audit_fd, type, NULL, op, name, id,
#   73|   		                        NULL, NULL, NULL, result);
#   74|   	}

Error: COMPILER_WARNING (CWE-252): [#def7]
shadow-4.18.0/lib/audit_help.c: scope_hint: In function 'audit_logger_with_group'
shadow-4.18.0/lib/audit_help.c:114:9: warning[-Wunused-result]: ignoring return value of 'audit_log_acct_message' declared with attribute 'warn_unused_result'
#  114 |         audit_log_acct_message(audit_fd, type, NULL, buf, name, id,
#      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  115 |                                NULL, NULL, NULL, result);
#      |                                ~~~~~~~~~~~~~~~~~~~~~~~~~
#  112|   	}
#  113|   
#  114|-> 	audit_log_acct_message(audit_fd, type, NULL, buf, name, id,
#  115|   		               NULL, NULL, NULL, result);
#  116|   }

Error: COMPILER_WARNING (CWE-252): [#def8]
shadow-4.18.0/lib/audit_help.c: scope_hint: In function 'audit_logger_message'
shadow-4.18.0/lib/audit_help.c:123:17: warning[-Wunused-result]: ignoring return value of 'audit_log_user_message' declared with attribute 'warn_unused_result'
#  123 |                 audit_log_user_message (audit_fd,
#      |                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  124 |                                         AUDIT_USYS_CONFIG,
#      |                                         ~~~~~~~~~~~~~~~~~~
#  125 |                                         message,
#      |                                         ~~~~~~~~
#  126 |                                         NULL, /* hostname */
#      |                                         ~~~~~~~~~~~~~~~~~~~~
#  127 |                                         NULL, /* addr */
#      |                                         ~~~~~~~~~~~~~~~~
#  128 |                                         NULL, /* tty */
#      |                                         ~~~~~~~~~~~~~~~
#  129 |                                         result);
#      |                                         ~~~~~~~
#  121|   		return;
#  122|   	} else {
#  123|-> 		audit_log_user_message (audit_fd,
#  124|   		                        AUDIT_USYS_CONFIG,
#  125|   		                        message,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def9]
shadow-4.18.0/lib/chowndir.c:54:23: warning[-Wanalyzer-malloc-leak]: leak of 'fdopendir(openat(at_fd,  path, 720896))'
shadow-4.18.0/lib/chowndir.c:38:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/chowndir.c:42:15: branch_false: ...to here
shadow-4.18.0/lib/chowndir.c:42:15: acquire_memory: allocated here
shadow-4.18.0/lib/chowndir.c:43:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/chowndir.c:43:12: branch_false: ...to here
shadow-4.18.0/lib/chowndir.c:54:23: throw: if 'readdir' throws an exception...
shadow-4.18.0/lib/chowndir.c:54:23: danger: 'fdopendir(openat(at_fd,  path, 720896))' leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   52|   	 * shall be changed.
#   53|   	 */
#   54|-> 	while ((ent = readdir (dir))) {
#   55|   		uid_t tmpuid = (uid_t) -1;
#   56|   		gid_t tmpgid = (gid_t) -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def10]
shadow-4.18.0/lib/chowntty.c:61:17: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/chowntty.c:61:17: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/chowntty.c:61:17: branch_true: ...to here
shadow-4.18.0/lib/chowntty.c:61:17: acquire_memory: allocated here
shadow-4.18.0/lib/chowntty.c:61:17: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/chowntty.c:61:17: branch_true: ...to here
shadow-4.18.0/lib/chowntty.c:61:17: throw: if 'syslog' throws an exception...
shadow-4.18.0/lib/chowntty.c:61:17: danger: 'saved_locale' leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   59|   		         _("Unable to change owner or mode of tty stdin: %s"),
#   60|   		         strerror (err));
#   61|-> 		SYSLOG ((LOG_WARN,
#   62|   		         "unable to change owner or mode of tty stdin for user `%s': %s\n",
#   63|   		         info->pw_name, strerror (err)));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def11]
shadow-4.18.0/lib/cleanup_group.c:28:9: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/cleanup_group.c:28:9: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_group.c:28:9: branch_true: ...to here
shadow-4.18.0/lib/cleanup_group.c:28:9: acquire_memory: allocated here
shadow-4.18.0/lib/cleanup_group.c:28:9: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_group.c:28:9: branch_true: ...to here
shadow-4.18.0/lib/cleanup_group.c:28:9: throw: if 'syslog' throws an exception...
shadow-4.18.0/lib/cleanup_group.c:28:9: danger: 'saved_locale' leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   26|   	const char *name = group_name;
#   27|   
#   28|-> 	SYSLOG ((LOG_ERR, "failed to add group %s", name));
#   29|   #ifdef WITH_AUDIT
#   30|   	audit_logger (AUDIT_ADD_GROUP, log_get_progname(),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def12]
shadow-4.18.0/lib/cleanup_group.c:46:9: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/cleanup_group.c:46:9: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_group.c:46:9: branch_true: ...to here
shadow-4.18.0/lib/cleanup_group.c:46:9: acquire_memory: allocated here
shadow-4.18.0/lib/cleanup_group.c:46:9: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_group.c:46:9: branch_true: ...to here
shadow-4.18.0/lib/cleanup_group.c:46:9: throw: if 'syslog' throws an exception...
shadow-4.18.0/lib/cleanup_group.c:46:9: danger: 'saved_locale' leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#   44|   	const char *name = group_name;
#   45|   
#   46|-> 	SYSLOG ((LOG_ERR, "failed to remove group %s", name));
#   47|   #ifdef WITH_AUDIT
#   48|   	audit_logger (AUDIT_DEL_GROUP, log_get_progname(),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def13]
shadow-4.18.0/lib/cleanup_group.c:60:9: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/cleanup_group.c:60:9: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_group.c:60:9: branch_true: ...to here
shadow-4.18.0/lib/cleanup_group.c:60:9: acquire_memory: allocated here
shadow-4.18.0/lib/cleanup_group.c:60:9: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_group.c:60:9: branch_true: ...to here
shadow-4.18.0/lib/cleanup_group.c:60:9: throw: if 'gr_dbname' throws an exception...
shadow-4.18.0/lib/cleanup_group.c:60:9: danger: 'saved_locale' leaks here; was allocated at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#   58|   	info = (const struct cleanup_info_mod *)cleanup_info;
#   59|   
#   60|-> 	SYSLOG ((LOG_ERR,
#   61|   	         "failed to change %s (%s)",
#   62|   	         gr_dbname (),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def14]
shadow-4.18.0/lib/cleanup_group.c:78:9: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/cleanup_group.c:78:9: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_group.c:78:9: branch_true: ...to here
shadow-4.18.0/lib/cleanup_group.c:78:9: acquire_memory: allocated here
shadow-4.18.0/lib/cleanup_group.c:78:9: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_group.c:78:9: branch_true: ...to here
shadow-4.18.0/lib/cleanup_group.c:78:9: throw: if 'sgr_dbname' throws an exception...
shadow-4.18.0/lib/cleanup_group.c:78:9: danger: 'saved_locale' leaks here; was allocated at [(3)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/2)
#   76|   	info = (const struct cleanup_info_mod *)cleanup_info;
#   77|   
#   78|-> 	SYSLOG ((LOG_ERR,
#   79|   	         "failed to change %s (%s)",
#   80|   	         sgr_dbname (),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def15]
shadow-4.18.0/lib/cleanup_group.c:101:9: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/cleanup_group.c:101:9: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_group.c:101:9: branch_true: ...to here
shadow-4.18.0/lib/cleanup_group.c:101:9: acquire_memory: allocated here
shadow-4.18.0/lib/cleanup_group.c:101:9: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_group.c:101:9: branch_true: ...to here
shadow-4.18.0/lib/cleanup_group.c:101:9: throw: if 'gr_dbname' throws an exception...
shadow-4.18.0/lib/cleanup_group.c:101:9: danger: 'saved_locale' leaks here; was allocated at [(3)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/2)
#   99|   	const char *name = group_name;
#  100|   
#  101|-> 	SYSLOG ((LOG_ERR, "failed to add group %s to %s", name, gr_dbname ()));
#  102|   #ifdef WITH_AUDIT
#  103|   	audit_logger (AUDIT_ADD_GROUP, log_get_progname(),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def16]
shadow-4.18.0/lib/cleanup_group.c:121:9: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/cleanup_group.c:121:9: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_group.c:121:9: branch_true: ...to here
shadow-4.18.0/lib/cleanup_group.c:121:9: acquire_memory: allocated here
shadow-4.18.0/lib/cleanup_group.c:121:9: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_group.c:121:9: branch_true: ...to here
shadow-4.18.0/lib/cleanup_group.c:121:9: throw: if 'sgr_dbname' throws an exception...
shadow-4.18.0/lib/cleanup_group.c:121:9: danger: 'saved_locale' leaks here; was allocated at [(3)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/2)
#  119|   	const char *name = group_name;
#  120|   
#  121|-> 	SYSLOG ((LOG_ERR, "failed to add group %s to %s", name, sgr_dbname ()));
#  122|   #ifdef WITH_AUDIT
#  123|   	audit_logger (AUDIT_GRP_MGMT, log_get_progname(),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def17]
shadow-4.18.0/lib/cleanup_group.c:142:9: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/cleanup_group.c:142:9: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_group.c:142:9: branch_true: ...to here
shadow-4.18.0/lib/cleanup_group.c:142:9: acquire_memory: allocated here
shadow-4.18.0/lib/cleanup_group.c:142:9: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_group.c:142:9: branch_true: ...to here
shadow-4.18.0/lib/cleanup_group.c:142:9: throw: if 'gr_dbname' throws an exception...
shadow-4.18.0/lib/cleanup_group.c:142:9: danger: 'saved_locale' leaks here; was allocated at [(3)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/2)
#  140|   	const char *name = group_name;
#  141|   
#  142|-> 	SYSLOG ((LOG_ERR,
#  143|   	         "failed to remove group %s from %s",
#  144|   	         name, gr_dbname ()));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def18]
shadow-4.18.0/lib/cleanup_group.c:165:9: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/cleanup_group.c:165:9: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_group.c:165:9: branch_true: ...to here
shadow-4.18.0/lib/cleanup_group.c:165:9: acquire_memory: allocated here
shadow-4.18.0/lib/cleanup_group.c:165:9: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_group.c:165:9: branch_true: ...to here
shadow-4.18.0/lib/cleanup_group.c:165:9: throw: if 'sgr_dbname' throws an exception...
shadow-4.18.0/lib/cleanup_group.c:165:9: danger: 'saved_locale' leaks here; was allocated at [(3)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/2)
#  163|   	const char *name = group_name;
#  164|   
#  165|-> 	SYSLOG ((LOG_ERR,
#  166|   	         "failed to remove group %s from %s",
#  167|   	         name, sgr_dbname ()));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def19]
shadow-4.18.0/lib/cleanup_group.c:188:17: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/cleanup_group.c:184:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/cleanup_group.c:185:17: branch_true: ...to here
shadow-4.18.0/lib/cleanup_group.c:188:17: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_group.c:188:17: branch_true: ...to here
shadow-4.18.0/lib/cleanup_group.c:188:17: acquire_memory: allocated here
shadow-4.18.0/lib/cleanup_group.c:188:17: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_group.c:188:17: branch_true: ...to here
shadow-4.18.0/lib/cleanup_group.c:188:17: throw: if 'gr_dbname' throws an exception...
shadow-4.18.0/lib/cleanup_group.c:188:17: danger: 'saved_locale' leaks here; was allocated at [(5)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/4)
#  186|   		         _("%s: failed to unlock %s\n"),
#  187|   		         log_get_progname(), gr_dbname ());
#  188|-> 		SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
#  189|   #ifdef WITH_AUDIT
#  190|   		audit_logger_message ("unlocking-group",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def20]
shadow-4.18.0/lib/cleanup_group.c:208:17: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/cleanup_group.c:204:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/cleanup_group.c:205:17: branch_true: ...to here
shadow-4.18.0/lib/cleanup_group.c:208:17: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_group.c:208:17: branch_true: ...to here
shadow-4.18.0/lib/cleanup_group.c:208:17: acquire_memory: allocated here
shadow-4.18.0/lib/cleanup_group.c:208:17: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_group.c:208:17: branch_true: ...to here
shadow-4.18.0/lib/cleanup_group.c:208:17: throw: if 'sgr_dbname' throws an exception...
shadow-4.18.0/lib/cleanup_group.c:208:17: danger: 'saved_locale' leaks here; was allocated at [(5)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/4)
#  206|   		         _("%s: failed to unlock %s\n"),
#  207|   		         log_get_progname(), sgr_dbname ());
#  208|-> 		SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
#  209|   #ifdef WITH_AUDIT
#  210|   		audit_logger_message ("unlocking-gshadow",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def21]
shadow-4.18.0/lib/cleanup_user.c:28:9: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/cleanup_user.c:28:9: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_user.c:28:9: branch_true: ...to here
shadow-4.18.0/lib/cleanup_user.c:28:9: acquire_memory: allocated here
shadow-4.18.0/lib/cleanup_user.c:28:9: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_user.c:28:9: branch_true: ...to here
shadow-4.18.0/lib/cleanup_user.c:28:9: throw: if 'syslog' throws an exception...
shadow-4.18.0/lib/cleanup_user.c:28:9: danger: 'saved_locale' leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   26|   	const char *name = user_name;
#   27|   
#   28|-> 	SYSLOG ((LOG_ERR, "failed to add user %s", name));
#   29|   #ifdef WITH_AUDIT
#   30|   	audit_logger (AUDIT_ADD_USER, log_get_progname(),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def22]
shadow-4.18.0/lib/cleanup_user.c:42:9: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/cleanup_user.c:42:9: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_user.c:42:9: branch_true: ...to here
shadow-4.18.0/lib/cleanup_user.c:42:9: acquire_memory: allocated here
shadow-4.18.0/lib/cleanup_user.c:42:9: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_user.c:42:9: branch_true: ...to here
shadow-4.18.0/lib/cleanup_user.c:42:9: throw: if 'pw_dbname' throws an exception...
shadow-4.18.0/lib/cleanup_user.c:42:9: danger: 'saved_locale' leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#   40|   	info = (const struct cleanup_info_mod *)cleanup_info;
#   41|   
#   42|-> 	SYSLOG ((LOG_ERR,
#   43|   	         "failed to change %s (%s)",
#   44|   	         pw_dbname (),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def23]
shadow-4.18.0/lib/cleanup_user.c:65:9: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/cleanup_user.c:65:9: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_user.c:65:9: branch_true: ...to here
shadow-4.18.0/lib/cleanup_user.c:65:9: acquire_memory: allocated here
shadow-4.18.0/lib/cleanup_user.c:65:9: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_user.c:65:9: branch_true: ...to here
shadow-4.18.0/lib/cleanup_user.c:65:9: throw: if 'pw_dbname' throws an exception...
shadow-4.18.0/lib/cleanup_user.c:65:9: danger: 'saved_locale' leaks here; was allocated at [(3)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/2)
#   63|   	const char *name = user_name;
#   64|   
#   65|-> 	SYSLOG ((LOG_ERR, "failed to add user %s to %s", name, pw_dbname ()));
#   66|   #ifdef WITH_AUDIT
#   67|   	audit_logger (AUDIT_ADD_USER, log_get_progname(),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def24]
shadow-4.18.0/lib/cleanup_user.c:85:9: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/cleanup_user.c:85:9: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_user.c:85:9: branch_true: ...to here
shadow-4.18.0/lib/cleanup_user.c:85:9: acquire_memory: allocated here
shadow-4.18.0/lib/cleanup_user.c:85:9: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_user.c:85:9: branch_true: ...to here
shadow-4.18.0/lib/cleanup_user.c:85:9: throw: if 'spw_dbname' throws an exception...
shadow-4.18.0/lib/cleanup_user.c:85:9: danger: 'saved_locale' leaks here; was allocated at [(3)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/2)
#   83|   	const char *name = user_name;
#   84|   
#   85|-> 	SYSLOG ((LOG_ERR, "failed to add user %s to %s", name, spw_dbname ()));
#   86|   #ifdef WITH_AUDIT
#   87|   	audit_logger (AUDIT_USER_MGMT, log_get_progname(),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def25]
shadow-4.18.0/lib/cleanup_user.c:105:17: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/cleanup_user.c:101:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/cleanup_user.c:102:17: branch_true: ...to here
shadow-4.18.0/lib/cleanup_user.c:105:17: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_user.c:105:17: branch_true: ...to here
shadow-4.18.0/lib/cleanup_user.c:105:17: acquire_memory: allocated here
shadow-4.18.0/lib/cleanup_user.c:105:17: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_user.c:105:17: branch_true: ...to here
shadow-4.18.0/lib/cleanup_user.c:105:17: throw: if 'pw_dbname' throws an exception...
shadow-4.18.0/lib/cleanup_user.c:105:17: danger: 'saved_locale' leaks here; was allocated at [(5)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/4)
#  103|   		         _("%s: failed to unlock %s\n"),
#  104|   		         log_get_progname(), pw_dbname ());
#  105|-> 		SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
#  106|   #ifdef WITH_AUDIT
#  107|   		audit_logger_message ("unlocking-passwd",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def26]
shadow-4.18.0/lib/cleanup_user.c:124:17: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/cleanup_user.c:120:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/cleanup_user.c:121:17: branch_true: ...to here
shadow-4.18.0/lib/cleanup_user.c:124:17: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_user.c:124:17: branch_true: ...to here
shadow-4.18.0/lib/cleanup_user.c:124:17: acquire_memory: allocated here
shadow-4.18.0/lib/cleanup_user.c:124:17: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/cleanup_user.c:124:17: branch_true: ...to here
shadow-4.18.0/lib/cleanup_user.c:124:17: throw: if 'spw_dbname' throws an exception...
shadow-4.18.0/lib/cleanup_user.c:124:17: danger: 'saved_locale' leaks here; was allocated at [(5)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/4)
#  122|   		         _("%s: failed to unlock %s\n"),
#  123|   		         log_get_progname(), spw_dbname ());
#  124|-> 		SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
#  125|   #ifdef WITH_AUDIT
#  126|   		audit_logger_message ("unlocking-shadow",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def27]
shadow-4.18.0/lib/commonio.c:131:14: warning[-Wanalyzer-malloc-leak]: leak of 'aprintf("%s.%ju", &*db.filename, (long unsigned int)getpid())'
shadow-4.18.0/lib/commonio.c:355:5: enter_function: entry to 'commonio_lock_nowait'
shadow-4.18.0/lib/commonio.c:365:16: acquire_memory: allocated here
shadow-4.18.0/lib/commonio.c:366:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:369:16: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:370:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:373:13: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:373:13: call_function: calling 'do_lock_file' from 'commonio_lock_nowait'
#  129|   	ssize_t  len;
#  130|   
#  131|-> 	fd = open (file, O_CREAT | O_TRUNC | O_WRONLY, 0600);
#  132|   	if (-1 == fd) {
#  133|   		if (log) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def28]
shadow-4.18.0/lib/commonio.c:131:14: warning[-Wanalyzer-malloc-leak]: leak of 'aprintf("%s.lock", &*db.filename)'
shadow-4.18.0/lib/commonio.c:355:5: enter_function: entry to 'commonio_lock_nowait'
shadow-4.18.0/lib/commonio.c:366:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:369:16: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:369:16: acquire_memory: allocated here
shadow-4.18.0/lib/commonio.c:370:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:373:13: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:373:13: call_function: calling 'do_lock_file' from 'commonio_lock_nowait'
#  129|   	ssize_t  len;
#  130|   
#  131|-> 	fd = open (file, O_CREAT | O_TRUNC | O_WRONLY, 0600);
#  132|   	if (-1 == fd) {
#  133|   		if (log) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def29]
shadow-4.18.0/lib/commonio.c:142:9: warning[-Wanalyzer-malloc-leak]: leak of 'aprintf("%s.%ju", &*db.filename, (long unsigned int)getpid())'
shadow-4.18.0/lib/commonio.c:355:5: enter_function: entry to 'commonio_lock_nowait'
shadow-4.18.0/lib/commonio.c:365:16: acquire_memory: allocated here
shadow-4.18.0/lib/commonio.c:366:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:369:16: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:370:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:373:13: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:373:13: call_function: calling 'do_lock_file' from 'commonio_lock_nowait'
#  140|   
#  141|   	pid = getpid ();
#  142|-> 	SNPRINTF(buf, "%lu", (unsigned long) pid);
#  143|   	len = (ssize_t) strlen (buf) + 1;
#  144|   	if (write_full(fd, buf, len) == -1) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def30]
shadow-4.18.0/lib/commonio.c:142:9: warning[-Wanalyzer-malloc-leak]: leak of 'aprintf("%s.lock", &*db.filename)'
shadow-4.18.0/lib/commonio.c:355:5: enter_function: entry to 'commonio_lock_nowait'
shadow-4.18.0/lib/commonio.c:366:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:369:16: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:369:16: acquire_memory: allocated here
shadow-4.18.0/lib/commonio.c:370:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:373:13: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:373:13: call_function: calling 'do_lock_file' from 'commonio_lock_nowait'
#  140|   
#  141|   	pid = getpid ();
#  142|-> 	SNPRINTF(buf, "%lu", (unsigned long) pid);
#  143|   	len = (ssize_t) strlen (buf) + 1;
#  144|   	if (write_full(fd, buf, len) == -1) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def31]
shadow-4.18.0/lib/commonio.c:184:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open(lock, 2)'
shadow-4.18.0/lib/commonio.c:132:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:141:15: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:144:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:154:13: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:154:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:164:9: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:166:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:172:14: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:172:14: acquire_resource: opened here
shadow-4.18.0/lib/commonio.c:173:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:183:15: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:184:9: danger: 'open(lock, 2)' leaks here; was opened at [(9)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/8)
#  182|   	}
#  183|   	len = read (fd, buf, sizeof (buf) - 1);
#  184|-> 	close (fd);
#  185|   	if (len <= 0) {
#  186|   		if (log) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def32]
shadow-4.18.0/lib/commonio.c:257:46: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen_set_perms(backup, "w", & sb)'
shadow-4.18.0/lib/commonio.c:274:12: enter_function: entry to 'create_backup'
shadow-4.18.0/lib/commonio.c:281:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:285:16: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:285:16: call_function: calling 'fopen_set_perms' from 'create_backup'
shadow-4.18.0/lib/commonio.c:285:16: return_function: returning to 'create_backup' from 'fopen_set_perms'
shadow-4.18.0/lib/commonio.c:286:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:292:13: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:292:13: throw: if 'fseek' throws an exception...
shadow-4.18.0/lib/commonio.c:257:46: danger: 'fopen_set_perms(backup, "w", & sb)' leaks here; was opened at [(6)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/5)
#  255|   	}
#  256|   
#  257|-> 	if (fchown (fileno (fp), sb->st_uid, sb->st_gid) != 0) {
#  258|   		goto fail;
#  259|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def33]
shadow-4.18.0/lib/commonio.c:257:46: warning[-Wanalyzer-malloc-leak]: leak of 'fopen_set_perms(backup, "w", & sb)'
shadow-4.18.0/lib/commonio.c:274:12: enter_function: entry to 'create_backup'
shadow-4.18.0/lib/commonio.c:281:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:285:16: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:285:16: call_function: calling 'fopen_set_perms' from 'create_backup'
shadow-4.18.0/lib/commonio.c:285:16: return_function: returning to 'create_backup' from 'fopen_set_perms'
shadow-4.18.0/lib/commonio.c:286:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:292:13: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:292:13: throw: if 'fseek' throws an exception...
shadow-4.18.0/lib/commonio.c:257:46: danger: 'fopen_set_perms(backup, "w", & sb)' leaks here; was allocated at [(6)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/5)
#  255|   	}
#  256|   
#  257|-> 	if (fchown (fileno (fp), sb->st_uid, sb->st_gid) != 0) {
#  258|   		goto fail;
#  259|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def34]
shadow-4.18.0/lib/commonio.c:551:34: warning[-Wanalyzer-malloc-leak]: leak of 'reallocarray(0, 1, 40)'
shadow-4.18.0/lib/commonio.c:1047:5: enter_function: entry to 'commonio_update'
shadow-4.18.0/lib/commonio.c:1052:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/commonio.c:1052:25: branch_true: ...to here
shadow-4.18.0/lib/commonio.c:1052:13: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:1056:18: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:1057:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:1061:37: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:1062:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:1077:13: call_function: inlined call to 'mallocarray' from 'commonio_update'
shadow-4.18.0/lib/commonio.c:1078:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:1084:9: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:1089:9: call_function: calling 'add_one_entry_nis' from 'commonio_update'
#  549|   
#  550|   	for (p = db->head; NULL != p; p = p->next) {
#  551|-> 		if (name_is_nis (p->eptr ? db->ops->getname (p->eptr)
#  552|   		                         : p->line)) {
#  553|   			/*@-mustfreeonly@*/

Error: GCC_ANALYZER_WARNING (CWE-401): [#def35]
shadow-4.18.0/lib/commonio.c:641:16: warning[-Wanalyzer-malloc-leak]: leak of 'buf'
shadow-4.18.0/lib/commonio.c:574:5: enter_function: entry to 'commonio_open'
shadow-4.18.0/lib/commonio.c:586:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:587:20: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:586:16: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:592:9: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:628:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:637:15: call_function: inlined call to 'mallocarray' from 'commonio_open'
shadow-4.18.0/lib/commonio.c:638:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:638:12: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:641:16: throw: if the called function throws an exception...
shadow-4.18.0/lib/commonio.c:641:16: danger: 'buf' leaks here; was allocated at [(9)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/8)
#  639|   		goto cleanup_errno;
#  640|   
#  641|-> 	while (db->ops->fgets (buf, buflen, db->fp) == buf) {
#  642|   		struct commonio_entry  *p;
#  643|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def36]
shadow-4.18.0/lib/commonio.c:670:32: warning[-Wanalyzer-malloc-leak]: leak of 'line'
shadow-4.18.0/lib/commonio.c:574:5: enter_function: entry to 'commonio_open'
shadow-4.18.0/lib/commonio.c:586:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:587:20: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:586:16: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:592:9: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:628:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:637:15: call_function: inlined call to 'mallocarray' from 'commonio_open'
shadow-4.18.0/lib/commonio.c:638:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:638:12: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:641:16: branch_true: following 'true' branch...
shadow-4.18.0/lib/commonio.c:641:16: branch_true: ...to here
shadow-4.18.0/lib/commonio.c:644:27: branch_true: following 'true' branch...
shadow-4.18.0/lib/commonio.c:645:28: branch_true: ...to here
shadow-4.18.0/lib/commonio.c:644:27: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:644:27: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:662:24: acquire_memory: allocated here
shadow-4.18.0/lib/commonio.c:663:20: branch_false: following 'false' branch (when 'line' is non-NULL)...
shadow-4.18.0/lib/commonio.c:667:21: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:667:21: call_function: calling 'name_is_nis' from 'commonio_open'
shadow-4.18.0/lib/commonio.c:667:21: return_function: returning to 'commonio_open' from 'name_is_nis'
shadow-4.18.0/lib/commonio.c:667:20: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:670:32: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:670:32: throw: if the called function throws an exception...
shadow-4.18.0/lib/commonio.c:670:32: danger: 'line' leaks here; was allocated at [(17)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/16)
#  668|   			eptr = NULL;
#  669|   		} else {
#  670|-> 			eptr = db->ops->parse (line);
#  671|   			if (NULL != eptr) {
#  672|   				eptr = db->ops->dup (eptr);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def37]
shadow-4.18.0/lib/commonio.c:771:24: warning[-Wanalyzer-malloc-leak]: leak of 'reallocarray(0, n, 8)'
shadow-4.18.0/lib/commonio.c:726:1: enter_function: entry to 'commonio_sort'
shadow-4.18.0/lib/commonio.c:735:17: branch_true: following 'true' branch...
shadow-4.18.0/lib/commonio.c:751:12: branch_false: following 'false' branch (when 'n > 1')...
shadow-4.18.0/lib/commonio.c:755:19: call_function: inlined call to 'mallocarray' from 'commonio_sort'
shadow-4.18.0/lib/commonio.c:756:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:761:14: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:763:14: branch_true: following 'true' branch (when 'ptr != ptr')...
shadow-4.18.0/lib/commonio.c:771:24: branch_true: ...to here
shadow-4.18.0/lib/commonio.c:774:9: throw: if 'qsort' throws an exception...
shadow-4.18.0/lib/commonio.c:771:24: danger: 'reallocarray(0, n, 8)' leaks here; was allocated at [(7)](sarif:/runs/0/results/27/codeFlows/0/threadFlows/0/locations/6)
#  769|   /*@ +nullderef @*/
#  770|   	    ) {
#  771|-> 		entries[n] = ptr;
#  772|   		n++;
#  773|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def38]
shadow-4.18.0/lib/commonio.c:774:9: warning[-Wanalyzer-malloc-leak]: leak of 'reallocarray(0, n, 8)'
shadow-4.18.0/lib/commonio.c:726:1: enter_function: entry to 'commonio_sort'
shadow-4.18.0/lib/commonio.c:735:17: branch_true: following 'true' branch...
shadow-4.18.0/lib/commonio.c:751:12: branch_false: following 'false' branch (when 'n > 1')...
shadow-4.18.0/lib/commonio.c:755:19: call_function: inlined call to 'mallocarray' from 'commonio_sort'
shadow-4.18.0/lib/commonio.c:756:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/commonio.c:761:14: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:763:14: branch_false: following 'false' branch (when 'ptr == ptr')...
shadow-4.18.0/lib/commonio.c:774:9: branch_false: ...to here
shadow-4.18.0/lib/commonio.c:774:9: throw: if 'qsort' throws an exception...
shadow-4.18.0/lib/commonio.c:774:9: danger: 'reallocarray(0, n, 8)' leaks here; was allocated at [(7)](sarif:/runs/0/results/28/codeFlows/0/threadFlows/0/locations/6)
#  772|   		n++;
#  773|   	}
#  774|-> 	qsort (entries, n, sizeof (struct commonio_entry *), cmp);
#  775|   
#  776|   	/* Take care of the head and tail separately */

Error: GCC_ANALYZER_WARNING (CWE-476): [#def39]
shadow-4.18.0/lib/copydir.c:234:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'xreallocarray(0, 1, 40)'
shadow-4.18.0/lib/copydir.c:874:5: enter_function: entry to 'copy_tree'
shadow-4.18.0/lib/copydir.c:890:16: call_function: calling 'copy_tree_impl' from 'copy_tree'
#  232|   
#  233|   	lp = XMALLOC(1, struct link_name);
#  234|-> 	lp->ln_dev = sb->st_dev;
#  235|   	lp->ln_ino = sb->st_ino;
#  236|   	lp->ln_count = sb->st_nlink;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def40]
shadow-4.18.0/lib/copydir.c:234:22: warning[-Wanalyzer-malloc-leak]: leak of 'xreallocarray(0, 1, 40)'
shadow-4.18.0/lib/copydir.c:874:5: enter_function: entry to 'copy_tree'
shadow-4.18.0/lib/copydir.c:890:16: call_function: calling 'copy_tree_impl' from 'copy_tree'
#  232|   
#  233|   	lp = XMALLOC(1, struct link_name);
#  234|-> 	lp->ln_dev = sb->st_dev;
#  235|   	lp->ln_ino = sb->st_ino;
#  236|   	lp->ln_count = sb->st_nlink;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def41]
shadow-4.18.0/lib/copydir.c:283:18: warning[-Wanalyzer-malloc-leak]: leak of 'dst_entry.full_path'
shadow-4.18.0/lib/copydir.c:874:5: enter_function: entry to 'copy_tree'
shadow-4.18.0/lib/copydir.c:890:16: call_function: calling 'copy_tree_impl' from 'copy_tree'
#  281|   	 */
#  282|   
#  283|-> 	src_fd = openat (src->dirfd, src->name, O_DIRECTORY | O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
#  284|   	if (src_fd < 0) {
#  285|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def42]
shadow-4.18.0/lib/copydir.c:283:18: warning[-Wanalyzer-malloc-leak]: leak of 'src_entry.full_path'
shadow-4.18.0/lib/copydir.c:874:5: enter_function: entry to 'copy_tree'
shadow-4.18.0/lib/copydir.c:890:16: call_function: calling 'copy_tree_impl' from 'copy_tree'
#  281|   	 */
#  282|   
#  283|-> 	src_fd = openat (src->dirfd, src->name, O_DIRECTORY | O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
#  284|   	if (src_fd < 0) {
#  285|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def43]
shadow-4.18.0/lib/copydir.c:288:18: warning[-Wanalyzer-malloc-leak]: leak of 'dst_entry.full_path'
shadow-4.18.0/lib/copydir.c:874:5: enter_function: entry to 'copy_tree'
shadow-4.18.0/lib/copydir.c:890:16: call_function: calling 'copy_tree_impl' from 'copy_tree'
#  286|   	}
#  287|   
#  288|-> 	dst_fd = openat (dst->dirfd, dst->name, O_DIRECTORY | O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
#  289|   	if (dst_fd < 0) {
#  290|   		(void) close (src_fd);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def44]
shadow-4.18.0/lib/copydir.c:288:18: warning[-Wanalyzer-malloc-leak]: leak of 'src_entry.full_path'
shadow-4.18.0/lib/copydir.c:874:5: enter_function: entry to 'copy_tree'
shadow-4.18.0/lib/copydir.c:890:16: call_function: calling 'copy_tree_impl' from 'copy_tree'
#  286|   	}
#  287|   
#  288|-> 	dst_fd = openat (dst->dirfd, dst->name, O_DIRECTORY | O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
#  289|   	if (dst_fd < 0) {
#  290|   		(void) close (src_fd);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def45]
shadow-4.18.0/lib/copydir.c:290:24: warning[-Wanalyzer-malloc-leak]: leak of 'dst_entry.full_path'
shadow-4.18.0/lib/copydir.c:874:5: enter_function: entry to 'copy_tree'
shadow-4.18.0/lib/copydir.c:890:16: call_function: calling 'copy_tree_impl' from 'copy_tree'
#  288|   	dst_fd = openat (dst->dirfd, dst->name, O_DIRECTORY | O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
#  289|   	if (dst_fd < 0) {
#  290|-> 		(void) close (src_fd);
#  291|   		return -1;
#  292|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def46]
shadow-4.18.0/lib/copydir.c:290:24: warning[-Wanalyzer-malloc-leak]: leak of 'src_entry.full_path'
shadow-4.18.0/lib/copydir.c:874:5: enter_function: entry to 'copy_tree'
shadow-4.18.0/lib/copydir.c:890:16: call_function: calling 'copy_tree_impl' from 'copy_tree'
#  288|   	dst_fd = openat (dst->dirfd, dst->name, O_DIRECTORY | O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
#  289|   	if (dst_fd < 0) {
#  290|-> 		(void) close (src_fd);
#  291|   		return -1;
#  292|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def47]
shadow-4.18.0/lib/copydir.c:301:15: warning[-Wanalyzer-malloc-leak]: leak of 'dst_entry.full_path'
shadow-4.18.0/lib/copydir.c:874:5: enter_function: entry to 'copy_tree'
shadow-4.18.0/lib/copydir.c:890:16: call_function: calling 'copy_tree_impl' from 'copy_tree'
#  299|   	 * is made set-ID.
#  300|   	 */
#  301|-> 	dir = fdopendir (src_fd);
#  302|   	if (NULL == dir) {
#  303|   		(void) close (src_fd);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def48]
shadow-4.18.0/lib/copydir.c:301:15: warning[-Wanalyzer-malloc-leak]: leak of 'src_entry.full_path'
shadow-4.18.0/lib/copydir.c:874:5: enter_function: entry to 'copy_tree'
shadow-4.18.0/lib/copydir.c:890:16: call_function: calling 'copy_tree_impl' from 'copy_tree'
#  299|   	 * is made set-ID.
#  300|   	 */
#  301|-> 	dir = fdopendir (src_fd);
#  302|   	if (NULL == dir) {
#  303|   		(void) close (src_fd);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def49]
shadow-4.18.0/lib/copydir.c:303:24: warning[-Wanalyzer-malloc-leak]: leak of 'dst_entry.full_path'
shadow-4.18.0/lib/copydir.c:874:5: enter_function: entry to 'copy_tree'
shadow-4.18.0/lib/copydir.c:890:16: call_function: calling 'copy_tree_impl' from 'copy_tree'
#  301|   	dir = fdopendir (src_fd);
#  302|   	if (NULL == dir) {
#  303|-> 		(void) close (src_fd);
#  304|   		(void) close (dst_fd);
#  305|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def50]
shadow-4.18.0/lib/copydir.c:303:24: warning[-Wanalyzer-malloc-leak]: leak of 'src_entry.full_path'
shadow-4.18.0/lib/copydir.c:874:5: enter_function: entry to 'copy_tree'
shadow-4.18.0/lib/copydir.c:890:16: call_function: calling 'copy_tree_impl' from 'copy_tree'
#  301|   	dir = fdopendir (src_fd);
#  302|   	if (NULL == dir) {
#  303|-> 		(void) close (src_fd);
#  304|   		(void) close (dst_fd);
#  305|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def51]
shadow-4.18.0/lib/copydir.c:304:24: warning[-Wanalyzer-malloc-leak]: leak of 'dst_entry.full_path'
shadow-4.18.0/lib/copydir.c:874:5: enter_function: entry to 'copy_tree'
shadow-4.18.0/lib/copydir.c:890:16: call_function: calling 'copy_tree_impl' from 'copy_tree'
#  302|   	if (NULL == dir) {
#  303|   		(void) close (src_fd);
#  304|-> 		(void) close (dst_fd);
#  305|   		return -1;
#  306|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def52]
shadow-4.18.0/lib/copydir.c:304:24: warning[-Wanalyzer-malloc-leak]: leak of 'src_entry.full_path'
shadow-4.18.0/lib/copydir.c:874:5: enter_function: entry to 'copy_tree'
shadow-4.18.0/lib/copydir.c:890:16: call_function: calling 'copy_tree_impl' from 'copy_tree'
#  302|   	if (NULL == dir) {
#  303|   		(void) close (src_fd);
#  304|-> 		(void) close (dst_fd);
#  305|   		return -1;
#  306|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def53]
shadow-4.18.0/lib/copydir.c:308:13: warning[-Wanalyzer-malloc-leak]: leak of 'fdopendir(openat(*src.dirfd, *src.name, 720896))'
shadow-4.18.0/lib/copydir.c:874:5: enter_function: entry to 'copy_tree'
shadow-4.18.0/lib/copydir.c:890:16: call_function: calling 'copy_tree_impl' from 'copy_tree'
#  306|   	}
#  307|   
#  308|-> 	if (src_orig == NULL) {
#  309|   		src_orig = src->full_path;
#  310|   		dst_orig = dst->full_path;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def54]
shadow-4.18.0/lib/copydir.c:313:37: warning[-Wanalyzer-malloc-leak]: leak of 'dst_entry.full_path'
shadow-4.18.0/lib/copydir.c:874:5: enter_function: entry to 'copy_tree'
shadow-4.18.0/lib/copydir.c:890:16: call_function: calling 'copy_tree_impl' from 'copy_tree'
#  311|   		set_orig = true;
#  312|   	}
#  313|-> 	while ((0 == err) && (ent = readdir (dir)) != NULL) {
#  314|   		char              *src_name = NULL;
#  315|   		char              *dst_name;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def55]
shadow-4.18.0/lib/copydir.c:313:37: warning[-Wanalyzer-malloc-leak]: leak of 'src_entry.full_path'
shadow-4.18.0/lib/copydir.c:874:5: enter_function: entry to 'copy_tree'
shadow-4.18.0/lib/copydir.c:890:16: call_function: calling 'copy_tree_impl' from 'copy_tree'
#  311|   		set_orig = true;
#  312|   	}
#  313|-> 	while ((0 == err) && (ent = readdir (dir)) != NULL) {
#  314|   		char              *src_name = NULL;
#  315|   		char              *dst_name;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def56]
shadow-4.18.0/lib/copydir.c:501:13: warning[-Wanalyzer-malloc-leak]: leak of 'dst_entry.full_path'
shadow-4.18.0/lib/copydir.c:874:5: enter_function: entry to 'copy_tree'
shadow-4.18.0/lib/copydir.c:890:16: call_function: calling 'copy_tree_impl' from 'copy_tree'
#  499|   
#  500|   #ifdef WITH_SELINUX
#  501|-> 	if (set_selinux_file_context (dst->full_path, S_IFDIR) != 0) {
#  502|   		return -1;
#  503|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def57]
shadow-4.18.0/lib/copydir.c:501:13: warning[-Wanalyzer-malloc-leak]: leak of 'src_entry.full_path'
shadow-4.18.0/lib/copydir.c:874:5: enter_function: entry to 'copy_tree'
shadow-4.18.0/lib/copydir.c:890:16: call_function: calling 'copy_tree_impl' from 'copy_tree'
#  499|   
#  500|   #ifdef WITH_SELINUX
#  501|-> 	if (set_selinux_file_context (dst->full_path, S_IFDIR) != 0) {
#  502|   		return -1;
#  503|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def58]
shadow-4.18.0/lib/copydir.c:663:13: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
shadow-4.18.0/lib/copydir.c:874:5: enter_function: entry to 'copy_tree'
shadow-4.18.0/lib/copydir.c:890:16: call_function: calling 'copy_tree_impl' from 'copy_tree'
#  661|   {
#  662|   #if defined(WITH_SELINUX)
#  663|-> 	if (set_selinux_file_context(dst->full_path, statp->st_mode & S_IFMT) != 0)
#  664|   		return -1;
#  665|   #endif

Error: GCC_ANALYZER_WARNING (CWE-401): [#def59]
shadow-4.18.0/lib/copydir.c:721:15: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
shadow-4.18.0/lib/copydir.c:874:5: enter_function: entry to 'copy_tree'
shadow-4.18.0/lib/copydir.c:890:16: call_function: calling 'copy_tree_impl' from 'copy_tree'
#  719|   	int ofd;
#  720|   
#  721|-> 	ifd = openat (src->dirfd, src->name, O_RDONLY|O_NOFOLLOW|O_CLOEXEC);
#  722|   	if (ifd < 0) {
#  723|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def60]
shadow-4.18.0/lib/failure.c:49:17: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/failure.c:43:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/failure.c:47:14: branch_false: ...to here
shadow-4.18.0/lib/failure.c:48:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/failure.c:49:17: branch_true: ...to here
shadow-4.18.0/lib/failure.c:49:17: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/failure.c:49:17: branch_true: ...to here
shadow-4.18.0/lib/failure.c:49:17: acquire_memory: allocated here
shadow-4.18.0/lib/failure.c:49:17: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/failure.c:49:17: branch_true: ...to here
shadow-4.18.0/lib/failure.c:49:17: throw: if 'syslog' throws an exception...
shadow-4.18.0/lib/failure.c:49:17: danger: 'saved_locale' leaks here; was allocated at [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6)
#   47|   	fd = open (FAILLOG_FILE, O_RDWR);
#   48|   	if (fd < 0) {
#   49|-> 		SYSLOG ((LOG_WARN,
#   50|   		         "Can't write faillog entry for UID %lu in %s: %m",
#   51|   		         (unsigned long) uid, FAILLOG_FILE));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def61]
shadow-4.18.0/lib/failure.c:112:9: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/failure.c:34:6: enter_function: entry to 'failure'
shadow-4.18.0/lib/failure.c:43:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/failure.c:47:14: branch_false: ...to here
shadow-4.18.0/lib/failure.c:48:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/failure.c:61:17: branch_false: ...to here
shadow-4.18.0/lib/failure.c:84:9: call_function: calling 'strtcpy' from 'failure'
shadow-4.18.0/lib/failure.c:84:9: return_function: returning to 'failure' from 'strtcpy'
shadow-4.18.0/lib/failure.c:112:9: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/failure.c:112:9: branch_true: ...to here
shadow-4.18.0/lib/failure.c:112:9: acquire_memory: allocated here
shadow-4.18.0/lib/failure.c:112:9: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/failure.c:112:9: branch_true: ...to here
shadow-4.18.0/lib/failure.c:112:9: throw: if 'syslog' throws an exception...
shadow-4.18.0/lib/failure.c:112:9: danger: 'saved_locale' leaks here; was allocated at [(13)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/12)
#  110|   	}
#  111|   err_close:
#  112|-> 	SYSLOG ((LOG_WARN,
#  113|   	         "Can't write faillog entry for UID %lu to %s: %m",
#  114|   	         (unsigned long) uid, FAILLOG_FILE));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def62]
shadow-4.18.0/lib/failure.c:165:17: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/failure.c:159:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/failure.c:163:14: branch_false: ...to here
shadow-4.18.0/lib/failure.c:164:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/failure.c:165:17: branch_true: ...to here
shadow-4.18.0/lib/failure.c:165:17: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/failure.c:165:17: branch_true: ...to here
shadow-4.18.0/lib/failure.c:165:17: acquire_memory: allocated here
shadow-4.18.0/lib/failure.c:165:17: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/failure.c:165:17: branch_true: ...to here
shadow-4.18.0/lib/failure.c:165:17: throw: if 'syslog' throws an exception...
shadow-4.18.0/lib/failure.c:165:17: danger: 'saved_locale' leaks here; was allocated at [(7)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/6)
#  163|   	fd = open (FAILLOG_FILE, failed?O_RDONLY:O_RDWR);
#  164|   	if (fd < 0) {
#  165|-> 		SYSLOG ((LOG_WARN,
#  166|   		         "Can't open the faillog file (%s) to check UID %lu: %m; "
#  167|   		         "User access authorized.",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def63]
shadow-4.18.0/lib/failure.c:227:9: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/failure.c:159:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/failure.c:163:14: branch_false: ...to here
shadow-4.18.0/lib/failure.c:164:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/failure.c:184:17: branch_false: ...to here
shadow-4.18.0/lib/failure.c:184:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/failure.c:185:17: branch_false: ...to here
shadow-4.18.0/lib/failure.c:184:16: branch_false: following 'false' branch...
shadow-4.18.0/lib/failure.c:190:13: branch_false: ...to here
shadow-4.18.0/lib/failure.c:190:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/failure.c:202:12: branch_false: ...to here
shadow-4.18.0/lib/failure.c:202:12: branch_false: following 'false' branch (when 'failed == 0')...
shadow-4.18.0/lib/failure.c:203:17: branch_false: ...to here
shadow-4.18.0/lib/failure.c:227:9: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/failure.c:227:9: branch_true: ...to here
shadow-4.18.0/lib/failure.c:227:9: acquire_memory: allocated here
shadow-4.18.0/lib/failure.c:227:9: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/failure.c:227:9: branch_true: ...to here
shadow-4.18.0/lib/failure.c:227:9: throw: if 'syslog' throws an exception...
shadow-4.18.0/lib/failure.c:227:9: danger: 'saved_locale' leaks here; was allocated at [(15)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/14)
#  225|   	}
#  226|   err_close:
#  227|-> 	SYSLOG ((LOG_WARN,
#  228|   	         "Can't reset faillog entry for UID %lu in %s: %m",
#  229|   	         (unsigned long) uid, FAILLOG_FILE));

Error: GCC_ANALYZER_WARNING (CWE-775): [#def64]
shadow-4.18.0/lib/fd.c:39:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open("/dev/null", 2)'
shadow-4.18.0/lib/fd.c:38:19: acquire_resource: opened here
shadow-4.18.0/lib/fd.c:39:12: danger: 'open("/dev/null", 2)' leaks here; was opened at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#   37|   
#   38|   	devnull = open("/dev/null", O_RDWR);
#   39|-> 	if (devnull != fd)
#   40|   		abort();
#   41|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def65]
shadow-4.18.0/lib/find_new_sub_gids.c:54:17: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/find_new_sub_gids.c:34:9: branch_true: following 'true' branch (when 'range_start' is non-NULL)...
shadow-4.18.0/lib/find_new_sub_gids.c:35:9: branch_true: ...to here
shadow-4.18.0/lib/find_new_sub_gids.c:35:9: branch_true: following 'true' branch (when 'range_count' is non-NULL)...
shadow-4.18.0/lib/find_new_sub_gids.c:37:15: branch_true: ...to here
shadow-4.18.0/lib/find_new_sub_gids.c:41:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/find_new_sub_gids.c:50:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/find_new_sub_gids.c:51:17: branch_true: ...to here
shadow-4.18.0/lib/find_new_sub_gids.c:54:17: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/find_new_sub_gids.c:54:17: branch_true: ...to here
shadow-4.18.0/lib/find_new_sub_gids.c:54:17: acquire_memory: allocated here
shadow-4.18.0/lib/find_new_sub_gids.c:54:17: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/find_new_sub_gids.c:54:17: branch_true: ...to here
shadow-4.18.0/lib/find_new_sub_gids.c:54:17: throw: if 'syslog' throws an exception...
shadow-4.18.0/lib/find_new_sub_gids.c:54:17: danger: 'saved_locale' leaks here; was allocated at [(11)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/10)
#   52|   		         _("%s: Can't get unique subordinate GID range\n"),
#   53|   		         log_get_progname());
#   54|-> 		SYSLOG ((LOG_WARN, "no more available subordinate GIDs on the system"));
#   55|   		return -1;
#   56|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def66]
shadow-4.18.0/lib/find_new_sub_uids.c:54:17: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/find_new_sub_uids.c:34:9: branch_true: following 'true' branch (when 'range_start' is non-NULL)...
shadow-4.18.0/lib/find_new_sub_uids.c:35:9: branch_true: ...to here
shadow-4.18.0/lib/find_new_sub_uids.c:35:9: branch_true: following 'true' branch (when 'range_count' is non-NULL)...
shadow-4.18.0/lib/find_new_sub_uids.c:37:15: branch_true: ...to here
shadow-4.18.0/lib/find_new_sub_uids.c:41:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/find_new_sub_uids.c:50:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/find_new_sub_uids.c:51:17: branch_true: ...to here
shadow-4.18.0/lib/find_new_sub_uids.c:54:17: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/find_new_sub_uids.c:54:17: branch_true: ...to here
shadow-4.18.0/lib/find_new_sub_uids.c:54:17: acquire_memory: allocated here
shadow-4.18.0/lib/find_new_sub_uids.c:54:17: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/find_new_sub_uids.c:54:17: branch_true: ...to here
shadow-4.18.0/lib/find_new_sub_uids.c:54:17: throw: if 'syslog' throws an exception...
shadow-4.18.0/lib/find_new_sub_uids.c:54:17: danger: 'saved_locale' leaks here; was allocated at [(11)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/10)
#   52|   		         _("%s: Can't get unique subordinate UID range\n"),
#   53|   		         log_get_progname());
#   54|-> 		SYSLOG ((LOG_WARN, "no more available subordinate UIDs on the system"));
#   55|   		return -1;
#   56|   	}

Error: COMPILER_WARNING: [#def67]
shadow-4.18.0/lib/fputsx.c: scope_hint: In function 'fputsx'
shadow-4.18.0/lib/fputsx.c:48:13: warning[-Wunused-but-set-variable=]: variable 'i' set but not used
#   48 |         int i;
#      |             ^
#   46|   int fputsx (const char *s, FILE * stream)
#   47|   {
#   48|-> 	int i;
#   49|   
#   50|   	for (i = 0; !streq(s, ""); i++, s++) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def68]
shadow-4.18.0/lib/getdef.c:397:17: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/getdef.c:397:17: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/getdef.c:397:17: branch_true: ...to here
shadow-4.18.0/lib/getdef.c:397:17: acquire_memory: allocated here
shadow-4.18.0/lib/getdef.c:397:17: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/getdef.c:397:17: branch_true: ...to here
shadow-4.18.0/lib/getdef.c:397:17: throw: if 'syslog' throws an exception...
shadow-4.18.0/lib/getdef.c:397:17: danger: 'saved_locale' leaks here; was allocated at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#  395|   		(void) fputs (_("Could not allocate space for config info.\n"),
#  396|   		              shadow_logfd);
#  397|-> 		SYSLOG ((LOG_ERR, "could not allocate space for config info"));
#  398|   		return -1;
#  399|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def69]
shadow-4.18.0/lib/getdef.c:444:17: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/getdef.c:443:12: branch_true: following 'true' branch (when 'srcfile' is non-NULL)...
shadow-4.18.0/lib/getdef.c:444:17: branch_true: ...to here
shadow-4.18.0/lib/getdef.c:444:17: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/getdef.c:444:17: branch_true: ...to here
shadow-4.18.0/lib/getdef.c:444:17: acquire_memory: allocated here
shadow-4.18.0/lib/getdef.c:444:17: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/getdef.c:444:17: branch_true: ...to here
shadow-4.18.0/lib/getdef.c:444:17: throw: if 'syslog' throws an exception...
shadow-4.18.0/lib/getdef.c:444:17: danger: 'saved_locale' leaks here; was allocated at [(5)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/4)
#  442|   	         name);
#  443|   	if (srcfile != NULL)
#  444|-> 		SYSLOG ((LOG_CRIT, "shadow: unknown configuration item '%s' in '%s'", name, srcfile));
#  445|   
#  446|   out:

Error: COMPILER_WARNING (CWE-477): [#def70]
shadow-4.18.0/lib/getdef.c: scope_hint: In function 'def_load'
shadow-4.18.0/lib/getdef.c:488:9: warning[-Wdeprecated-declarations]: 'econf_readDirs' is deprecated: Use the econf_readConfig/econf_readConfigWithCallback instead
#  488 |         error = econf_readDirs (&defs_file, vendordir, sysconfdir, "login", "defs", " \t", "#");
#      |         ^~~~~
shadow-4.18.0/lib/getdef.c:22: included_from: Included from here.
/usr/include/libeconf.h:497:1: note: declared here
#  497 | econf_readDirs(econf_file **key_file,
#      | ^~~~~~~~~~~~~~
#  486|   	def_loaded = true;
#  487|   
#  488|-> 	error = econf_readDirs (&defs_file, vendordir, sysconfdir, "login", "defs", " \t", "#");
#  489|   	if (error) {
#  490|   		if (error == ECONF_NOFILE)

Error: COMPILER_WARNING (CWE-477): [#def71]
shadow-4.18.0/lib/getdef.c:488:9: warning[-Wdeprecated-declarations]: 'econf_readDirs' is deprecated: Use the econf_readConfig/econf_readConfigWithCallback instead
#  486|   	def_loaded = true;
#  487|   
#  488|-> 	error = econf_readDirs (&defs_file, vendordir, sysconfdir, "login", "defs", " \t", "#");
#  489|   	if (error) {
#  490|   		if (error == ECONF_NOFILE)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def72]
shadow-4.18.0/lib/getdef.c:493:17: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/getdef.c:489:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/getdef.c:490:20: branch_true: ...to here
shadow-4.18.0/lib/getdef.c:490:20: branch_false: following 'false' branch...
shadow-4.18.0/lib/getdef.c:493:17: branch_false: ...to here
shadow-4.18.0/lib/getdef.c:493:17: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/getdef.c:493:17: branch_true: ...to here
shadow-4.18.0/lib/getdef.c:493:17: acquire_memory: allocated here
shadow-4.18.0/lib/getdef.c:493:17: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/getdef.c:493:17: branch_true: ...to here
shadow-4.18.0/lib/getdef.c:493:17: throw: if 'econf_errString' throws an exception...
shadow-4.18.0/lib/getdef.c:493:17: danger: 'saved_locale' leaks here; was allocated at [(7)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/6)
#  491|   			return;
#  492|   
#  493|-> 		SYSLOG ((LOG_CRIT, "cannot open login definitions [%s]",
#  494|   			econf_errString(error)));
#  495|   		exit (EXIT_FAILURE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def73]
shadow-4.18.0/lib/getdef.c:499:17: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/getdef.c:489:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/getdef.c:498:22: branch_false: ...to here
shadow-4.18.0/lib/getdef.c:498:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/getdef.c:499:17: branch_true: ...to here
shadow-4.18.0/lib/getdef.c:499:17: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/getdef.c:499:17: branch_true: ...to here
shadow-4.18.0/lib/getdef.c:499:17: acquire_memory: allocated here
shadow-4.18.0/lib/getdef.c:499:17: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/getdef.c:499:17: branch_true: ...to here
shadow-4.18.0/lib/getdef.c:499:17: throw: if 'econf_errString' throws an exception...
shadow-4.18.0/lib/getdef.c:499:17: danger: 'saved_locale' leaks here; was allocated at [(7)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/6)
#  497|   
#  498|   	if ((error = econf_getKeys(defs_file, NULL, &key_number, &keys))) {
#  499|-> 		SYSLOG ((LOG_CRIT, "cannot read login definitions [%s]",
#  500|   			econf_errString(error)));
#  501|   		exit (EXIT_FAILURE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def74]
shadow-4.18.0/lib/getdef.c:509:25: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/getdef.c:489:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/getdef.c:498:22: branch_false: ...to here
shadow-4.18.0/lib/getdef.c:498:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/getdef.c:498:12: branch_false: ...to here
shadow-4.18.0/lib/getdef.c:504:28: branch_true: following 'true' branch...
shadow-4.18.0/lib/getdef.c:507:67: branch_true: ...to here
shadow-4.18.0/lib/getdef.c:508:20: branch_true: following 'true' branch...
shadow-4.18.0/lib/getdef.c:509:25: branch_true: ...to here
shadow-4.18.0/lib/getdef.c:509:25: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/getdef.c:509:25: branch_true: ...to here
shadow-4.18.0/lib/getdef.c:509:25: acquire_memory: allocated here
shadow-4.18.0/lib/getdef.c:509:25: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/getdef.c:509:25: branch_true: ...to here
shadow-4.18.0/lib/getdef.c:509:25: throw: if 'econf_errString' throws an exception...
shadow-4.18.0/lib/getdef.c:509:25: danger: 'saved_locale' leaks here; was allocated at [(11)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/10)
#  507|   		error = econf_getStringValue(defs_file, NULL, keys[i], &value);
#  508|   		if (error) {
#  509|-> 			SYSLOG ((LOG_CRIT, "failed reading key %zu from econf [%s]",
#  510|   				i, econf_errString(error)));
#  511|   			exit (EXIT_FAILURE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def75]
shadow-4.18.0/lib/groupio.c:378:1: warning[-Wanalyzer-malloc-leak]: leak of 'new_members'
shadow-4.18.0/lib/groupio.c:316:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/groupio.c:321:9: branch_false: ...to here
shadow-4.18.0/lib/groupio.c:323:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/groupio.c:329:20: branch_false: ...to here
shadow-4.18.0/lib/groupio.c:330:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/groupio.c:330:12: branch_false: ...to here
shadow-4.18.0/lib/groupio.c:348:23: acquire_memory: allocated here
shadow-4.18.0/lib/groupio.c:349:12: branch_false: following 'false' branch (when 'new_members' is non-NULL)...
shadow-4.18.0/lib/groupio.c:349:12: branch_false: ...to here
shadow-4.18.0/lib/groupio.c:353:19: branch_false: following 'false' branch...
shadow-4.18.0/lib/groupio.c:353:19: branch_false: ...to here
shadow-4.18.0/lib/groupio.c:359:19: branch_false: following 'false' branch...
shadow-4.18.0/lib/groupio.c:374:9: branch_false: ...to here
shadow-4.18.0/lib/groupio.c:378:1: danger: 'new_members' leaks here; was allocated at [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6)
#  376|   
#  377|   	return gr1;
#  378|-> }
#  379|   
#  380|   /*

Error: GCC_ANALYZER_WARNING (CWE-401): [#def76]
shadow-4.18.0/lib/groupio.c:413:39: warning[-Wanalyzer-malloc-leak]: leak of 'reallocarray(0, 1, 40)'
shadow-4.18.0/lib/groupio.c:386:12: enter_function: entry to 'split_groups'
shadow-4.18.0/lib/groupio.c:390:34: branch_true: following 'true' branch (when 'gr' is non-NULL)...
shadow-4.18.0/lib/groupio.c:391:31: branch_true: ...to here
shadow-4.18.0/lib/groupio.c:409:23: call_function: inlined call to 'mallocarray' from 'split_groups'
shadow-4.18.0/lib/groupio.c:410:20: branch_false: following 'false' branch...
shadow-4.18.0/lib/groupio.c:413:39: branch_false: ...to here
shadow-4.18.0/lib/groupio.c:413:29: call_function: inlined call to 'group_dup' from 'split_groups'
shadow-4.18.0/lib/groupio.c:413:39: danger: 'reallocarray(0, 1, 40)' leaks here; was allocated at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
#  411|   			return 0;
#  412|   		}
#  413|-> 		new->eptr = group_dup(gr->eptr);
#  414|   		if (NULL == new->eptr) {
#  415|   			free (new);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def77]
shadow-4.18.0/lib/idmapping.c:189:17: warning[-Wanalyzer-malloc-leak]: leak of 'pos'
shadow-4.18.0/lib/idmapping.c:123:6: enter_function: entry to 'write_mapping'
shadow-4.18.0/lib/idmapping.c:176:21: call_function: inlined call to 'xmallocarray' from 'write_mapping'
shadow-4.18.0/lib/idmapping.c:181:23: branch_false: following 'false' branch (when 'idx >= ranges')...
shadow-4.18.0/lib/idmapping.c:188:13: branch_false: ...to here
shadow-4.18.0/lib/idmapping.c:188:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/idmapping.c:189:17: branch_true: ...to here
shadow-4.18.0/lib/idmapping.c:189:17: throw: if 'log_get_progname' throws an exception...
shadow-4.18.0/lib/idmapping.c:189:17: danger: 'pos' leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#  187|   	}
#  188|   	if (pos == end || pos == NULL) {
#  189|-> 		fprintf(log_get_logfd(), _("%s: stpeprintf failed!\n"), log_get_progname());
#  190|   		exit(EXIT_FAILURE);
#  191|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def78]
shadow-4.18.0/lib/idmapping.c:189:25: warning[-Wanalyzer-malloc-leak]: leak of 'pos'
shadow-4.18.0/lib/idmapping.c:123:6: enter_function: entry to 'write_mapping'
shadow-4.18.0/lib/idmapping.c:176:21: call_function: inlined call to 'xmallocarray' from 'write_mapping'
shadow-4.18.0/lib/idmapping.c:181:23: branch_false: following 'false' branch (when 'idx >= ranges')...
shadow-4.18.0/lib/idmapping.c:188:13: branch_false: ...to here
shadow-4.18.0/lib/idmapping.c:188:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/idmapping.c:189:17: branch_true: ...to here
shadow-4.18.0/lib/idmapping.c:189:25: throw: if 'log_get_logfd' throws an exception...
shadow-4.18.0/lib/idmapping.c:189:25: danger: 'pos' leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#  187|   	}
#  188|   	if (pos == end || pos == NULL) {
#  189|-> 		fprintf(log_get_logfd(), _("%s: stpeprintf failed!\n"), log_get_progname());
#  190|   		exit(EXIT_FAILURE);
#  191|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def79]
shadow-4.18.0/lib/idmapping.c:194:14: warning[-Wanalyzer-malloc-leak]: leak of 'pos'
shadow-4.18.0/lib/idmapping.c:123:6: enter_function: entry to 'write_mapping'
shadow-4.18.0/lib/idmapping.c:176:21: call_function: inlined call to 'xmallocarray' from 'write_mapping'
shadow-4.18.0/lib/idmapping.c:181:23: branch_false: following 'false' branch (when 'idx >= ranges')...
shadow-4.18.0/lib/idmapping.c:188:13: branch_false: ...to here
shadow-4.18.0/lib/idmapping.c:188:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/idmapping.c:194:14: branch_false: ...to here
shadow-4.18.0/lib/idmapping.c:194:14: throw: if 'openat' throws an exception...
shadow-4.18.0/lib/idmapping.c:194:14: danger: 'pos' leaks here; was allocated at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#  192|   
#  193|   	/* Write the mapping to the mapping file */
#  194|-> 	fd = openat(proc_dir_fd, map_file, O_WRONLY);
#  195|   	if (fd < 0) {
#  196|   		fprintf(log_get_logfd(), _("%s: open of %s failed: %s\n"),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def80]
shadow-4.18.0/lib/idmapping.c:196:17: warning[-Wanalyzer-malloc-leak]: leak of 'pos'
shadow-4.18.0/lib/idmapping.c:123:6: enter_function: entry to 'write_mapping'
shadow-4.18.0/lib/idmapping.c:176:21: call_function: inlined call to 'xmallocarray' from 'write_mapping'
shadow-4.18.0/lib/idmapping.c:181:23: branch_false: following 'false' branch (when 'idx >= ranges')...
shadow-4.18.0/lib/idmapping.c:188:13: branch_false: ...to here
shadow-4.18.0/lib/idmapping.c:188:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/idmapping.c:194:14: branch_false: ...to here
shadow-4.18.0/lib/idmapping.c:195:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/idmapping.c:197:64: branch_true: ...to here
shadow-4.18.0/lib/idmapping.c:196:17: throw: if 'log_get_progname' throws an exception...
shadow-4.18.0/lib/idmapping.c:196:17: danger: 'pos' leaks here; was allocated at [(3)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/2)
#  194|   	fd = openat(proc_dir_fd, map_file, O_WRONLY);
#  195|   	if (fd < 0) {
#  196|-> 		fprintf(log_get_logfd(), _("%s: open of %s failed: %s\n"),
#  197|   			log_get_progname(), map_file, strerror(errno));
#  198|   		exit(EXIT_FAILURE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def81]
shadow-4.18.0/lib/idmapping.c:196:25: warning[-Wanalyzer-malloc-leak]: leak of 'pos'
shadow-4.18.0/lib/idmapping.c:123:6: enter_function: entry to 'write_mapping'
shadow-4.18.0/lib/idmapping.c:176:21: call_function: inlined call to 'xmallocarray' from 'write_mapping'
shadow-4.18.0/lib/idmapping.c:181:23: branch_false: following 'false' branch (when 'idx >= ranges')...
shadow-4.18.0/lib/idmapping.c:188:13: branch_false: ...to here
shadow-4.18.0/lib/idmapping.c:188:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/idmapping.c:194:14: branch_false: ...to here
shadow-4.18.0/lib/idmapping.c:195:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/idmapping.c:197:64: branch_true: ...to here
shadow-4.18.0/lib/idmapping.c:196:25: throw: if 'log_get_logfd' throws an exception...
shadow-4.18.0/lib/idmapping.c:196:25: danger: 'pos' leaks here; was allocated at [(3)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/2)
#  194|   	fd = openat(proc_dir_fd, map_file, O_WRONLY);
#  195|   	if (fd < 0) {
#  196|-> 		fprintf(log_get_logfd(), _("%s: open of %s failed: %s\n"),
#  197|   			log_get_progname(), map_file, strerror(errno));
#  198|   		exit(EXIT_FAILURE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def82]
shadow-4.18.0/lib/idmapping.c:200:13: warning[-Wanalyzer-malloc-leak]: leak of 'pos'
shadow-4.18.0/lib/idmapping.c:123:6: enter_function: entry to 'write_mapping'
shadow-4.18.0/lib/idmapping.c:176:21: call_function: inlined call to 'xmallocarray' from 'write_mapping'
shadow-4.18.0/lib/idmapping.c:181:23: branch_false: following 'false' branch (when 'idx >= ranges')...
shadow-4.18.0/lib/idmapping.c:188:13: branch_false: ...to here
shadow-4.18.0/lib/idmapping.c:188:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/idmapping.c:194:14: branch_false: ...to here
shadow-4.18.0/lib/idmapping.c:195:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/idmapping.c:200:33: branch_false: ...to here
shadow-4.18.0/lib/idmapping.c:200:13: throw: if 'write_full' throws an exception...
shadow-4.18.0/lib/idmapping.c:200:13: danger: 'pos' leaks here; was allocated at [(3)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/2)
#  198|   		exit(EXIT_FAILURE);
#  199|   	}
#  200|-> 	if (write_full(fd, buf, pos - buf) == -1) {
#  201|   		fprintf(log_get_logfd(), _("%s: write to %s failed: %s\n"),
#  202|   			log_get_progname(), map_file, strerror(errno));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def83]
shadow-4.18.0/lib/idmapping.c:201:17: warning[-Wanalyzer-malloc-leak]: leak of 'pos'
shadow-4.18.0/lib/idmapping.c:123:6: enter_function: entry to 'write_mapping'
shadow-4.18.0/lib/idmapping.c:176:21: call_function: inlined call to 'xmallocarray' from 'write_mapping'
shadow-4.18.0/lib/idmapping.c:181:23: branch_false: following 'false' branch (when 'idx >= ranges')...
shadow-4.18.0/lib/idmapping.c:188:13: branch_false: ...to here
shadow-4.18.0/lib/idmapping.c:188:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/idmapping.c:194:14: branch_false: ...to here
shadow-4.18.0/lib/idmapping.c:195:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/idmapping.c:200:33: branch_false: ...to here
shadow-4.18.0/lib/idmapping.c:200:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/idmapping.c:202:64: branch_true: ...to here
shadow-4.18.0/lib/idmapping.c:201:17: throw: if 'log_get_progname' throws an exception...
shadow-4.18.0/lib/idmapping.c:201:17: danger: 'pos' leaks here; was allocated at [(3)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/2)
#  199|   	}
#  200|   	if (write_full(fd, buf, pos - buf) == -1) {
#  201|-> 		fprintf(log_get_logfd(), _("%s: write to %s failed: %s\n"),
#  202|   			log_get_progname(), map_file, strerror(errno));
#  203|   		exit(EXIT_FAILURE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def84]
shadow-4.18.0/lib/idmapping.c:201:25: warning[-Wanalyzer-malloc-leak]: leak of 'pos'
shadow-4.18.0/lib/idmapping.c:123:6: enter_function: entry to 'write_mapping'
shadow-4.18.0/lib/idmapping.c:176:21: call_function: inlined call to 'xmallocarray' from 'write_mapping'
shadow-4.18.0/lib/idmapping.c:181:23: branch_false: following 'false' branch (when 'idx >= ranges')...
shadow-4.18.0/lib/idmapping.c:188:13: branch_false: ...to here
shadow-4.18.0/lib/idmapping.c:188:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/idmapping.c:194:14: branch_false: ...to here
shadow-4.18.0/lib/idmapping.c:195:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/idmapping.c:200:33: branch_false: ...to here
shadow-4.18.0/lib/idmapping.c:200:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/idmapping.c:202:64: branch_true: ...to here
shadow-4.18.0/lib/idmapping.c:201:25: throw: if 'log_get_logfd' throws an exception...
shadow-4.18.0/lib/idmapping.c:201:25: danger: 'pos' leaks here; was allocated at [(3)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/2)
#  199|   	}
#  200|   	if (write_full(fd, buf, pos - buf) == -1) {
#  201|-> 		fprintf(log_get_logfd(), _("%s: write to %s failed: %s\n"),
#  202|   			log_get_progname(), map_file, strerror(errno));
#  203|   		exit(EXIT_FAILURE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def85]
shadow-4.18.0/lib/idmapping.c:205:13: warning[-Wanalyzer-malloc-leak]: leak of 'pos'
shadow-4.18.0/lib/idmapping.c:123:6: enter_function: entry to 'write_mapping'
shadow-4.18.0/lib/idmapping.c:176:21: call_function: inlined call to 'xmallocarray' from 'write_mapping'
shadow-4.18.0/lib/idmapping.c:181:23: branch_false: following 'false' branch (when 'idx >= ranges')...
shadow-4.18.0/lib/idmapping.c:188:13: branch_false: ...to here
shadow-4.18.0/lib/idmapping.c:188:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/idmapping.c:194:14: branch_false: ...to here
shadow-4.18.0/lib/idmapping.c:195:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/idmapping.c:200:33: branch_false: ...to here
shadow-4.18.0/lib/idmapping.c:200:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/idmapping.c:205:13: branch_false: ...to here
shadow-4.18.0/lib/idmapping.c:205:13: throw: if 'close' throws an exception...
shadow-4.18.0/lib/idmapping.c:205:13: danger: 'pos' leaks here; was allocated at [(3)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/2)
#  203|   		exit(EXIT_FAILURE);
#  204|   	}
#  205|-> 	if (close(fd) != 0 && errno != EINTR) {
#  206|   		fprintf(log_get_logfd(), _("%s: closing %s failed: %s\n"),
#  207|   			log_get_progname(), map_file, strerror(errno));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def86]
shadow-4.18.0/lib/idmapping.c:206:17: warning[-Wanalyzer-malloc-leak]: leak of 'pos'
shadow-4.18.0/lib/idmapping.c:123:6: enter_function: entry to 'write_mapping'
shadow-4.18.0/lib/idmapping.c:176:21: call_function: inlined call to 'xmallocarray' from 'write_mapping'
shadow-4.18.0/lib/idmapping.c:181:23: branch_false: following 'false' branch (when 'idx >= ranges')...
shadow-4.18.0/lib/idmapping.c:188:13: branch_false: ...to here
shadow-4.18.0/lib/idmapping.c:188:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/idmapping.c:194:14: branch_false: ...to here
shadow-4.18.0/lib/idmapping.c:195:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/idmapping.c:200:33: branch_false: ...to here
shadow-4.18.0/lib/idmapping.c:200:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/idmapping.c:205:13: branch_false: ...to here
shadow-4.18.0/lib/idmapping.c:205:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/idmapping.c:206:17: throw: if 'log_get_progname' throws an exception...
shadow-4.18.0/lib/idmapping.c:206:17: danger: 'pos' leaks here; was allocated at [(3)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/2)
#  204|   	}
#  205|   	if (close(fd) != 0 && errno != EINTR) {
#  206|-> 		fprintf(log_get_logfd(), _("%s: closing %s failed: %s\n"),
#  207|   			log_get_progname(), map_file, strerror(errno));
#  208|   		exit(EXIT_FAILURE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def87]
shadow-4.18.0/lib/idmapping.c:206:25: warning[-Wanalyzer-malloc-leak]: leak of 'pos'
shadow-4.18.0/lib/idmapping.c:123:6: enter_function: entry to 'write_mapping'
shadow-4.18.0/lib/idmapping.c:176:21: call_function: inlined call to 'xmallocarray' from 'write_mapping'
shadow-4.18.0/lib/idmapping.c:181:23: branch_false: following 'false' branch (when 'idx >= ranges')...
shadow-4.18.0/lib/idmapping.c:188:13: branch_false: ...to here
shadow-4.18.0/lib/idmapping.c:188:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/idmapping.c:194:14: branch_false: ...to here
shadow-4.18.0/lib/idmapping.c:195:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/idmapping.c:200:33: branch_false: ...to here
shadow-4.18.0/lib/idmapping.c:200:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/idmapping.c:205:13: branch_false: ...to here
shadow-4.18.0/lib/idmapping.c:205:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/idmapping.c:206:25: throw: if 'log_get_logfd' throws an exception...
shadow-4.18.0/lib/idmapping.c:206:25: danger: 'pos' leaks here; was allocated at [(3)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/2)
#  204|   	}
#  205|   	if (close(fd) != 0 && errno != EINTR) {
#  206|-> 		fprintf(log_get_logfd(), _("%s: closing %s failed: %s\n"),
#  207|   			log_get_progname(), map_file, strerror(errno));
#  208|   		exit(EXIT_FAILURE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def88]
shadow-4.18.0/lib/list.c:64:25: warning[-Wanalyzer-malloc-leak]: leak of 'xreallocarray(0, (long unsigned int)(i + 2), 8)'
shadow-4.18.0/lib/list.c:32:1: enter_function: entry to 'add_list'
shadow-4.18.0/lib/list.c:37:9: branch_true: following 'true' branch (when 'member' is non-NULL)...
shadow-4.18.0/lib/list.c:38:9: branch_true: ...to here
shadow-4.18.0/lib/list.c:38:9: branch_true: following 'true' branch (when 'list' is non-NULL)...
shadow-4.18.0/lib/list.c:38:9: branch_true: ...to here
shadow-4.18.0/lib/list.c:56:15: call_function: inlined call to 'xmallocarray' from 'add_list'
shadow-4.18.0/lib/list.c:64:21: branch_false: following 'false' branch...
shadow-4.18.0/lib/list.c:68:12: branch_false: ...to here
shadow-4.18.0/lib/list.c:68:18: call_function: calling 'xstrdup' from 'add_list'
#   62|   	 */
#   63|   
#   64|-> 	for (i = 0; list[i] != NULL; i++) {
#   65|   		tmp[i] = list[i];
#   66|   	}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def89]
shadow-4.18.0/lib/list.c:65:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'xreallocarray(0, (long unsigned int)(i + 2), 8)'
shadow-4.18.0/lib/list.c:32:1: enter_function: entry to 'add_list'
shadow-4.18.0/lib/list.c:37:9: branch_true: following 'true' branch (when 'member' is non-NULL)...
shadow-4.18.0/lib/list.c:38:9: branch_true: ...to here
shadow-4.18.0/lib/list.c:38:9: branch_true: following 'true' branch (when 'list' is non-NULL)...
shadow-4.18.0/lib/list.c:38:9: branch_true: ...to here
shadow-4.18.0/lib/list.c:56:15: call_function: inlined call to 'xmallocarray' from 'add_list'
shadow-4.18.0/lib/list.c:64:21: branch_true: following 'true' branch...
shadow-4.18.0/lib/list.c:65:20: branch_true: ...to here
shadow-4.18.0/lib/list.c:65:17: danger: 'xreallocarray(0, (long unsigned int)(i + 2), 8) + (long unsigned int)i * 8' could be NULL: unchecked value from [(7)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/6)
#   63|   
#   64|   	for (i = 0; list[i] != NULL; i++) {
#   65|-> 		tmp[i] = list[i];
#   66|   	}
#   67|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def90]
shadow-4.18.0/lib/list.c:68:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'xreallocarray(0, (long unsigned int)(i + 2), 8)'
shadow-4.18.0/lib/list.c:32:1: enter_function: entry to 'add_list'
shadow-4.18.0/lib/list.c:37:9: branch_true: following 'true' branch (when 'member' is non-NULL)...
shadow-4.18.0/lib/list.c:38:9: branch_true: ...to here
shadow-4.18.0/lib/list.c:38:9: branch_true: following 'true' branch (when 'list' is non-NULL)...
shadow-4.18.0/lib/list.c:38:9: branch_true: ...to here
shadow-4.18.0/lib/list.c:56:15: call_function: inlined call to 'xmallocarray' from 'add_list'
shadow-4.18.0/lib/list.c:64:21: branch_false: following 'false' branch...
shadow-4.18.0/lib/list.c:68:12: branch_false: ...to here
shadow-4.18.0/lib/list.c:68:9: danger: 'xreallocarray(0, (long unsigned int)(i + 2), 8) + (long unsigned int)i * 8' could be NULL: unchecked value from [(7)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/6)
#   66|   	}
#   67|   
#   68|-> 	tmp[i] = xstrdup (member);
#   69|   	tmp[i+1] = NULL;
#   70|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def91]
shadow-4.18.0/lib/list.c:121:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'xreallocarray(0, (long unsigned int)(j + 1), 8)'
shadow-4.18.0/lib/list.c:83:1: enter_function: entry to 'del_list'
shadow-4.18.0/lib/list.c:88:9: branch_true: following 'true' branch (when 'member' is non-NULL)...
shadow-4.18.0/lib/list.c:89:9: branch_true: ...to here
shadow-4.18.0/lib/list.c:89:9: branch_true: following 'true' branch (when 'list' is non-NULL)...
shadow-4.18.0/lib/list.c:89:9: branch_true: ...to here
shadow-4.18.0/lib/list.c:102:12: branch_false: following 'false' branch (when 'i != j')...
shadow-4.18.0/lib/list.c:111:15: branch_false: ...to here
shadow-4.18.0/lib/list.c:111:15: call_function: inlined call to 'xmallocarray' from 'del_list'
shadow-4.18.0/lib/list.c:119:25: branch_true: following 'true' branch...
shadow-4.18.0/lib/list.c:120:22: call_function: inlined call to 'streq' from 'del_list'
shadow-4.18.0/lib/list.c:120:20: branch_true: following 'true' branch (when the strings are non-equal)...
shadow-4.18.0/lib/list.c:121:28: branch_true: ...to here
shadow-4.18.0/lib/list.c:121:25: danger: 'xreallocarray(0, (long unsigned int)(j + 1), 8) + (long unsigned int)j * 8' could be NULL: unchecked value from [(9)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/8)
#  119|   	for (i = j = 0; list[i] != NULL; i++) {
#  120|   		if (!streq(list[i], member)) {
#  121|-> 			tmp[j] = list[i];
#  122|   			j++;
#  123|   		}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def92]
shadow-4.18.0/lib/list.c:126:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'xreallocarray(0, (long unsigned int)(j + 1), 8)'
shadow-4.18.0/lib/list.c:83:1: enter_function: entry to 'del_list'
shadow-4.18.0/lib/list.c:88:9: branch_true: following 'true' branch (when 'member' is non-NULL)...
shadow-4.18.0/lib/list.c:89:9: branch_true: ...to here
shadow-4.18.0/lib/list.c:89:9: branch_true: following 'true' branch (when 'list' is non-NULL)...
shadow-4.18.0/lib/list.c:89:9: branch_true: ...to here
shadow-4.18.0/lib/list.c:102:12: branch_false: following 'false' branch (when 'i != j')...
shadow-4.18.0/lib/list.c:111:15: branch_false: ...to here
shadow-4.18.0/lib/list.c:111:15: call_function: inlined call to 'xmallocarray' from 'del_list'
shadow-4.18.0/lib/list.c:126:9: danger: 'xreallocarray(0, (long unsigned int)(j + 1), 8) + (long unsigned int)j * 8' could be NULL: unchecked value from [(9)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/8)
#  124|   	}
#  125|   
#  126|-> 	tmp[j] = NULL;
#  127|   
#  128|   	return tmp;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def93]
shadow-4.18.0/lib/list.c:150:24: warning[-Wanalyzer-malloc-leak]: leak of 'xreallocarray(0, (long unsigned int)(i + 1), 8)'
shadow-4.18.0/lib/list.c:138:1: enter_function: entry to 'dup_list'
shadow-4.18.0/lib/list.c:143:9: branch_true: following 'true' branch (when 'list' is non-NULL)...
shadow-4.18.0/lib/list.c:143:9: branch_true: ...to here
shadow-4.18.0/lib/list.c:147:15: call_function: inlined call to 'xmallocarray' from 'dup_list'
shadow-4.18.0/lib/list.c:150:16: branch_true: following 'true' branch...
shadow-4.18.0/lib/list.c:151:20: branch_true: ...to here
shadow-4.18.0/lib/list.c:151:26: call_function: calling 'xstrdup' from 'dup_list'
#  148|   
#  149|   	i = 0;
#  150|-> 	while (NULL != *list) {
#  151|   		tmp[i] = xstrdup (*list);
#  152|   		i++;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def94]
shadow-4.18.0/lib/list.c:150:24: warning[-Wanalyzer-malloc-leak]: leak of 'xreallocarray(0, strlen(str) + 1, 1)'
shadow-4.18.0/lib/list.c:138:1: enter_function: entry to 'dup_list'
shadow-4.18.0/lib/list.c:143:9: branch_true: following 'true' branch (when 'list' is non-NULL)...
shadow-4.18.0/lib/list.c:143:9: branch_true: ...to here
shadow-4.18.0/lib/list.c:150:16: branch_true: following 'true' branch...
shadow-4.18.0/lib/list.c:151:20: branch_true: ...to here
shadow-4.18.0/lib/list.c:151:26: call_function: calling 'xstrdup' from 'dup_list'
shadow-4.18.0/lib/list.c:151:26: return_function: returning to 'dup_list' from 'xstrdup'
shadow-4.18.0/lib/list.c:150:16: branch_true: following 'true' branch...
shadow-4.18.0/lib/list.c:151:20: branch_true: ...to here
shadow-4.18.0/lib/list.c:151:26: call_function: calling 'xstrdup' from 'dup_list'
#  148|   
#  149|   	i = 0;
#  150|-> 	while (NULL != *list) {
#  151|   		tmp[i] = xstrdup (*list);
#  152|   		i++;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def95]
shadow-4.18.0/lib/list.c:151:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'xreallocarray(0, (long unsigned int)(i + 1), 8)'
shadow-4.18.0/lib/list.c:138:1: enter_function: entry to 'dup_list'
shadow-4.18.0/lib/list.c:143:9: branch_true: following 'true' branch (when 'list' is non-NULL)...
shadow-4.18.0/lib/list.c:143:9: branch_true: ...to here
shadow-4.18.0/lib/list.c:147:15: call_function: inlined call to 'xmallocarray' from 'dup_list'
shadow-4.18.0/lib/list.c:150:16: branch_true: following 'true' branch...
shadow-4.18.0/lib/list.c:151:20: branch_true: ...to here
shadow-4.18.0/lib/list.c:151:17: danger: 'xreallocarray(0, (long unsigned int)(i + 1), 8) + (long unsigned int)i * 8' could be NULL: unchecked value from [(5)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/4)
#  149|   	i = 0;
#  150|   	while (NULL != *list) {
#  151|-> 		tmp[i] = xstrdup (*list);
#  152|   		i++;
#  153|   		list++;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def96]
shadow-4.18.0/lib/list.c:156:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'xreallocarray(0, (long unsigned int)(i + 1), 8)'
shadow-4.18.0/lib/list.c:138:1: enter_function: entry to 'dup_list'
shadow-4.18.0/lib/list.c:143:9: branch_true: following 'true' branch (when 'list' is non-NULL)...
shadow-4.18.0/lib/list.c:143:9: branch_true: ...to here
shadow-4.18.0/lib/list.c:147:15: call_function: inlined call to 'xmallocarray' from 'dup_list'
shadow-4.18.0/lib/list.c:150:16: branch_false: following 'false' branch...
shadow-4.18.0/lib/list.c:156:12: branch_false: ...to here
shadow-4.18.0/lib/list.c:156:9: danger: 'xreallocarray(0, (long unsigned int)(i + 1), 8) + (long unsigned int)i * 8' could be NULL: unchecked value from [(5)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/4)
#  154|   	}
#  155|   
#  156|-> 	tmp[i] = NULL;
#  157|   	return tmp;
#  158|   }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def97]
shadow-4.18.0/lib/list.c:213:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'xreallocarray(0, n, 8)'
shadow-4.18.0/lib/list.c:186:1: enter_function: entry to 'comma_to_list'
shadow-4.18.0/lib/list.c:192:9: branch_true: following 'true' branch (when 'comma' is non-NULL)...
shadow-4.18.0/lib/list.c:198:19: branch_true: ...to here
shadow-4.18.0/lib/list.c:206:17: call_function: inlined call to 'xmallocarray' from 'comma_to_list'
shadow-4.18.0/lib/list.c:212:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/list.c:213:17: branch_true: ...to here
shadow-4.18.0/lib/list.c:213:17: danger: 'xreallocarray(0, n, 8)' could be NULL: unchecked value from [(5)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/4)
#  211|   
#  212|   	if (streq(members, "")) {
#  213|-> 		*array = NULL;
#  214|   		free (members);
#  215|   		return array;

Error: GCC_ANALYZER_WARNING (CWE-688): [#def98]
shadow-4.18.0/lib/mail.c:42:21: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 'xaprintf("%s/new", mailbox)' where non-null expected
shadow-4.18.0/lib/mail.c:29:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/mail.c:36:19: branch_true: ...to here
shadow-4.18.0/lib/mail.c:37:12: branch_true: following 'true' branch (when 'mailbox' is non-NULL)...
shadow-4.18.0/lib/mail.c:40:27: branch_true: ...to here
shadow-4.18.0/lib/mail.c:40:27: acquire_memory: this call could return NULL
shadow-4.18.0/lib/mail.c:42:21: danger: argument 1 ('xaprintf("%s/new", mailbox)') from [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4) could be NULL where non-null expected
#   40|   		newmail = xaprintf("%s/new", mailbox);
#   41|   
#   42|-> 		if (stat (newmail, &statbuf) != -1 && statbuf.st_size != 0) {
#   43|   			if (statbuf.st_mtime > statbuf.st_atime) {
#   44|   				free(newmail);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def99]
shadow-4.18.0/lib/motd.c:57:9: warning[-Wanalyzer-malloc-leak]: leak of 'mb'
shadow-4.18.0/lib/motd.c:39:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/motd.c:42:20: branch_false: ...to here
shadow-4.18.0/lib/motd.c:42:20: acquire_memory: allocated here
shadow-4.18.0/lib/motd.c:43:12: branch_false: following 'false' branch (when 'motdlist' is non-NULL)...
shadow-4.18.0/lib/motd.c:46:9: branch_false: ...to here
shadow-4.18.0/lib/motd.c:57:9: throw: if 'fflush' throws an exception...
shadow-4.18.0/lib/motd.c:57:9: danger: 'mb' leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   55|   		fclose(fp);
#   56|   	}
#   57|-> 	fflush (stdout);
#   58|   
#   59|   	free (motdlist);

Error: COMPILER_WARNING (CWE-563): [#def100]
shadow-4.18.0/lib/commonio.c:30: included_from: Included from here.
shadow-4.18.0/lib/commonio.c: scope_hint: In function 'dec_lock_count'
shadow-4.18.0/lib/nscd.h:10:35: warning[-Wunused-value]: statement with no effect
#   10 | #define nscd_flush_cache(service) (0)
#      |                                   ^
shadow-4.18.0/lib/commonio.c:457:33: note: in expansion of macro 'nscd_flush_cache'
#  457 |                                 nscd_flush_cache ("passwd");
#      |                                 ^~~~~~~~~~~~~~~~
#    8|   extern int nscd_flush_cache (const char *service);
#    9|   #else
#   10|-> #define nscd_flush_cache(service) (0)
#   11|   #endif
#   12|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def101]
shadow-4.18.0/lib/pam_pass_non_interactive.c:62:25: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
shadow-4.18.0/lib/pam_pass_non_interactive.c:46:9: branch_true: following 'true' branch...
shadow-4.18.0/lib/pam_pass_non_interactive.c:48:12: branch_true: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:48:12: branch_false: following 'false' branch (when 'num_msg > 0')...
shadow-4.18.0/lib/pam_pass_non_interactive.c:52:21: branch_false: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:53:12: branch_false: following 'false' branch (when 'responses' is non-NULL)...
shadow-4.18.0/lib/pam_pass_non_interactive.c:53:12: branch_false: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:57:23: branch_true: following 'true' branch (when 'count < num_msg')...
shadow-4.18.0/lib/pam_pass_non_interactive.c:58:26: branch_true: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:67:49: acquire_memory: allocated here
shadow-4.18.0/lib/pam_pass_non_interactive.c:68:28: branch_false: following 'false' branch...
shadow-4.18.0/lib/pam_pass_non_interactive.c:57:40: branch_false: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:57:23: branch_true: following 'true' branch (when 'count < num_msg')...
shadow-4.18.0/lib/pam_pass_non_interactive.c:58:26: branch_true: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:62:25: throw: if 'log_get_progname' throws an exception...
shadow-4.18.0/lib/pam_pass_non_interactive.c:62:25: danger: '<unknown>' leaks here; was allocated at [(11)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/10)
#   60|   		switch (msg[count]->msg_style) {
#   61|   		case PAM_PROMPT_ECHO_ON:
#   62|-> 			fprintf (log_get_logfd(),
#   63|   			         _("%s: PAM modules requesting echoing are not supported.\n"),
#   64|   			         log_get_progname());

Error: GCC_ANALYZER_WARNING (CWE-401): [#def102]
shadow-4.18.0/lib/pam_pass_non_interactive.c:62:25: warning[-Wanalyzer-malloc-leak]: leak of 'responses'
shadow-4.18.0/lib/pam_pass_non_interactive.c:46:9: branch_true: following 'true' branch...
shadow-4.18.0/lib/pam_pass_non_interactive.c:48:12: branch_true: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:48:12: branch_false: following 'false' branch (when 'num_msg > 0')...
shadow-4.18.0/lib/pam_pass_non_interactive.c:52:21: branch_false: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:52:21: acquire_memory: allocated here
shadow-4.18.0/lib/pam_pass_non_interactive.c:53:12: branch_false: following 'false' branch (when 'responses' is non-NULL)...
shadow-4.18.0/lib/pam_pass_non_interactive.c:53:12: branch_false: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:57:23: branch_true: following 'true' branch (when 'count < num_msg')...
shadow-4.18.0/lib/pam_pass_non_interactive.c:58:26: branch_true: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:62:25: throw: if 'log_get_progname' throws an exception...
shadow-4.18.0/lib/pam_pass_non_interactive.c:62:25: danger: 'responses' leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#   60|   		switch (msg[count]->msg_style) {
#   61|   		case PAM_PROMPT_ECHO_ON:
#   62|-> 			fprintf (log_get_logfd(),
#   63|   			         _("%s: PAM modules requesting echoing are not supported.\n"),
#   64|   			         log_get_progname());

Error: GCC_ANALYZER_WARNING (CWE-401): [#def103]
shadow-4.18.0/lib/pam_pass_non_interactive.c:62:34: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
shadow-4.18.0/lib/pam_pass_non_interactive.c:46:9: branch_true: following 'true' branch...
shadow-4.18.0/lib/pam_pass_non_interactive.c:48:12: branch_true: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:48:12: branch_false: following 'false' branch (when 'num_msg > 0')...
shadow-4.18.0/lib/pam_pass_non_interactive.c:52:21: branch_false: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:53:12: branch_false: following 'false' branch (when 'responses' is non-NULL)...
shadow-4.18.0/lib/pam_pass_non_interactive.c:53:12: branch_false: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:57:23: branch_true: following 'true' branch (when 'count < num_msg')...
shadow-4.18.0/lib/pam_pass_non_interactive.c:58:26: branch_true: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:67:49: acquire_memory: allocated here
shadow-4.18.0/lib/pam_pass_non_interactive.c:68:28: branch_false: following 'false' branch...
shadow-4.18.0/lib/pam_pass_non_interactive.c:57:40: branch_false: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:57:23: branch_true: following 'true' branch (when 'count < num_msg')...
shadow-4.18.0/lib/pam_pass_non_interactive.c:58:26: branch_true: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:62:34: throw: if 'log_get_logfd' throws an exception...
shadow-4.18.0/lib/pam_pass_non_interactive.c:62:34: danger: '<unknown>' leaks here; was allocated at [(11)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/10)
#   60|   		switch (msg[count]->msg_style) {
#   61|   		case PAM_PROMPT_ECHO_ON:
#   62|-> 			fprintf (log_get_logfd(),
#   63|   			         _("%s: PAM modules requesting echoing are not supported.\n"),
#   64|   			         log_get_progname());

Error: GCC_ANALYZER_WARNING (CWE-401): [#def104]
shadow-4.18.0/lib/pam_pass_non_interactive.c:62:34: warning[-Wanalyzer-malloc-leak]: leak of 'responses'
shadow-4.18.0/lib/pam_pass_non_interactive.c:46:9: branch_true: following 'true' branch...
shadow-4.18.0/lib/pam_pass_non_interactive.c:48:12: branch_true: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:48:12: branch_false: following 'false' branch (when 'num_msg > 0')...
shadow-4.18.0/lib/pam_pass_non_interactive.c:52:21: branch_false: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:52:21: acquire_memory: allocated here
shadow-4.18.0/lib/pam_pass_non_interactive.c:53:12: branch_false: following 'false' branch (when 'responses' is non-NULL)...
shadow-4.18.0/lib/pam_pass_non_interactive.c:53:12: branch_false: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:57:23: branch_true: following 'true' branch (when 'count < num_msg')...
shadow-4.18.0/lib/pam_pass_non_interactive.c:58:26: branch_true: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:62:34: throw: if 'log_get_logfd' throws an exception...
shadow-4.18.0/lib/pam_pass_non_interactive.c:62:34: danger: 'responses' leaks here; was allocated at [(5)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/4)
#   60|   		switch (msg[count]->msg_style) {
#   61|   		case PAM_PROMPT_ECHO_ON:
#   62|-> 			fprintf (log_get_logfd(),
#   63|   			         _("%s: PAM modules requesting echoing are not supported.\n"),
#   64|   			         log_get_progname());

Error: GCC_ANALYZER_WARNING (CWE-401): [#def105]
shadow-4.18.0/lib/pam_pass_non_interactive.c:74:42: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
shadow-4.18.0/lib/pam_pass_non_interactive.c:46:9: branch_true: following 'true' branch...
shadow-4.18.0/lib/pam_pass_non_interactive.c:48:12: branch_true: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:48:12: branch_false: following 'false' branch (when 'num_msg > 0')...
shadow-4.18.0/lib/pam_pass_non_interactive.c:52:21: branch_false: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:53:12: branch_false: following 'false' branch (when 'responses' is non-NULL)...
shadow-4.18.0/lib/pam_pass_non_interactive.c:53:12: branch_false: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:57:23: branch_true: following 'true' branch (when 'count < num_msg')...
shadow-4.18.0/lib/pam_pass_non_interactive.c:58:26: branch_true: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:67:49: acquire_memory: allocated here
shadow-4.18.0/lib/pam_pass_non_interactive.c:68:28: branch_false: following 'false' branch...
shadow-4.18.0/lib/pam_pass_non_interactive.c:57:40: branch_false: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:57:23: branch_true: following 'true' branch (when 'count < num_msg')...
shadow-4.18.0/lib/pam_pass_non_interactive.c:58:26: branch_true: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:73:28: branch_false: following 'false' branch...
shadow-4.18.0/lib/pam_pass_non_interactive.c:74:42: branch_false: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:74:42: throw: if 'log_get_logfd' throws an exception...
shadow-4.18.0/lib/pam_pass_non_interactive.c:74:42: danger: '<unknown>' leaks here; was allocated at [(11)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/10)
#   72|   		case PAM_ERROR_MSG:
#   73|   			if (   (NULL == msg[count]->msg)
#   74|-> 			    || (fprintf (log_get_logfd(), "%s\n", msg[count]->msg) <0)) {
#   75|   				goto failed_conversation;
#   76|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def106]
shadow-4.18.0/lib/pam_pass_non_interactive.c:74:42: warning[-Wanalyzer-malloc-leak]: leak of 'responses'
shadow-4.18.0/lib/pam_pass_non_interactive.c:46:9: branch_true: following 'true' branch...
shadow-4.18.0/lib/pam_pass_non_interactive.c:48:12: branch_true: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:48:12: branch_false: following 'false' branch (when 'num_msg > 0')...
shadow-4.18.0/lib/pam_pass_non_interactive.c:52:21: branch_false: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:52:21: acquire_memory: allocated here
shadow-4.18.0/lib/pam_pass_non_interactive.c:53:12: branch_false: following 'false' branch (when 'responses' is non-NULL)...
shadow-4.18.0/lib/pam_pass_non_interactive.c:53:12: branch_false: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:57:23: branch_true: following 'true' branch (when 'count < num_msg')...
shadow-4.18.0/lib/pam_pass_non_interactive.c:58:26: branch_true: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:73:28: branch_false: following 'false' branch...
shadow-4.18.0/lib/pam_pass_non_interactive.c:74:42: branch_false: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:74:42: throw: if 'log_get_logfd' throws an exception...
shadow-4.18.0/lib/pam_pass_non_interactive.c:74:42: danger: 'responses' leaks here; was allocated at [(5)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/4)
#   72|   		case PAM_ERROR_MSG:
#   73|   			if (   (NULL == msg[count]->msg)
#   74|-> 			    || (fprintf (log_get_logfd(), "%s\n", msg[count]->msg) <0)) {
#   75|   				goto failed_conversation;
#   76|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def107]
shadow-4.18.0/lib/pam_pass_non_interactive.c:87:32: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
shadow-4.18.0/lib/pam_pass_non_interactive.c:46:9: branch_true: following 'true' branch...
shadow-4.18.0/lib/pam_pass_non_interactive.c:48:12: branch_true: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:48:12: branch_false: following 'false' branch (when 'num_msg > 0')...
shadow-4.18.0/lib/pam_pass_non_interactive.c:52:21: branch_false: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:53:12: branch_false: following 'false' branch (when 'responses' is non-NULL)...
shadow-4.18.0/lib/pam_pass_non_interactive.c:53:12: branch_false: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:57:23: branch_true: following 'true' branch (when 'count < num_msg')...
shadow-4.18.0/lib/pam_pass_non_interactive.c:58:26: branch_true: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:67:49: acquire_memory: allocated here
shadow-4.18.0/lib/pam_pass_non_interactive.c:68:28: branch_false: following 'false' branch...
shadow-4.18.0/lib/pam_pass_non_interactive.c:57:40: branch_false: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:57:23: branch_true: following 'true' branch (when 'count < num_msg')...
shadow-4.18.0/lib/pam_pass_non_interactive.c:58:26: branch_true: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:87:32: throw: if 'log_get_progname' throws an exception...
shadow-4.18.0/lib/pam_pass_non_interactive.c:87:32: danger: '<unknown>' leaks here; was allocated at [(11)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/10)
#   85|   			break;
#   86|   		default:
#   87|-> 			(void) fprintf (log_get_logfd(),
#   88|   			                _("%s: conversation type %d not supported.\n"),
#   89|   			                log_get_progname(), msg[count]->msg_style);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def108]
shadow-4.18.0/lib/pam_pass_non_interactive.c:87:32: warning[-Wanalyzer-malloc-leak]: leak of 'responses'
shadow-4.18.0/lib/pam_pass_non_interactive.c:46:9: branch_true: following 'true' branch...
shadow-4.18.0/lib/pam_pass_non_interactive.c:48:12: branch_true: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:48:12: branch_false: following 'false' branch (when 'num_msg > 0')...
shadow-4.18.0/lib/pam_pass_non_interactive.c:52:21: branch_false: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:52:21: acquire_memory: allocated here
shadow-4.18.0/lib/pam_pass_non_interactive.c:53:12: branch_false: following 'false' branch (when 'responses' is non-NULL)...
shadow-4.18.0/lib/pam_pass_non_interactive.c:53:12: branch_false: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:57:23: branch_true: following 'true' branch (when 'count < num_msg')...
shadow-4.18.0/lib/pam_pass_non_interactive.c:58:26: branch_true: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:87:32: throw: if 'log_get_progname' throws an exception...
shadow-4.18.0/lib/pam_pass_non_interactive.c:87:32: danger: 'responses' leaks here; was allocated at [(5)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/4)
#   85|   			break;
#   86|   		default:
#   87|-> 			(void) fprintf (log_get_logfd(),
#   88|   			                _("%s: conversation type %d not supported.\n"),
#   89|   			                log_get_progname(), msg[count]->msg_style);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def109]
shadow-4.18.0/lib/pam_pass_non_interactive.c:87:41: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
shadow-4.18.0/lib/pam_pass_non_interactive.c:46:9: branch_true: following 'true' branch...
shadow-4.18.0/lib/pam_pass_non_interactive.c:48:12: branch_true: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:48:12: branch_false: following 'false' branch (when 'num_msg > 0')...
shadow-4.18.0/lib/pam_pass_non_interactive.c:52:21: branch_false: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:53:12: branch_false: following 'false' branch (when 'responses' is non-NULL)...
shadow-4.18.0/lib/pam_pass_non_interactive.c:53:12: branch_false: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:57:23: branch_true: following 'true' branch (when 'count < num_msg')...
shadow-4.18.0/lib/pam_pass_non_interactive.c:58:26: branch_true: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:67:49: acquire_memory: allocated here
shadow-4.18.0/lib/pam_pass_non_interactive.c:68:28: branch_false: following 'false' branch...
shadow-4.18.0/lib/pam_pass_non_interactive.c:57:40: branch_false: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:57:23: branch_true: following 'true' branch (when 'count < num_msg')...
shadow-4.18.0/lib/pam_pass_non_interactive.c:58:26: branch_true: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:87:41: throw: if 'log_get_logfd' throws an exception...
shadow-4.18.0/lib/pam_pass_non_interactive.c:87:41: danger: '<unknown>' leaks here; was allocated at [(11)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/10)
#   85|   			break;
#   86|   		default:
#   87|-> 			(void) fprintf (log_get_logfd(),
#   88|   			                _("%s: conversation type %d not supported.\n"),
#   89|   			                log_get_progname(), msg[count]->msg_style);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def110]
shadow-4.18.0/lib/pam_pass_non_interactive.c:87:41: warning[-Wanalyzer-malloc-leak]: leak of 'responses'
shadow-4.18.0/lib/pam_pass_non_interactive.c:46:9: branch_true: following 'true' branch...
shadow-4.18.0/lib/pam_pass_non_interactive.c:48:12: branch_true: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:48:12: branch_false: following 'false' branch (when 'num_msg > 0')...
shadow-4.18.0/lib/pam_pass_non_interactive.c:52:21: branch_false: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:52:21: acquire_memory: allocated here
shadow-4.18.0/lib/pam_pass_non_interactive.c:53:12: branch_false: following 'false' branch (when 'responses' is non-NULL)...
shadow-4.18.0/lib/pam_pass_non_interactive.c:53:12: branch_false: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:57:23: branch_true: following 'true' branch (when 'count < num_msg')...
shadow-4.18.0/lib/pam_pass_non_interactive.c:58:26: branch_true: ...to here
shadow-4.18.0/lib/pam_pass_non_interactive.c:87:41: throw: if 'log_get_logfd' throws an exception...
shadow-4.18.0/lib/pam_pass_non_interactive.c:87:41: danger: 'responses' leaks here; was allocated at [(5)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/4)
#   85|   			break;
#   86|   		default:
#   87|-> 			(void) fprintf (log_get_logfd(),
#   88|   			                _("%s: conversation type %d not supported.\n"),
#   89|   			                log_get_progname(), msg[count]->msg_style);

Error: COMPILER_WARNING (CWE-563): [#def111]
shadow-4.18.0/lib/prefix_flag.c:42:14: warning[-Wunused-variable]: 'def_conf_file' defined but not used
#   42 | static char *def_conf_file = NULL;
#      |              ^~~~~~~~~~~~~
#   40|   static char *suid_db_file = NULL;
#   41|   static char *sgid_db_file = NULL;
#   42|-> static char *def_conf_file = NULL;
#   43|   static FILE* fp_pwent = NULL;
#   44|   static FILE* fp_grent = NULL;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def112]
shadow-4.18.0/lib/prefix_flag.c:156:31: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(group_db_file, "rt")'
shadow-4.18.0/lib/prefix_flag.c:149:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/prefix_flag.c:153:22: branch_true: ...to here
shadow-4.18.0/lib/prefix_flag.c:153:22: acquire_resource: opened here
shadow-4.18.0/lib/prefix_flag.c:154:20: branch_false: following 'false' branch...
shadow-4.18.0/lib/prefix_flag.c:154:20: branch_false: ...to here
shadow-4.18.0/lib/prefix_flag.c:156:31: throw: if 'fgetgrent' throws an exception...
shadow-4.18.0/lib/prefix_flag.c:156:31: danger: 'fopen(group_db_file, "rt")' leaks here; was opened at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#  154|   		if (!fg)
#  155|   			return NULL;
#  156|-> 		while ((grp = fgetgrent(fg)) != NULL) {
#  157|   			if (streq(name, grp->gr_name))
#  158|   				break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def113]
shadow-4.18.0/lib/prefix_flag.c:156:31: warning[-Wanalyzer-malloc-leak]: leak of 'fopen(group_db_file, "rt")'
shadow-4.18.0/lib/prefix_flag.c:149:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/prefix_flag.c:153:22: branch_true: ...to here
shadow-4.18.0/lib/prefix_flag.c:153:22: acquire_memory: allocated here
shadow-4.18.0/lib/prefix_flag.c:154:20: branch_false: following 'false' branch...
shadow-4.18.0/lib/prefix_flag.c:154:20: branch_false: ...to here
shadow-4.18.0/lib/prefix_flag.c:156:31: throw: if 'fgetgrent' throws an exception...
shadow-4.18.0/lib/prefix_flag.c:156:31: danger: 'fopen(group_db_file, "rt")' leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#  154|   		if (!fg)
#  155|   			return NULL;
#  156|-> 		while ((grp = fgetgrent(fg)) != NULL) {
#  157|   			if (streq(name, grp->gr_name))
#  158|   				break;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def114]
shadow-4.18.0/lib/prefix_flag.c:176:31: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(group_db_file, "rt")'
shadow-4.18.0/lib/prefix_flag.c:169:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/prefix_flag.c:173:22: branch_true: ...to here
shadow-4.18.0/lib/prefix_flag.c:173:22: acquire_resource: opened here
shadow-4.18.0/lib/prefix_flag.c:174:20: branch_false: following 'false' branch...
shadow-4.18.0/lib/prefix_flag.c:174:20: branch_false: ...to here
shadow-4.18.0/lib/prefix_flag.c:176:31: throw: if 'fgetgrent' throws an exception...
shadow-4.18.0/lib/prefix_flag.c:176:31: danger: 'fopen(group_db_file, "rt")' leaks here; was opened at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#  174|   		if (!fg)
#  175|   			return NULL;
#  176|-> 		while ((grp = fgetgrent(fg)) != NULL) {
#  177|   			if (gid == grp->gr_gid)
#  178|   				break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def115]
shadow-4.18.0/lib/prefix_flag.c:176:31: warning[-Wanalyzer-malloc-leak]: leak of 'fopen(group_db_file, "rt")'
shadow-4.18.0/lib/prefix_flag.c:169:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/prefix_flag.c:173:22: branch_true: ...to here
shadow-4.18.0/lib/prefix_flag.c:173:22: acquire_memory: allocated here
shadow-4.18.0/lib/prefix_flag.c:174:20: branch_false: following 'false' branch...
shadow-4.18.0/lib/prefix_flag.c:174:20: branch_false: ...to here
shadow-4.18.0/lib/prefix_flag.c:176:31: throw: if 'fgetgrent' throws an exception...
shadow-4.18.0/lib/prefix_flag.c:176:31: danger: 'fopen(group_db_file, "rt")' leaks here; was allocated at [(3)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/2)
#  174|   		if (!fg)
#  175|   			return NULL;
#  176|-> 		while ((grp = fgetgrent(fg)) != NULL) {
#  177|   			if (gid == grp->gr_gid)
#  178|   				break;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def116]
shadow-4.18.0/lib/prefix_flag.c:196:31: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(passwd_db_file, "rt")'
shadow-4.18.0/lib/prefix_flag.c:189:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/prefix_flag.c:193:22: branch_true: ...to here
shadow-4.18.0/lib/prefix_flag.c:193:22: acquire_resource: opened here
shadow-4.18.0/lib/prefix_flag.c:194:20: branch_false: following 'false' branch...
shadow-4.18.0/lib/prefix_flag.c:194:20: branch_false: ...to here
shadow-4.18.0/lib/prefix_flag.c:196:31: throw: if 'fgetpwent' throws an exception...
shadow-4.18.0/lib/prefix_flag.c:196:31: danger: 'fopen(passwd_db_file, "rt")' leaks here; was opened at [(3)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/2)
#  194|   		if (!fg)
#  195|   			return NULL;
#  196|-> 		while ((pwd = fgetpwent(fg)) != NULL) {
#  197|   			if (uid == pwd->pw_uid)
#  198|   				break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def117]
shadow-4.18.0/lib/prefix_flag.c:196:31: warning[-Wanalyzer-malloc-leak]: leak of 'fopen(passwd_db_file, "rt")'
shadow-4.18.0/lib/prefix_flag.c:189:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/prefix_flag.c:193:22: branch_true: ...to here
shadow-4.18.0/lib/prefix_flag.c:193:22: acquire_memory: allocated here
shadow-4.18.0/lib/prefix_flag.c:194:20: branch_false: following 'false' branch...
shadow-4.18.0/lib/prefix_flag.c:194:20: branch_false: ...to here
shadow-4.18.0/lib/prefix_flag.c:196:31: throw: if 'fgetpwent' throws an exception...
shadow-4.18.0/lib/prefix_flag.c:196:31: danger: 'fopen(passwd_db_file, "rt")' leaks here; was allocated at [(3)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/2)
#  194|   		if (!fg)
#  195|   			return NULL;
#  196|-> 		while ((pwd = fgetpwent(fg)) != NULL) {
#  197|   			if (uid == pwd->pw_uid)
#  198|   				break;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def118]
shadow-4.18.0/lib/prefix_flag.c:216:31: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(passwd_db_file, "rt")'
shadow-4.18.0/lib/prefix_flag.c:209:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/prefix_flag.c:213:22: branch_true: ...to here
shadow-4.18.0/lib/prefix_flag.c:213:22: acquire_resource: opened here
shadow-4.18.0/lib/prefix_flag.c:214:20: branch_false: following 'false' branch...
shadow-4.18.0/lib/prefix_flag.c:214:20: branch_false: ...to here
shadow-4.18.0/lib/prefix_flag.c:216:31: throw: if 'fgetpwent' throws an exception...
shadow-4.18.0/lib/prefix_flag.c:216:31: danger: 'fopen(passwd_db_file, "rt")' leaks here; was opened at [(3)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/2)
#  214|   		if (!fg)
#  215|   			return NULL;
#  216|-> 		while ((pwd = fgetpwent(fg)) != NULL) {
#  217|   			if (streq(name, pwd->pw_name))
#  218|   				break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def119]
shadow-4.18.0/lib/prefix_flag.c:216:31: warning[-Wanalyzer-malloc-leak]: leak of 'fopen(passwd_db_file, "rt")'
shadow-4.18.0/lib/prefix_flag.c:209:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/prefix_flag.c:213:22: branch_true: ...to here
shadow-4.18.0/lib/prefix_flag.c:213:22: acquire_memory: allocated here
shadow-4.18.0/lib/prefix_flag.c:214:20: branch_false: following 'false' branch...
shadow-4.18.0/lib/prefix_flag.c:214:20: branch_false: ...to here
shadow-4.18.0/lib/prefix_flag.c:216:31: throw: if 'fgetpwent' throws an exception...
shadow-4.18.0/lib/prefix_flag.c:216:31: danger: 'fopen(passwd_db_file, "rt")' leaks here; was allocated at [(3)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/2)
#  214|   		if (!fg)
#  215|   			return NULL;
#  216|-> 		while ((pwd = fgetpwent(fg)) != NULL) {
#  217|   			if (streq(name, pwd->pw_name))
#  218|   				break;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def120]
shadow-4.18.0/lib/prefix_flag.c:238:31: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(passwd_db_file, "rt")'
shadow-4.18.0/lib/prefix_flag.c:231:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/prefix_flag.c:235:22: branch_true: ...to here
shadow-4.18.0/lib/prefix_flag.c:235:22: acquire_resource: opened here
shadow-4.18.0/lib/prefix_flag.c:236:20: branch_false: following 'false' branch...
shadow-4.18.0/lib/prefix_flag.c:236:20: branch_false: ...to here
shadow-4.18.0/lib/prefix_flag.c:238:31: throw: if 'fgetpwent_r' throws an exception...
shadow-4.18.0/lib/prefix_flag.c:238:31: danger: 'fopen(passwd_db_file, "rt")' leaks here; was opened at [(3)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/2)
#  236|   		if (!fg)
#  237|   			return errno;
#  238|-> 		while ((ret = fgetpwent_r(fg, pwd, buf, buflen, result)) == 0) {
#  239|   			if (streq(name, pwd->pw_name))
#  240|   				break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def121]
shadow-4.18.0/lib/prefix_flag.c:238:31: warning[-Wanalyzer-malloc-leak]: leak of 'fopen(passwd_db_file, "rt")'
shadow-4.18.0/lib/prefix_flag.c:231:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/prefix_flag.c:235:22: branch_true: ...to here
shadow-4.18.0/lib/prefix_flag.c:235:22: acquire_memory: allocated here
shadow-4.18.0/lib/prefix_flag.c:236:20: branch_false: following 'false' branch...
shadow-4.18.0/lib/prefix_flag.c:236:20: branch_false: ...to here
shadow-4.18.0/lib/prefix_flag.c:238:31: throw: if 'fgetpwent_r' throws an exception...
shadow-4.18.0/lib/prefix_flag.c:238:31: danger: 'fopen(passwd_db_file, "rt")' leaks here; was allocated at [(3)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/2)
#  236|   		if (!fg)
#  237|   			return errno;
#  238|-> 		while ((ret = fgetpwent_r(fg, pwd, buf, buflen, result)) == 0) {
#  239|   			if (streq(name, pwd->pw_name))
#  240|   				break;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def122]
shadow-4.18.0/lib/prefix_flag.c:259:30: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(spw_db_file, "rt")'
shadow-4.18.0/lib/prefix_flag.c:252:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/prefix_flag.c:256:22: branch_true: ...to here
shadow-4.18.0/lib/prefix_flag.c:256:22: acquire_resource: opened here
shadow-4.18.0/lib/prefix_flag.c:257:20: branch_false: following 'false' branch...
shadow-4.18.0/lib/prefix_flag.c:257:20: branch_false: ...to here
shadow-4.18.0/lib/prefix_flag.c:259:30: throw: if 'fgetspent' throws an exception...
shadow-4.18.0/lib/prefix_flag.c:259:30: danger: 'fopen(spw_db_file, "rt")' leaks here; was opened at [(3)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/2)
#  257|   		if (!fg)
#  258|   			return NULL;
#  259|-> 		while ((sp = fgetspent(fg)) != NULL) {
#  260|   			if (streq(name, sp->sp_namp))
#  261|   				break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def123]
shadow-4.18.0/lib/prefix_flag.c:259:30: warning[-Wanalyzer-malloc-leak]: leak of 'fopen(spw_db_file, "rt")'
shadow-4.18.0/lib/prefix_flag.c:252:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/prefix_flag.c:256:22: branch_true: ...to here
shadow-4.18.0/lib/prefix_flag.c:256:22: acquire_memory: allocated here
shadow-4.18.0/lib/prefix_flag.c:257:20: branch_false: following 'false' branch...
shadow-4.18.0/lib/prefix_flag.c:257:20: branch_false: ...to here
shadow-4.18.0/lib/prefix_flag.c:259:30: throw: if 'fgetspent' throws an exception...
shadow-4.18.0/lib/prefix_flag.c:259:30: danger: 'fopen(spw_db_file, "rt")' leaks here; was allocated at [(3)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/2)
#  257|   		if (!fg)
#  258|   			return NULL;
#  259|-> 		while ((sp = fgetspent(fg)) != NULL) {
#  260|   			if (streq(name, sp->sp_namp))
#  261|   				break;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def124]
shadow-4.18.0/lib/readpassphrase.c:93:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open("/dev/tty", 2)'
shadow-4.18.0/lib/readpassphrase.c:63:12: branch_false: following 'false' branch (when 'bufsiz != 0')...
shadow-4.18.0/lib/readpassphrase.c:63:12: branch_false: ...to here
shadow-4.18.0/lib/readpassphrase.c:69:21: branch_true: following 'true' branch (when 'i != 65')...
shadow-4.18.0/lib/readpassphrase.c:70:17: branch_true: ...to here
shadow-4.18.0/lib/readpassphrase.c:78:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/readpassphrase.c:79:31: branch_false: ...to here
shadow-4.18.0/lib/readpassphrase.c:79:31: acquire_resource: opened here
shadow-4.18.0/lib/readpassphrase.c:78:13: branch_false: following 'false' branch...
shadow-4.18.0/lib/readpassphrase.c:93:12: branch_false: ...to here
shadow-4.18.0/lib/readpassphrase.c:93:12: danger: 'open("/dev/tty", 2)' leaks here; was opened at [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6)
#   91|   	 * generate SIGTTOU, so do it *before* installing the signal handlers.
#   92|   	 */
#   93|-> 	if (input != STDIN_FILENO && tcgetattr(input, &oterm) == 0) {
#   94|   		memcpy(&term, &oterm, sizeof(term));
#   95|   		if (!(flags & RPP_ECHO_ON))

Error: COMPILER_WARNING (CWE-252): [#def125]
shadow-4.18.0/lib/readpassphrase.c: scope_hint: In function 'readpassphrase'
shadow-4.18.0/lib/readpassphrase.c:128:23: warning[-Wunused-result]: ignoring return value of 'write' declared with attribute 'warn_unused_result'
#  128 |                 (void)write(output, prompt, strlen(prompt));
#      |                       ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  126|   
#  127|   	if (!(flags & RPP_STDIN))
#  128|-> 		(void)write(output, prompt, strlen(prompt));
#  129|   	end = buf + bufsiz - 1;
#  130|   	p = buf;

Error: COMPILER_WARNING (CWE-252): [#def126]
shadow-4.18.0/lib/readpassphrase.c:147:23: warning[-Wunused-result]: ignoring return value of 'write' declared with attribute 'warn_unused_result'
#  147 |                 (void)write(output, "\n", 1);
#      |                       ^~~~~~~~~~~~~~~~~~~~~~
#  145|   	save_errno = errno;
#  146|   	if (!(term.c_lflag & ECHO))
#  147|-> 		(void)write(output, "\n", 1);
#  148|   
#  149|   	/* Restore old terminal settings and signals. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def127]
shadow-4.18.0/lib/remove_tree.c:48:23: warning[-Wanalyzer-malloc-leak]: leak of 'fdopendir(openat(at_fd,  path, 720896))'
shadow-4.18.0/lib/remove_tree.c:35:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/remove_tree.c:39:15: branch_false: ...to here
shadow-4.18.0/lib/remove_tree.c:39:15: acquire_memory: allocated here
shadow-4.18.0/lib/remove_tree.c:40:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/remove_tree.c:40:12: branch_false: ...to here
shadow-4.18.0/lib/remove_tree.c:48:23: throw: if 'readdir' throws an exception...
shadow-4.18.0/lib/remove_tree.c:48:23: danger: 'fdopendir(openat(at_fd,  path, 720896))' leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   46|   	 * Open the source directory and delete each entry.
#   47|   	 */
#   48|-> 	while ((ent = readdir (dir))) {
#   49|   		struct stat ent_sb;
#   50|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def128]
shadow-4.18.0/lib/run_part.c:85:21: warning[-Wanalyzer-malloc-leak]: leak of 'aprintf("%s/%s", directory, &**_4.d_name)'
shadow-4.18.0/lib/run_part.c:48:5: enter_function: entry to 'run_parts'
shadow-4.18.0/lib/run_part.c:56:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/run_part.c:56:12: branch_false: ...to here
shadow-4.18.0/lib/run_part.c:60:19: branch_true: following 'true' branch...
shadow-4.18.0/lib/run_part.c:64:57: branch_true: ...to here
shadow-4.18.0/lib/run_part.c:64:21: acquire_memory: allocated here
shadow-4.18.0/lib/run_part.c:65:20: branch_false: following 'false' branch...
shadow-4.18.0/lib/run_part.c:75:21: branch_false: ...to here
shadow-4.18.0/lib/run_part.c:75:20: branch_false: following 'false' branch...
shadow-4.18.0/lib/run_part.c:85:21: branch_false: ...to here
shadow-4.18.0/lib/run_part.c:85:20: branch_true: following 'true' branch...
shadow-4.18.0/lib/run_part.c:86:42: branch_true: ...to here
shadow-4.18.0/lib/run_part.c:86:42: call_function: calling 'run_part' from 'run_parts'
#   83|   		}
#   84|   
#   85|-> 		if (S_ISREG(sb.st_mode) || S_ISLNK(sb.st_mode)) {
#   86|   			execute_result = run_part(s, name, action);
#   87|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def129]
shadow-4.18.0/lib/selinux.c:141:29: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/selinux.c:115:12: enter_function: entry to 'selinux_log_cb'
shadow-4.18.0/lib/selinux.c:123:15: call_function: calling 'vaprintf' from 'selinux_log_cb'
shadow-4.18.0/lib/selinux.c:123:15: return_function: returning to 'selinux_log_cb' from 'vaprintf'
shadow-4.18.0/lib/selinux.c:125:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/selinux.c:129:13: branch_false: ...to here
shadow-4.18.0/lib/selinux.c:129:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/selinux.c:130:36: branch_true: ...to here
shadow-4.18.0/lib/selinux.c:132:20: branch_true: following 'true' branch...
shadow-4.18.0/lib/selinux.c:135:33: branch_true: ...to here
shadow-4.18.0/lib/selinux.c:135:28: branch_true: following 'true' branch...
shadow-4.18.0/lib/selinux.c:135:32: branch_true: ...to here
shadow-4.18.0/lib/selinux.c:135:32: branch_true: following 'true' branch...
shadow-4.18.0/lib/selinux.c:139:36: branch_true: ...to here
shadow-4.18.0/lib/selinux.c:141:29: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/selinux.c:141:29: branch_true: ...to here
shadow-4.18.0/lib/selinux.c:141:29: acquire_memory: allocated here
shadow-4.18.0/lib/selinux.c:141:29: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/selinux.c:141:29: branch_true: ...to here
shadow-4.18.0/lib/selinux.c:141:29: throw: if 'syslog' throws an exception...
shadow-4.18.0/lib/selinux.c:141:29: danger: 'saved_locale' leaks here; was allocated at [(19)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/18)
#  139|   			    (void) fputs (_("Cannot open audit interface.\n"),
#  140|   			              shadow_logfd);
#  141|-> 			    SYSLOG ((LOG_WARN, "Cannot open audit interface."));
#  142|   			}
#  143|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def130]
shadow-4.18.0/lib/selinux.c:163:9: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/selinux.c:115:12: enter_function: entry to 'selinux_log_cb'
shadow-4.18.0/lib/selinux.c:123:15: call_function: calling 'vaprintf' from 'selinux_log_cb'
shadow-4.18.0/lib/selinux.c:123:15: return_function: returning to 'selinux_log_cb' from 'vaprintf'
shadow-4.18.0/lib/selinux.c:125:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/selinux.c:129:13: branch_false: ...to here
shadow-4.18.0/lib/selinux.c:163:9: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/selinux.c:163:9: branch_true: ...to here
shadow-4.18.0/lib/selinux.c:163:9: acquire_memory: allocated here
shadow-4.18.0/lib/selinux.c:163:9: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/selinux.c:163:9: branch_true: ...to here
shadow-4.18.0/lib/selinux.c:163:9: throw: if 'syslog' throws an exception...
shadow-4.18.0/lib/selinux.c:163:9: danger: 'saved_locale' leaks here; was allocated at [(11)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/10)
#  161|   #endif
#  162|   
#  163|-> 	SYSLOG ((LOG_WARN, "libselinux: %s", buf));
#  164|   
#  165|   skip_syslog:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def131]
shadow-4.18.0/lib/selinux.c:196:17: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/selinux.c:186:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/selinux.c:190:72: branch_false: ...to here
shadow-4.18.0/lib/selinux.c:192:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/selinux.c:195:48: branch_true: ...to here
shadow-4.18.0/lib/selinux.c:196:17: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/selinux.c:196:17: branch_true: ...to here
shadow-4.18.0/lib/selinux.c:196:17: acquire_memory: allocated here
shadow-4.18.0/lib/selinux.c:196:17: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/selinux.c:196:17: branch_true: ...to here
shadow-4.18.0/lib/selinux.c:196:17: throw: if 'syslog' throws an exception...
shadow-4.18.0/lib/selinux.c:196:17: danger: 'saved_locale' leaks here; was allocated at [(7)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/6)
#  194|   		    _("%s: can not get previous SELinux process context: %s\n"),
#  195|   		    shadow_progname, strerror (errno));
#  196|-> 		SYSLOG ((LOG_WARN,
#  197|   		    "can not get previous SELinux process context: %s",
#  198|   		    strerror (errno)));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def132]
shadow-4.18.0/lib/setugid.c:45:17: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/setugid.c:42:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/setugid.c:43:27: branch_true: ...to here
shadow-4.18.0/lib/setugid.c:45:17: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/setugid.c:45:17: branch_true: ...to here
shadow-4.18.0/lib/setugid.c:45:17: acquire_memory: allocated here
shadow-4.18.0/lib/setugid.c:45:17: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/setugid.c:45:17: branch_true: ...to here
shadow-4.18.0/lib/setugid.c:45:17: throw: if 'syslog' throws an exception...
shadow-4.18.0/lib/setugid.c:45:17: danger: 'saved_locale' leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#   43|   		int err = errno;
#   44|   		perror ("setgid");
#   45|-> 		SYSLOG ((LOG_ERR, "bad group ID `%d' for user `%s': %s\n",
#   46|   		         info->pw_gid, info->pw_name, strerror (err)));
#   47|   		closelog ();

Error: GCC_ANALYZER_WARNING (CWE-401): [#def133]
shadow-4.18.0/lib/setugid.c:58:17: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/setugid.c:42:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/setugid.c:55:40: branch_false: ...to here
shadow-4.18.0/lib/setugid.c:55:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/setugid.c:56:27: branch_true: ...to here
shadow-4.18.0/lib/setugid.c:58:17: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/setugid.c:58:17: branch_true: ...to here
shadow-4.18.0/lib/setugid.c:58:17: acquire_memory: allocated here
shadow-4.18.0/lib/setugid.c:58:17: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/setugid.c:58:17: branch_true: ...to here
shadow-4.18.0/lib/setugid.c:58:17: throw: if 'syslog' throws an exception...
shadow-4.18.0/lib/setugid.c:58:17: danger: 'saved_locale' leaks here; was allocated at [(7)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/6)
#   56|   		int err = errno;
#   57|   		perror ("initgroups");
#   58|-> 		SYSLOG ((LOG_ERR, "initgroups failed for user `%s': %s\n",
#   59|   		         info->pw_name, strerror (err)));
#   60|   		closelog ();

Error: GCC_ANALYZER_WARNING (CWE-401): [#def134]
shadow-4.18.0/lib/setugid.c:80:17: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/setugid.c:80:17: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/setugid.c:80:17: branch_true: ...to here
shadow-4.18.0/lib/setugid.c:80:17: acquire_memory: allocated here
shadow-4.18.0/lib/setugid.c:80:17: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/setugid.c:80:17: branch_true: ...to here
shadow-4.18.0/lib/setugid.c:80:17: throw: if 'syslog' throws an exception...
shadow-4.18.0/lib/setugid.c:80:17: danger: 'saved_locale' leaks here; was allocated at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#   78|   		int err = errno;
#   79|   		perror ("setuid");
#   80|-> 		SYSLOG ((LOG_ERR, "bad user ID `%d' for user `%s': %s\n",
#   81|   		         (int) info->pw_uid, info->pw_name, strerror (err)));
#   82|   		closelog ();

Error: GCC_ANALYZER_WARNING (CWE-401): [#def135]
shadow-4.18.0/lib/setupenv.c:193:25: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/setupenv.c:189:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/setupenv.c:190:22: branch_true: ...to here
shadow-4.18.0/lib/setupenv.c:193:25: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/setupenv.c:193:25: branch_true: ...to here
shadow-4.18.0/lib/setupenv.c:193:25: acquire_memory: allocated here
shadow-4.18.0/lib/setupenv.c:193:25: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/setupenv.c:193:25: branch_true: ...to here
shadow-4.18.0/lib/setupenv.c:193:25: throw: if 'syslog' throws an exception...
shadow-4.18.0/lib/setupenv.c:193:25: danger: 'saved_locale' leaks here; was allocated at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
#  191|   			fprintf (log_get_logfd(), _("Unable to cd to '%s'\n"),
#  192|   				 info->pw_dir);
#  193|-> 			SYSLOG ((LOG_WARN,
#  194|   				 "unable to cd to `%s' for user `%s'\n",
#  195|   				 info->pw_dir, info->pw_name));

Error: COMPILER_WARNING (CWE-563): [#def136]
shadow-4.18.0/lib/commonio.c:36: included_from: Included from here.
shadow-4.18.0/lib/sssd.h:13:35: warning[-Wunused-value]: statement with no effect
#   13 | #define sssd_flush_cache(service) (0)
#      |                                   ^
shadow-4.18.0/lib/commonio.c:459:33: note: in expansion of macro 'sssd_flush_cache'
#  459 |                                 sssd_flush_cache (SSSD_DB_PASSWD | SSSD_DB_GROUP);
#      |                                 ^~~~~~~~~~~~~~~~
#   11|   extern int sssd_flush_cache (int dbflags);
#   12|   #else
#   13|-> #define sssd_flush_cache(service) (0)
#   14|   #endif
#   15|   

Error: GCC_ANALYZER_WARNING (CWE-688): [#def137]
shadow-4.18.0/lib/string/memset/memzero.h:44:16: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 's' where non-null expected
shadow-4.18.0/lib/obscure.c:82:44: enter_function: entry to 'password_check'
shadow-4.18.0/lib/obscure.c:96:19: acquire_memory: this call could return NULL
shadow-4.18.0/lib/obscure.c:109:14: call_function: calling 'strzero' from 'password_check'
#   42|   strzero(char *s)
#   43|   {
#   44|-> 	return memzero(s, strlen(s));
#   45|   }
#   46|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def138]
shadow-4.18.0/lib/string/strcmp/streq.h:27:16: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(getdef_str("TTYTYPE_FILE"), "r")'
shadow-4.18.0/lib/ttytype.c:36:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/ttytype.c:39:20: branch_false: ...to here
shadow-4.18.0/lib/ttytype.c:40:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/ttytype.c:44:14: branch_false: ...to here
shadow-4.18.0/lib/ttytype.c:44:14: acquire_resource: opened here
shadow-4.18.0/lib/ttytype.c:45:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/ttytype.c:45:12: branch_false: ...to here
shadow-4.18.0/lib/ttytype.c:51:20: branch_false: following 'false' branch...
shadow-4.18.0/lib/ttytype.c:51:20: branch_false: ...to here
shadow-4.18.0/lib/ttytype.c:62:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/ttytype.c:63:17: throw: if 'addenv' throws an exception...
shadow-4.18.0/lib/ttytype.c:62:54: call_function: inlined call to 'streq' from 'ttytype'
#   25|   streq(const char *s1, const char *s2)
#   26|   {
#   27|-> 	return strcmp(s1, s2) == 0;
#   28|   }
#   29|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def139]
shadow-4.18.0/lib/string/strcmp/streq.h:27:16: warning[-Wanalyzer-malloc-leak]: leak of 'fopen(getdef_str("TTYTYPE_FILE"), "r")'
shadow-4.18.0/lib/ttytype.c:36:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/ttytype.c:39:20: branch_false: ...to here
shadow-4.18.0/lib/ttytype.c:40:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/ttytype.c:44:14: branch_false: ...to here
shadow-4.18.0/lib/ttytype.c:44:14: acquire_memory: allocated here
shadow-4.18.0/lib/ttytype.c:45:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/ttytype.c:45:12: branch_false: ...to here
shadow-4.18.0/lib/ttytype.c:51:20: branch_false: following 'false' branch...
shadow-4.18.0/lib/ttytype.c:51:20: branch_false: ...to here
shadow-4.18.0/lib/ttytype.c:62:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/ttytype.c:63:17: throw: if 'addenv' throws an exception...
shadow-4.18.0/lib/ttytype.c:62:54: call_function: inlined call to 'streq' from 'ttytype'
#   25|   streq(const char *s1, const char *s2)
#   26|   {
#   27|-> 	return strcmp(s1, s2) == 0;
#   28|   }
#   29|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def140]
shadow-4.18.0/lib/string/strcmp/streq.h:27:16: warning[-Wanalyzer-malloc-leak]: leak of 'strtolower(xstrdup(old))'
shadow-4.18.0/lib/obscure.c:82:44: enter_function: entry to 'password_check'
shadow-4.18.0/lib/obscure.c:94:19: call_function: calling 'xstrdup' from 'password_check'
shadow-4.18.0/lib/obscure.c:94:19: return_function: returning to 'password_check' from 'xstrdup'
shadow-4.18.0/lib/obscure.c:95:19: call_function: calling 'xstrdup' from 'password_check'
shadow-4.18.0/lib/obscure.c:95:19: return_function: returning to 'password_check' from 'xstrdup'
shadow-4.18.0/lib/obscure.c:96:19: throw: if 'xaprintf' throws an exception...
shadow-4.18.0/lib/string/ctype/strtoascii/strtolower.h:25:30: call_function: inlined call to 'streq' from 'strtolower'
#   25|   streq(const char *s1, const char *s2)
#   26|   {
#   27|-> 	return strcmp(s1, s2) == 0;
#   28|   }
#   29|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def141]
shadow-4.18.0/lib/string/strcmp/streq.h:27:16: warning[-Wanalyzer-malloc-leak]: leak of 'xreallocarray(0, strlen(str) + 1, 1)'
shadow-4.18.0/lib/obscure.c:82:44: enter_function: entry to 'password_check'
shadow-4.18.0/lib/obscure.c:94:19: call_function: calling 'xstrdup' from 'password_check'
shadow-4.18.0/lib/obscure.c:94:19: return_function: returning to 'password_check' from 'xstrdup'
shadow-4.18.0/lib/obscure.c:95:19: call_function: calling 'xstrdup' from 'password_check'
#   25|   streq(const char *s1, const char *s2)
#   26|   {
#   27|-> 	return strcmp(s1, s2) == 0;
#   28|   }
#   29|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def142]
shadow-4.18.0/lib/string/strcmp/streq.h:27:16: warning[-Wanalyzer-malloc-leak]: leak of ‘xreallocarray(0, strlen(str) + 1, 1)’
shadow-4.18.0/src/useradd.c:2397:5: enter_function: entry to ‘main’
shadow-4.18.0/src/useradd.c:2442:9: call_function: calling ‘get_defaults’ from ‘main’
#   25|   streq(const char *s1, const char *s2)
#   26|   {
#   27|-> 	return strcmp(s1, s2) == 0;
#   28|   }
#   29|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def143]
shadow-4.18.0/lib/string/strcpy/strtcpy.h:66:16: warning[-Wanalyzer-malloc-leak]: leak of ‘agetpass(dcgettext(0, "New Password: ", 5))’
shadow-4.18.0/src/gpasswd.c:787:13: enter_function: entry to ‘change_passwd’
shadow-4.18.0/src/gpasswd.c:805:27: branch_true: following ‘true’ branch (when ‘retries != 3’)...
shadow-4.18.0/src/gpasswd.c:806:32: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:806:22: acquire_memory: allocated here
shadow-4.18.0/src/gpasswd.c:807:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:811:17: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:811:17: call_function: calling ‘strtcpy’ from ‘change_passwd’
shadow-4.18.0/src/gpasswd.c:811:17: return_function: returning to ‘change_passwd’ from ‘strtcpy’
shadow-4.18.0/lib/string/strcpy/strtcpy.h:66:16: danger: ‘agetpass(dcgettext(0, "New Password: ", 5))’ leaks here; was allocated at [(4)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/3)
#   64|   	slen = strnlen(src, dsize);
#   65|   	trunc = (slen == dsize);
#   66|-> 	dlen = slen - trunc;
#   67|   
#   68|   	stpcpy(mempcpy(dst, src, dlen), "");

Error: GCC_ANALYZER_WARNING (CWE-688): [#def144]
shadow-4.18.0/lib/string/strdup/xstrdup.h:28:16: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 'xreallocarray(0, strlen(str) + 1, 1)' where non-null expected
shadow-4.18.0/lib/string/strdup/xstrdup.h:26:1: enter_function: entry to 'xstrdup'
shadow-4.18.0/lib/string/strdup/xstrdup.h:28:23: call_function: inlined call to 'xmallocarray' from 'xstrdup'
shadow-4.18.0/lib/string/strdup/xstrdup.h:28:16: danger: argument 1 ('xreallocarray(0, strlen(str) + 1, 1)') from [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2) could be NULL where non-null expected
#   26|   xstrdup(const char *str)
#   27|   {
#   28|-> 	return strcpy(XMALLOC(strlen(str) + 1, char), str);
#   29|   }
#   30|   

Error: GCC_ANALYZER_WARNING (CWE-688): [#def145]
shadow-4.18.0/lib/string/strdup/xstrdup.h:28:16: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xreallocarray(0, strlen(str) + 1, 1)’ where non-null expected
shadow-4.18.0/lib/string/strdup/xstrdup.h:26:1: enter_function: entry to ‘xstrdup’
shadow-4.18.0/lib/string/strdup/xstrdup.h:28:23: call_function: inlined call to ‘xmallocarray’ from ‘xstrdup’
shadow-4.18.0/lib/string/strdup/xstrdup.h:28:16: danger: argument 1 (‘xreallocarray(0, strlen(str) + 1, 1)’) from [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2) could be NULL where non-null expected
#   26|   xstrdup(const char *str)
#   27|   {
#   28|-> 	return strcpy(XMALLOC(strlen(str) + 1, char), str);
#   29|   }
#   30|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def146]
shadow-4.18.0/lib/string/strdup/xstrdup.h:28:23: warning[-Wanalyzer-malloc-leak]: leak of 'xreallocarray(0, strlen(str) + 1, 1)'
shadow-4.18.0/lib/obscure.c:202:6: enter_function: entry to 'obscure'
shadow-4.18.0/lib/obscure.c:204:27: call_function: calling 'obscure_msg' from 'obscure'
#   26|   xstrdup(const char *str)
#   27|   {
#   28|-> 	return strcpy(XMALLOC(strlen(str) + 1, char), str);
#   29|   }
#   30|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def147]
shadow-4.18.0/lib/string/strdup/xstrdup.h:28:23: warning[-Wanalyzer-malloc-leak]: leak of 'xstrdup(comma)'
shadow-4.18.0/lib/list.c:186:1: enter_function: entry to 'comma_to_list'
shadow-4.18.0/lib/list.c:192:9: branch_true: following 'true' branch (when 'comma' is non-NULL)...
shadow-4.18.0/lib/list.c:198:19: branch_true: ...to here
shadow-4.18.0/lib/list.c:198:19: call_function: calling 'xstrdup' from 'comma_to_list'
shadow-4.18.0/lib/list.c:198:19: return_function: returning to 'comma_to_list' from 'xstrdup'
shadow-4.18.0/lib/list.c:206:17: call_function: inlined call to 'xmallocarray' from 'comma_to_list'
shadow-4.18.0/lib/string/strdup/xstrdup.h:28:23: danger: 'xstrdup(comma)' leaks here; was allocated at [(7)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/6)
#   26|   xstrdup(const char *str)
#   27|   {
#   28|-> 	return strcpy(XMALLOC(strlen(str) + 1, char), str);
#   29|   }
#   30|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def148]
shadow-4.18.0/lib/string/strdup/xstrdup.h:28:23: warning[-Wanalyzer-malloc-leak]: leak of 'xstrdup(old)'
shadow-4.18.0/lib/obscure.c:202:6: enter_function: entry to 'obscure'
shadow-4.18.0/lib/obscure.c:204:27: call_function: calling 'obscure_msg' from 'obscure'
#   26|   xstrdup(const char *str)
#   27|   {
#   28|-> 	return strcpy(XMALLOC(strlen(str) + 1, char), str);
#   29|   }
#   30|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def149]
shadow-4.18.0/lib/string/strdup/xstrdup.h:28:23: warning[-Wanalyzer-malloc-leak]: leak of ‘xreallocarray(0, n_args + 3, 8)’
shadow-4.18.0/src/su.c:235:13: enter_function: entry to ‘execve_shell’
shadow-4.18.0/src/su.c:243:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/su.c:243:12: branch_true: ...to here
shadow-4.18.0/src/su.c:253:25: call_function: inlined call to ‘xmallocarray’ from ‘execve_shell’
shadow-4.18.0/src/su.c:256:28: call_function: calling ‘xstrdup’ from ‘execve_shell’
#   26|   xstrdup(const char *str)
#   27|   {
#   28|-> 	return strcpy(XMALLOC(strlen(str) + 1, char), str);
#   29|   }
#   30|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def150]
shadow-4.18.0/lib/string/strdup/xstrdup.h:28:23: warning[-Wanalyzer-malloc-leak]: leak of ‘xreallocarray(0, strlen(str) + 1, 1)’
shadow-4.18.0/src/newgrp.c:233:13: enter_function: entry to ‘syslog_sg’
shadow-4.18.0/src/newgrp.c:239:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newgrp.c:240:30: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:240:30: call_function: calling ‘xstrdup’ from ‘syslog_sg’
shadow-4.18.0/src/newgrp.c:240:30: return_function: returning to ‘syslog_sg’ from ‘xstrdup’
shadow-4.18.0/src/newgrp.c:243:12: branch_true: following ‘true’ branch (when ‘tty’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:244:28: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:244:28: call_function: calling ‘xstrdup’ from ‘syslog_sg’
#   26|   xstrdup(const char *str)
#   27|   {
#   28|-> 	return strcpy(XMALLOC(strlen(str) + 1, char), str);
#   29|   }
#   30|   

Error: COMPILER_WARNING (CWE-704): [#def151]
shadow-4.18.0/lib/string/strspn/stprcspn.h:13: included_from: Included from here.
shadow-4.18.0/lib/basename.c:20: included_from: Included from here.
shadow-4.18.0/lib/string/strspn/strrcspn.h: scope_hint: In function 'strrcspn'
shadow-4.18.0/lib/string/strspn/strrcspn.h:29:11: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type
#   29 |         p = strnul(s);
#      |           ^
#   27|   	char  *p;
#   28|   
#   29|-> 	p = strnul(s);
#   30|   	while (p > s) {
#   31|   		p--;

Error: COMPILER_WARNING (CWE-704): [#def152]
shadow-4.18.0/lib/string/strspn/strrcspn.h:29:11: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type
#   27|   	char  *p;
#   28|   
#   29|-> 	p = strnul(s);
#   30|   	while (p > s) {
#   31|   		p--;

Error: COMPILER_WARNING (CWE-704): [#def153]
shadow-4.18.0/lib/string/strspn/stprspn.h:13: included_from: Included from here.
shadow-4.18.0/lib/fields.c:23: included_from: Included from here.
shadow-4.18.0/lib/string/strspn/strrspn.h: scope_hint: In function 'strrspn_'
shadow-4.18.0/lib/string/strspn/strrspn.h:29:11: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type
#   29 |         p = strnul(s);
#      |           ^
#   27|   	char  *p;
#   28|   
#   29|-> 	p = strnul(s);
#   30|   	while (p > s) {
#   31|   		p--;

Error: COMPILER_WARNING (CWE-704): [#def154]
shadow-4.18.0/lib/string/strspn/strrspn.h:29:11: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type
#   27|   	char  *p;
#   28|   
#   29|-> 	p = strnul(s);
#   30|   	while (p > s) {
#   31|   		p--;

Error: COMPILER_WARNING (CWE-704): [#def155]
shadow-4.18.0/lib/string/strspn/stprspn.h:13: included_from: Included from here.
shadow-4.18.0/src/suauth.c:25: included_from: Included from here.
shadow-4.18.0/lib/string/strspn/strrspn.h: scope_hint: In function ‘strrspn_’
shadow-4.18.0/lib/string/strspn/strrspn.h:29:11: warning[-Wdiscarded-qualifiers]: assignment discards ‘const’ qualifier from pointer target type
#   29 |         p = strnul(s);
#      |           ^
#   27|   	char  *p;
#   28|   
#   29|-> 	p = strnul(s);
#   30|   	while (p > s) {
#   31|   		p--;

Error: COMPILER_WARNING (CWE-704): [#def156]
shadow-4.18.0/lib/string/strspn/strrspn.h:29:11: warning[-Wdiscarded-qualifiers]: assignment discards ‘const’ qualifier from pointer target type
#   27|   	char  *p;
#   28|   
#   29|-> 	p = strnul(s);
#   30|   	while (p > s) {
#   31|   		p--;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def157]
shadow-4.18.0/lib/string/strtok/stpsep.h:30:16: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(default_file, "r")’
shadow-4.18.0/src/useradd.c:2397:5: enter_function: entry to ‘main’
shadow-4.18.0/src/useradd.c:2442:9: call_function: calling ‘get_defaults’ from ‘main’
#   28|   	strsep(&s, delim);
#   29|   
#   30|-> 	return s;
#   31|   }
#   32|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def158]
shadow-4.18.0/lib/string/strtok/stpsep.h:30:16: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(default_file, "r")’
shadow-4.18.0/src/useradd.c:2397:5: enter_function: entry to ‘main’
shadow-4.18.0/src/useradd.c:2442:9: call_function: calling ‘get_defaults’ from ‘main’
#   28|   	strsep(&s, delim);
#   29|   
#   30|-> 	return s;
#   31|   }
#   32|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def159]
shadow-4.18.0/lib/string/strtok/strsep2arr.h:41:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'a'
shadow-4.18.0/lib/list.c:186:1: enter_function: entry to 'comma_to_list'
shadow-4.18.0/lib/list.c:192:9: branch_true: following 'true' branch (when 'comma' is non-NULL)...
shadow-4.18.0/lib/list.c:198:19: branch_true: ...to here
shadow-4.18.0/lib/list.c:206:17: call_function: inlined call to 'xmallocarray' from 'comma_to_list'
shadow-4.18.0/lib/list.c:212:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/list.c:218:9: branch_false: ...to here
shadow-4.18.0/lib/list.c:218:9: call_function: calling 'strsep2ls' from 'comma_to_list'
#   39|   
#   40|   	for (i = 0; i < n && s != NULL; i++)
#   41|-> 		a[i] = strsep(&s, delim);
#   42|   
#   43|   	if (s != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def160]
shadow-4.18.0/lib/sub.c:39:17: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/sub.c:37:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/sub.c:38:25: branch_true: ...to here
shadow-4.18.0/lib/sub.c:39:17: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/sub.c:39:17: branch_true: ...to here
shadow-4.18.0/lib/sub.c:39:17: acquire_memory: allocated here
shadow-4.18.0/lib/sub.c:39:17: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/sub.c:39:17: branch_true: ...to here
shadow-4.18.0/lib/sub.c:39:17: throw: if 'syslog' throws an exception...
shadow-4.18.0/lib/sub.c:39:17: danger: 'saved_locale' leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#   37|   	if (++depth > MAX_DEPTH) {
#   38|   		printf (_("Maximum subsystem depth reached\n"));
#   39|-> 		SYSLOG ((LOG_WARN, MAX_SUBROOT2));
#   40|   		closelog ();
#   41|   		exit (EXIT_FAILURE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def161]
shadow-4.18.0/lib/sub.c:50:17: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/sub.c:37:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/sub.c:48:13: branch_false: ...to here
shadow-4.18.0/lib/sub.c:48:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/sub.c:49:25: branch_true: ...to here
shadow-4.18.0/lib/sub.c:50:17: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/sub.c:50:17: branch_true: ...to here
shadow-4.18.0/lib/sub.c:50:17: acquire_memory: allocated here
shadow-4.18.0/lib/sub.c:50:17: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/sub.c:50:17: branch_true: ...to here
shadow-4.18.0/lib/sub.c:50:17: throw: if 'syslog' throws an exception...
shadow-4.18.0/lib/sub.c:50:17: danger: 'saved_locale' leaks here; was allocated at [(7)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/6)
#   48|   	if (pw->pw_dir[0] != '/') {
#   49|   		printf (_("Invalid root directory '%s'\n"), pw->pw_dir);
#   50|-> 		SYSLOG ((LOG_WARN, BAD_SUBROOT2, pw->pw_dir, pw->pw_name));
#   51|   		closelog ();
#   52|   		exit (EXIT_FAILURE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def162]
shadow-4.18.0/lib/sub.c:64:17: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/sub.c:37:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/sub.c:48:13: branch_false: ...to here
shadow-4.18.0/lib/sub.c:48:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/sub.c:60:17: branch_false: ...to here
shadow-4.18.0/lib/sub.c:64:17: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/sub.c:64:17: branch_true: ...to here
shadow-4.18.0/lib/sub.c:64:17: acquire_memory: allocated here
shadow-4.18.0/lib/sub.c:64:17: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/sub.c:64:17: branch_true: ...to here
shadow-4.18.0/lib/sub.c:64:17: throw: if 'syslog' throws an exception...
shadow-4.18.0/lib/sub.c:64:17: danger: 'saved_locale' leaks here; was allocated at [(7)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/6)
#   62|   		(void) printf (_("Can't change root directory to '%s'\n"),
#   63|   		               pw->pw_dir);
#   64|-> 		SYSLOG ((LOG_WARN, NO_SUBROOT2, pw->pw_dir, pw->pw_name));
#   65|   		closelog ();
#   66|   		exit (EXIT_FAILURE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def163]
shadow-4.18.0/lib/subordinateio.c:673:16: warning[-Wanalyzer-malloc-leak]: leak of 'ranges'
shadow-4.18.0/lib/subordinateio.c:845:5: enter_function: entry to 'list_owner_ranges'
shadow-4.18.0/lib/subordinateio.c:860:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/subordinateio.c:867:9: branch_false: ...to here
shadow-4.18.0/lib/subordinateio.c:869:20: branch_false: following 'false' branch...
shadow-4.18.0/lib/subordinateio.c:884:25: branch_false: ...to here
shadow-4.18.0/lib/subordinateio.c:884:25: call_function: calling 'get_owner_id' from 'list_owner_ranges'
shadow-4.18.0/lib/subordinateio.c:884:25: return_function: returning to 'list_owner_ranges' from 'get_owner_id'
shadow-4.18.0/lib/subordinateio.c:887:16: branch_true: following 'true' branch...
shadow-4.18.0/lib/subordinateio.c:888:27: branch_true: ...to here
shadow-4.18.0/lib/subordinateio.c:889:30: call_function: calling 'append_range' from 'list_owner_ranges'
shadow-4.18.0/lib/subordinateio.c:889:30: return_function: returning to 'list_owner_ranges' from 'append_range'
shadow-4.18.0/lib/subordinateio.c:889:28: branch_true: following 'true' branch...
shadow-4.18.0/lib/subordinateio.c:898:20: branch_true: ...to here
shadow-4.18.0/lib/subordinateio.c:898:20: branch_true: following 'true' branch...
shadow-4.18.0/lib/subordinateio.c:899:30: call_function: calling 'append_range' from 'list_owner_ranges'
shadow-4.18.0/lib/subordinateio.c:899:30: return_function: returning to 'list_owner_ranges' from 'append_range'
shadow-4.18.0/lib/subordinateio.c:899:28: branch_true: following 'true' branch...
shadow-4.18.0/lib/subordinateio.c:899:28: branch_true: ...to here
shadow-4.18.0/lib/subordinateio.c:909:12: branch_true: following 'true' branch (when 'id_type == 1')...
shadow-4.18.0/lib/subordinateio.c:910:17: branch_true: ...to here
shadow-4.18.0/lib/subordinateio.c:910:17: call_function: calling 'sub_uid_close' from 'list_owner_ranges'
#  671|   int sub_uid_close (void)
#  672|   {
#  673|-> 	return commonio_close (&subordinate_uid_db);
#  674|   }
#  675|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def164]
shadow-4.18.0/lib/subordinateio.c:780:16: warning[-Wanalyzer-malloc-leak]: leak of 'ranges'
shadow-4.18.0/lib/subordinateio.c:845:5: enter_function: entry to 'list_owner_ranges'
shadow-4.18.0/lib/subordinateio.c:860:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/subordinateio.c:867:9: branch_false: ...to here
shadow-4.18.0/lib/subordinateio.c:875:20: branch_false: following 'false' branch...
shadow-4.18.0/lib/subordinateio.c:884:25: branch_false: ...to here
shadow-4.18.0/lib/subordinateio.c:884:25: call_function: calling 'get_owner_id' from 'list_owner_ranges'
shadow-4.18.0/lib/subordinateio.c:884:25: return_function: returning to 'list_owner_ranges' from 'get_owner_id'
shadow-4.18.0/lib/subordinateio.c:887:16: branch_true: following 'true' branch...
shadow-4.18.0/lib/subordinateio.c:888:27: branch_true: ...to here
shadow-4.18.0/lib/subordinateio.c:889:30: call_function: calling 'append_range' from 'list_owner_ranges'
shadow-4.18.0/lib/subordinateio.c:889:30: return_function: returning to 'list_owner_ranges' from 'append_range'
shadow-4.18.0/lib/subordinateio.c:889:28: branch_true: following 'true' branch...
shadow-4.18.0/lib/subordinateio.c:898:20: branch_true: ...to here
shadow-4.18.0/lib/subordinateio.c:898:20: branch_true: following 'true' branch...
shadow-4.18.0/lib/subordinateio.c:899:30: call_function: calling 'append_range' from 'list_owner_ranges'
shadow-4.18.0/lib/subordinateio.c:899:30: return_function: returning to 'list_owner_ranges' from 'append_range'
shadow-4.18.0/lib/subordinateio.c:899:28: branch_true: following 'true' branch...
shadow-4.18.0/lib/subordinateio.c:899:28: branch_true: ...to here
shadow-4.18.0/lib/subordinateio.c:909:12: branch_false: following 'false' branch (when 'id_type != 1')...
shadow-4.18.0/lib/subordinateio.c:912:17: branch_false: ...to here
shadow-4.18.0/lib/subordinateio.c:912:17: call_function: calling 'sub_gid_close' from 'list_owner_ranges'
#  778|   int sub_gid_close (void)
#  779|   {
#  780|-> 	return commonio_close (&subordinate_gid_db);
#  781|   }
#  782|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def165]
shadow-4.18.0/lib/subordinateio.c:887:25: warning[-Wanalyzer-malloc-leak]: leak of 'ranges'
shadow-4.18.0/lib/subordinateio.c:845:5: enter_function: entry to 'list_owner_ranges'
shadow-4.18.0/lib/subordinateio.c:860:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/subordinateio.c:867:9: branch_false: ...to here
shadow-4.18.0/lib/subordinateio.c:869:20: branch_false: following 'false' branch...
shadow-4.18.0/lib/subordinateio.c:884:25: branch_false: ...to here
shadow-4.18.0/lib/subordinateio.c:884:25: call_function: calling 'get_owner_id' from 'list_owner_ranges'
shadow-4.18.0/lib/subordinateio.c:884:25: return_function: returning to 'list_owner_ranges' from 'get_owner_id'
shadow-4.18.0/lib/subordinateio.c:887:16: branch_true: following 'true' branch...
shadow-4.18.0/lib/subordinateio.c:888:27: branch_true: ...to here
shadow-4.18.0/lib/subordinateio.c:889:30: call_function: calling 'append_range' from 'list_owner_ranges'
shadow-4.18.0/lib/subordinateio.c:889:30: return_function: returning to 'list_owner_ranges' from 'append_range'
shadow-4.18.0/lib/subordinateio.c:889:28: branch_true: following 'true' branch...
shadow-4.18.0/lib/subordinateio.c:898:20: branch_true: ...to here
shadow-4.18.0/lib/subordinateio.c:898:20: branch_true: following 'true' branch...
shadow-4.18.0/lib/subordinateio.c:899:30: call_function: calling 'append_range' from 'list_owner_ranges'
shadow-4.18.0/lib/subordinateio.c:899:30: return_function: returning to 'list_owner_ranges' from 'append_range'
shadow-4.18.0/lib/subordinateio.c:899:28: branch_true: following 'true' branch...
shadow-4.18.0/lib/subordinateio.c:899:28: branch_true: ...to here
shadow-4.18.0/lib/subordinateio.c:887:25: throw: if 'commonio_next' throws an exception...
shadow-4.18.0/lib/subordinateio.c:887:25: danger: 'ranges' leaks here; was allocated at [(30)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/29)
#  885|   
#  886|   	commonio_rewind(db);
#  887|-> 	while ((range = commonio_next(db)) != NULL) {
#  888|   		if (streq(range->owner, owner)) {
#  889|   			if (!append_range(&ranges, range, count++)) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def166]
shadow-4.18.0/lib/sulog.c:35:17: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/sulog.c:34:12: branch_true: following 'true' branch (when 'success != 0')...
shadow-4.18.0/lib/sulog.c:35:17: branch_true: ...to here
shadow-4.18.0/lib/sulog.c:35:17: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/sulog.c:35:17: branch_true: ...to here
shadow-4.18.0/lib/sulog.c:35:17: acquire_memory: allocated here
shadow-4.18.0/lib/sulog.c:35:17: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/sulog.c:35:17: branch_true: ...to here
shadow-4.18.0/lib/sulog.c:35:17: throw: if 'syslog' throws an exception...
shadow-4.18.0/lib/sulog.c:35:17: danger: 'saved_locale' leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#   33|   
#   34|   	if (success) {
#   35|-> 		SYSLOG ((LOG_INFO,
#   36|   			"Successful su for %s by %s",name,oldname));
#   37|   	} else {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def167]
shadow-4.18.0/lib/sulog.c:38:17: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/sulog.c:34:12: branch_false: following 'false' branch (when 'success == 0')...
shadow-4.18.0/lib/sulog.c:38:17: branch_false: ...to here
shadow-4.18.0/lib/sulog.c:38:17: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/sulog.c:38:17: branch_true: ...to here
shadow-4.18.0/lib/sulog.c:38:17: acquire_memory: allocated here
shadow-4.18.0/lib/sulog.c:38:17: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/sulog.c:38:17: branch_true: ...to here
shadow-4.18.0/lib/sulog.c:38:17: throw: if 'syslog' throws an exception...
shadow-4.18.0/lib/sulog.c:38:17: danger: 'saved_locale' leaks here; was allocated at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
#   36|   			"Successful su for %s by %s",name,oldname));
#   37|   	} else {
#   38|-> 		SYSLOG ((LOG_NOTICE,
#   39|   			"FAILED su for %s by %s",name,oldname));
#   40|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def168]
shadow-4.18.0/lib/sulog.c:52:17: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/sulog.c:35:17: branch_false: following 'false' branch (when 'saved_locale' is NULL)...
shadow-4.18.0/lib/sulog.c:42:22: branch_false: ...to here
shadow-4.18.0/lib/sulog.c:43:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/sulog.c:47:18: branch_false: ...to here
shadow-4.18.0/lib/sulog.c:51:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/sulog.c:52:17: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/sulog.c:52:17: branch_true: ...to here
shadow-4.18.0/lib/sulog.c:52:17: acquire_memory: allocated here
shadow-4.18.0/lib/sulog.c:52:17: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/sulog.c:52:17: branch_true: ...to here
shadow-4.18.0/lib/sulog.c:52:17: throw: if 'syslog' throws an exception...
shadow-4.18.0/lib/sulog.c:52:17: danger: 'saved_locale' leaks here; was allocated at [(9)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/8)
#   50|   	 * the wrong group ownership. */
#   51|   	if ((oldgid != 0) && (setgid (0) != 0)) {
#   52|-> 		SYSLOG ((LOG_INFO,
#   53|   		         "su session not logged to %s", sulog_file));
#   54|   		/* Continue, but do not switch back to oldgid later */

Error: GCC_ANALYZER_WARNING (CWE-775): [#def169]
shadow-4.18.0/lib/sulog.c:59:13: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(getdef_str("SULOG_FILE"), "a+")'
shadow-4.18.0/lib/sulog.c:35:17: branch_false: following 'false' branch (when 'saved_locale' is NULL)...
shadow-4.18.0/lib/sulog.c:42:22: branch_false: ...to here
shadow-4.18.0/lib/sulog.c:43:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/sulog.c:47:18: branch_false: ...to here
shadow-4.18.0/lib/sulog.c:57:14: acquire_resource: opened here
shadow-4.18.0/lib/sulog.c:59:12: branch_true: following 'true' branch (when 'oldgid != 0')...
shadow-4.18.0/lib/sulog.c:59:31: branch_true: ...to here
shadow-4.18.0/lib/sulog.c:59:13: danger: 'fopen(getdef_str("SULOG_FILE"), "a+")' leaks here; was opened at [(5)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/4)
#   57|   	fp = fopen (sulog_file, "a+");
#   58|   	(void) umask (oldmask);
#   59|-> 	if ((oldgid != 0) && (setgid (oldgid) != 0)) {
#   60|   		perror ("setgid");
#   61|   		SYSLOG ((LOG_ERR,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def170]
shadow-4.18.0/lib/sulog.c:59:13: warning[-Wanalyzer-malloc-leak]: leak of 'fopen(getdef_str("SULOG_FILE"), "a+")'
shadow-4.18.0/lib/sulog.c:35:17: branch_false: following 'false' branch (when 'saved_locale' is NULL)...
shadow-4.18.0/lib/sulog.c:42:22: branch_false: ...to here
shadow-4.18.0/lib/sulog.c:43:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/sulog.c:47:18: branch_false: ...to here
shadow-4.18.0/lib/sulog.c:57:14: acquire_memory: allocated here
shadow-4.18.0/lib/sulog.c:59:12: branch_true: following 'true' branch (when 'oldgid != 0')...
shadow-4.18.0/lib/sulog.c:59:31: branch_true: ...to here
shadow-4.18.0/lib/sulog.c:59:13: danger: 'fopen(getdef_str("SULOG_FILE"), "a+")' leaks here; was allocated at [(5)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/4)
#   57|   	fp = fopen (sulog_file, "a+");
#   58|   	(void) umask (oldmask);
#   59|-> 	if ((oldgid != 0) && (setgid (oldgid) != 0)) {
#   60|   		perror ("setgid");
#   61|   		SYSLOG ((LOG_ERR,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def171]
shadow-4.18.0/lib/sulog.c:61:17: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/sulog.c:35:17: branch_false: following 'false' branch (when 'saved_locale' is NULL)...
shadow-4.18.0/lib/sulog.c:42:22: branch_false: ...to here
shadow-4.18.0/lib/sulog.c:43:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/sulog.c:47:18: branch_false: ...to here
shadow-4.18.0/lib/sulog.c:59:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/sulog.c:61:17: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/sulog.c:61:17: branch_true: ...to here
shadow-4.18.0/lib/sulog.c:61:17: acquire_memory: allocated here
shadow-4.18.0/lib/sulog.c:61:17: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/sulog.c:61:17: branch_true: ...to here
shadow-4.18.0/lib/sulog.c:61:17: throw: if 'syslog' throws an exception...
shadow-4.18.0/lib/sulog.c:61:17: danger: 'saved_locale' leaks here; was allocated at [(9)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/8)
#   59|   	if ((oldgid != 0) && (setgid (oldgid) != 0)) {
#   60|   		perror ("setgid");
#   61|-> 		SYSLOG ((LOG_ERR,
#   62|   		         "can't switch back to group `%d' in sulog",
#   63|   		         oldgid));

Error: GCC_ANALYZER_WARNING (CWE-775): [#def172]
shadow-4.18.0/lib/sulog.c:74:9: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(getdef_str("SULOG_FILE"), "a+")'
shadow-4.18.0/lib/sulog.c:35:17: branch_false: following 'false' branch (when 'saved_locale' is NULL)...
shadow-4.18.0/lib/sulog.c:42:22: branch_false: ...to here
shadow-4.18.0/lib/sulog.c:43:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/sulog.c:47:18: branch_false: ...to here
shadow-4.18.0/lib/sulog.c:57:14: acquire_resource: opened here
shadow-4.18.0/lib/sulog.c:67:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/sulog.c:71:15: branch_false: ...to here
shadow-4.18.0/lib/sulog.c:78:16: throw: if 'fflush' throws an exception...
shadow-4.18.0/lib/sulog.c:74:9: danger: 'fopen(getdef_str("SULOG_FILE"), "a+")' leaks here; was opened at [(5)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/4)
#   72|   	tm = localtime (&now);
#   73|   
#   74|-> 	fprintf (fp, "SU %.02d/%.02d %.02d:%.02d %c %s %s-%s\n",
#   75|   		 tm->tm_mon + 1, tm->tm_mday, tm->tm_hour, tm->tm_min,
#   76|   		 success ? '+' : '-', tty, oldname, name);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def173]
shadow-4.18.0/lib/sulog.c:74:9: warning[-Wanalyzer-malloc-leak]: leak of 'fopen(getdef_str("SULOG_FILE"), "a+")'
shadow-4.18.0/lib/sulog.c:35:17: branch_false: following 'false' branch (when 'saved_locale' is NULL)...
shadow-4.18.0/lib/sulog.c:42:22: branch_false: ...to here
shadow-4.18.0/lib/sulog.c:43:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/sulog.c:47:18: branch_false: ...to here
shadow-4.18.0/lib/sulog.c:57:14: acquire_memory: allocated here
shadow-4.18.0/lib/sulog.c:67:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/sulog.c:71:15: branch_false: ...to here
shadow-4.18.0/lib/sulog.c:78:16: throw: if 'fflush' throws an exception...
shadow-4.18.0/lib/sulog.c:74:9: danger: 'fopen(getdef_str("SULOG_FILE"), "a+")' leaks here; was allocated at [(5)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/4)
#   72|   	tm = localtime (&now);
#   73|   
#   74|-> 	fprintf (fp, "SU %.02d/%.02d %.02d:%.02d %c %s %s-%s\n",
#   75|   		 tm->tm_mon + 1, tm->tm_mday, tm->tm_hour, tm->tm_min,
#   76|   		 success ? '+' : '-', tty, oldname, name);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def174]
shadow-4.18.0/lib/user_busy.c:188:17: warning[-Wanalyzer-malloc-leak]: leak of 'opendir("/proc")'
shadow-4.18.0/lib/user_busy.c:179:16: acquire_memory: allocated here
shadow-4.18.0/lib/user_busy.c:180:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/user_busy.c:187:13: branch_false: ...to here
shadow-4.18.0/lib/user_busy.c:187:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/user_busy.c:188:17: branch_true: ...to here
shadow-4.18.0/lib/user_busy.c:188:17: throw: if 'perror' throws an exception...
shadow-4.18.0/lib/user_busy.c:188:17: danger: 'opendir("/proc")' leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  186|   	}
#  187|   	if (stat ("/", &sbroot) != 0) {
#  188|-> 		perror ("stat (\"/\")");
#  189|   		(void) closedir (proc);
#  190|   #ifdef ENABLE_SUBIDS

Error: GCC_ANALYZER_WARNING (CWE-401): [#def175]
shadow-4.18.0/lib/user_busy.c:189:24: warning[-Wanalyzer-malloc-leak]: leak of 'opendir("/proc")'
shadow-4.18.0/lib/user_busy.c:179:16: acquire_memory: allocated here
shadow-4.18.0/lib/user_busy.c:180:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/user_busy.c:187:13: branch_false: ...to here
shadow-4.18.0/lib/user_busy.c:187:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/user_busy.c:188:17: branch_true: ...to here
shadow-4.18.0/lib/user_busy.c:189:24: danger: 'opendir("/proc")' leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  187|   	if (stat ("/", &sbroot) != 0) {
#  188|   		perror ("stat (\"/\")");
#  189|-> 		(void) closedir (proc);
#  190|   #ifdef ENABLE_SUBIDS
#  191|   		sub_uid_close();

Error: GCC_ANALYZER_WARNING (CWE-401): [#def176]
shadow-4.18.0/lib/user_busy.c:196:23: warning[-Wanalyzer-malloc-leak]: leak of 'opendir("/proc")'
shadow-4.18.0/lib/user_busy.c:179:16: acquire_memory: allocated here
shadow-4.18.0/lib/user_busy.c:180:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/user_busy.c:187:13: branch_false: ...to here
shadow-4.18.0/lib/user_busy.c:187:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/user_busy.c:187:12: branch_false: ...to here
shadow-4.18.0/lib/user_busy.c:196:23: throw: if 'readdir' throws an exception...
shadow-4.18.0/lib/user_busy.c:196:23: danger: 'opendir("/proc")' leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#  194|   	}
#  195|   
#  196|-> 	while ((ent = readdir (proc)) != NULL) {
#  197|   		tmp_d_name = ent->d_name;
#  198|   		/*

Error: GCC_ANALYZER_WARNING (CWE-401): [#def177]
shadow-4.18.0/lib/utmp.c:102:25: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/utmp.c:90:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/utmp.c:99:14: branch_false: ...to here
shadow-4.18.0/lib/utmp.c:100:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/utmp.c:101:21: branch_true: ...to here
shadow-4.18.0/lib/utmp.c:101:20: branch_true: following 'true' branch...
shadow-4.18.0/lib/utmp.c:102:25: branch_true: ...to here
shadow-4.18.0/lib/utmp.c:102:25: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/utmp.c:102:25: branch_true: ...to here
shadow-4.18.0/lib/utmp.c:102:25: acquire_memory: allocated here
shadow-4.18.0/lib/utmp.c:102:25: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/utmp.c:102:25: branch_true: ...to here
shadow-4.18.0/lib/utmp.c:102:25: throw: if 'syslog' throws an exception...
shadow-4.18.0/lib/utmp.c:102:25: danger: 'saved_locale' leaks here; was allocated at [(9)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/8)
#  100|   	if (-1 == fd) {
#  101|   		if (errno != ENOENT) {
#  102|-> 			SYSLOG ((LOG_WARN,
#  103|   			        "Can't append failure of user %s to %s: %m",
#  104|   			        username, ftmp));

Error: GCC_ANALYZER_WARNING (CWE-775): [#def178]
shadow-4.18.0/lib/utmp.c:113:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open(getdef_str("FTMP_FILE"), 1025)'
shadow-4.18.0/lib/utmp.c:90:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/utmp.c:99:14: branch_false: ...to here
shadow-4.18.0/lib/utmp.c:99:14: acquire_resource: opened here
shadow-4.18.0/lib/utmp.c:100:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/utmp.c:113:13: branch_false: ...to here
shadow-4.18.0/lib/utmp.c:113:13: throw: if 'write_full' throws an exception...
shadow-4.18.0/lib/utmp.c:113:13: danger: 'open(getdef_str("FTMP_FILE"), 1025)' leaks here; was opened at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#  111|   	 */
#  112|   
#  113|-> 	if (write_full(fd, failent, sizeof *failent) == -1) {
#  114|   		goto err_write;
#  115|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def179]
shadow-4.18.0/lib/utmp.c:130:9: warning[-Wanalyzer-malloc-leak]: leak of 'saved_locale'
shadow-4.18.0/lib/utmp.c:90:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/utmp.c:99:14: branch_false: ...to here
shadow-4.18.0/lib/utmp.c:100:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/utmp.c:113:13: branch_false: ...to here
shadow-4.18.0/lib/utmp.c:130:9: branch_true: following 'true' branch (when 'old_locale' is non-NULL)...
shadow-4.18.0/lib/utmp.c:130:9: branch_true: ...to here
shadow-4.18.0/lib/utmp.c:130:9: acquire_memory: allocated here
shadow-4.18.0/lib/utmp.c:130:9: branch_true: following 'true' branch (when 'saved_locale' is non-NULL)...
shadow-4.18.0/lib/utmp.c:130:9: branch_true: ...to here
shadow-4.18.0/lib/utmp.c:130:9: throw: if 'syslog' throws an exception...
shadow-4.18.0/lib/utmp.c:130:9: danger: 'saved_locale' leaks here; was allocated at [(7)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/6)
#  128|   	}
#  129|   err_close:
#  130|-> 	SYSLOG ((LOG_WARN,
#  131|   	         "Can't append failure of user %s to %s: %m",
#  132|   	         username, ftmp));

Error: GCC_ANALYZER_WARNING (CWE-688): [#def180]
shadow-4.18.0/lib/utmp.c:174:17: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 'xreallocarray(0, 1, 384)' where non-null expected
shadow-4.18.0/lib/utmp.c:151:1: enter_function: entry to 'get_current_utmp'
shadow-4.18.0/lib/utmp.c:159:16: branch_true: following 'true' branch...
shadow-4.18.0/lib/utmp.c:160:25: branch_true: ...to here
shadow-4.18.0/lib/utmp.c:166:24: call_function: calling 'is_my_tty' from 'get_current_utmp'
shadow-4.18.0/lib/utmp.c:166:24: return_function: returning to 'get_current_utmp' from 'is_my_tty'
shadow-4.18.0/lib/utmp.c:172:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/utmp.c:173:23: call_function: inlined call to 'xmallocarray' from 'get_current_utmp'
shadow-4.18.0/lib/utmp.c:174:17: danger: argument 1 ('xreallocarray(0, 1, 384)') from [(13)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/12) could be NULL where non-null expected
#  172|   	if (NULL != ut) {
#  173|   		ret = XMALLOC(1, struct utmpx);
#  174|-> 		memcpy (ret, ut, sizeof (*ret));
#  175|   	}
#  176|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def181]
shadow-4.18.0/lib/utmp.c:177:9: warning[-Wanalyzer-malloc-leak]: leak of 'ret'
shadow-4.18.0/lib/utmp.c:151:1: enter_function: entry to 'get_current_utmp'
shadow-4.18.0/lib/utmp.c:159:16: branch_true: following 'true' branch...
shadow-4.18.0/lib/utmp.c:160:25: branch_true: ...to here
shadow-4.18.0/lib/utmp.c:166:24: call_function: calling 'is_my_tty' from 'get_current_utmp'
shadow-4.18.0/lib/utmp.c:166:24: return_function: returning to 'get_current_utmp' from 'is_my_tty'
shadow-4.18.0/lib/utmp.c:172:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/utmp.c:173:23: call_function: inlined call to 'xmallocarray' from 'get_current_utmp'
shadow-4.18.0/lib/utmp.c:177:9: throw: if 'endutxent' throws an exception...
shadow-4.18.0/lib/utmp.c:177:9: danger: 'ret' leaks here; was allocated at [(13)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/12)
#  175|   	}
#  176|   
#  177|-> 	endutxent();
#  178|   
#  179|   	return ret;

Error: GCC_ANALYZER_WARNING (CWE-688): [#def182]
shadow-4.18.0/lib/utmp.c:262:28: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 'xreallocarray(0, strnlen(&*ut.ut_host, 256) + 1, 1)' where non-null expected
shadow-4.18.0/lib/utmp.c:246:1: enter_function: entry to 'prepare_utmp'
shadow-4.18.0/lib/utmp.c:253:9: branch_true: following 'true' branch (when 'name' is non-NULL)...
shadow-4.18.0/lib/utmp.c:254:9: branch_true: ...to here
shadow-4.18.0/lib/utmp.c:254:9: branch_true: following 'true' branch (when 'line' is non-NULL)...
shadow-4.18.0/lib/utmp.c:258:12: branch_true: ...to here
shadow-4.18.0/lib/utmp.c:261:17: branch_true: following 'true' branch...
shadow-4.18.0/lib/utmp.c:262:28: call_function: inlined call to 'xmallocarray' from 'prepare_utmp'
shadow-4.18.0/lib/utmp.c:262:28: danger: argument 1 ('xreallocarray(0, strnlen(&*ut.ut_host, 256) + 1, 1)') from [(9)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/8) could be NULL where non-null expected
#argument 1 of '__builtin_memcpy' must be non-null
#  260|   #if defined(HAVE_STRUCT_UTMPX_UT_HOST)
#  261|   	else if (NULL != ut && '\0' != ut->ut_host[0])
#  262|-> 		hostname = XSTRNDUP(ut->ut_host);
#  263|   #endif
#  264|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def183]
shadow-4.18.0/lib/utmp.c:267:17: warning[-Wanalyzer-malloc-leak]: leak of 'hostname'
shadow-4.18.0/lib/utmp.c:246:1: enter_function: entry to 'prepare_utmp'
shadow-4.18.0/lib/utmp.c:253:9: branch_true: following 'true' branch (when 'name' is non-NULL)...
shadow-4.18.0/lib/utmp.c:254:9: branch_true: ...to here
shadow-4.18.0/lib/utmp.c:254:9: branch_true: following 'true' branch (when 'line' is non-NULL)...
shadow-4.18.0/lib/utmp.c:258:12: branch_true: ...to here
shadow-4.18.0/lib/utmp.c:258:12: branch_true: following 'true' branch (when 'host' is non-NULL)...
shadow-4.18.0/lib/utmp.c:258:30: call_function: inlined call to 'streq' from 'prepare_utmp'
shadow-4.18.0/lib/utmp.c:258:13: branch_true: following 'true' branch...
shadow-4.18.0/lib/utmp.c:259:28: branch_true: ...to here
shadow-4.18.0/lib/utmp.c:259:28: call_function: calling 'xstrdup' from 'prepare_utmp'
shadow-4.18.0/lib/utmp.c:259:28: return_function: returning to 'prepare_utmp' from 'xstrdup'
shadow-4.18.0/lib/utmp.c:265:16: branch_false: following 'false' branch...
shadow-4.18.0/lib/utmp.c:265:16: branch_false: ...to here
shadow-4.18.0/lib/utmp.c:267:17: throw: if 'xcalloc' throws an exception...
shadow-4.18.0/lib/utmp.c:267:17: danger: 'hostname' leaks here; was allocated at [(14)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/13)
#  265|   	line = strprefix(line, "/dev/") ?: line;
#  266|   
#  267|-> 	utent = XCALLOC(1, struct utmpx);
#  268|   
#  269|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def184]
shadow-4.18.0/lib/utmp.c:270:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'xcalloc(1, 384)'
shadow-4.18.0/lib/utmp.c:253:9: branch_true: following 'true' branch (when 'name' is non-NULL)...
shadow-4.18.0/lib/utmp.c:254:9: branch_true: ...to here
shadow-4.18.0/lib/utmp.c:254:9: branch_true: following 'true' branch (when 'line' is non-NULL)...
shadow-4.18.0/lib/utmp.c:258:12: branch_true: ...to here
shadow-4.18.0/lib/utmp.c:265:16: branch_false: following 'false' branch...
shadow-4.18.0/lib/utmp.c:265:16: branch_false: ...to here
shadow-4.18.0/lib/utmp.c:267:17: acquire_memory: this call could return NULL
shadow-4.18.0/lib/utmp.c:270:9: danger: 'xcalloc(1, 384)' could be NULL: unchecked value from [(7)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/6)
#  268|   
#  269|   
#  270|-> 	utent->ut_type = USER_PROCESS;
#  271|   	utent->ut_pid = getpid ();
#  272|   	STRNCPY(utent->ut_line, line);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def185]
shadow-4.18.0/lib/utmp.c:272:9: warning[-Wanalyzer-malloc-leak]: leak of 'prepare_utmp(failent_user,  tty,  hostname,  get_current_utmp())'
shadow-4.18.0/lib/utmp.c:387:1: enter_function: entry to 'record_failure'
shadow-4.18.0/lib/utmp.c:391:12: branch_true: following 'true' branch...
shadow-4.18.0/lib/utmp.c:392:25: branch_true: ...to here
shadow-4.18.0/lib/utmp.c:392:25: call_function: calling 'get_current_utmp' from 'record_failure'
shadow-4.18.0/lib/utmp.c:392:25: return_function: returning to 'record_failure' from 'get_current_utmp'
shadow-4.18.0/lib/utmp.c:393:27: call_function: calling 'prepare_utmp' from 'record_failure'
shadow-4.18.0/lib/utmp.c:393:27: return_function: returning to 'record_failure' from 'prepare_utmp'
shadow-4.18.0/lib/utmp.c:394:17: call_function: calling 'failtmp' from 'record_failure'
#  270|   	utent->ut_type = USER_PROCESS;
#  271|   	utent->ut_pid = getpid ();
#  272|-> 	STRNCPY(utent->ut_line, line);
#  273|   	if (NULL != ut) {
#  274|   		STRNCPY(utent->ut_id, ut->ut_id);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def186]
shadow-4.18.0/lib/utmp.c:272:9: warning[-Wanalyzer-malloc-leak]: leak of 'prepare_utmp(user,  tty,  host,  get_current_utmp())'
shadow-4.18.0/lib/utmp.c:370:1: enter_function: entry to 'update_utmp'
shadow-4.18.0/lib/utmp.c:374:17: call_function: calling 'get_current_utmp' from 'update_utmp'
shadow-4.18.0/lib/utmp.c:374:17: return_function: returning to 'update_utmp' from 'get_current_utmp'
shadow-4.18.0/lib/utmp.c:375:14: call_function: calling 'prepare_utmp' from 'update_utmp'
shadow-4.18.0/lib/utmp.c:375:14: return_function: returning to 'update_utmp' from 'prepare_utmp'
shadow-4.18.0/lib/utmp.c:377:16: call_function: calling 'setutmp' from 'update_utmp'
#  270|   	utent->ut_type = USER_PROCESS;
#  271|   	utent->ut_pid = getpid ();
#  272|-> 	STRNCPY(utent->ut_line, line);
#  273|   	if (NULL != ut) {
#  274|   		STRNCPY(utent->ut_id, ut->ut_id);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def187]
shadow-4.18.0/lib/utmp.c:272:9: warning[-Wanalyzer-malloc-leak]: leak of 'xcalloc(1, 384)'
shadow-4.18.0/lib/utmp.c:253:9: branch_true: following 'true' branch (when 'name' is non-NULL)...
shadow-4.18.0/lib/utmp.c:254:9: branch_true: ...to here
shadow-4.18.0/lib/utmp.c:254:9: branch_true: following 'true' branch (when 'line' is non-NULL)...
shadow-4.18.0/lib/utmp.c:258:12: branch_true: ...to here
shadow-4.18.0/lib/utmp.c:261:17: branch_true: following 'true' branch...
shadow-4.18.0/lib/utmp.c:265:16: branch_false: following 'false' branch...
shadow-4.18.0/lib/utmp.c:265:16: branch_false: ...to here
shadow-4.18.0/lib/utmp.c:267:17: acquire_memory: allocated here
shadow-4.18.0/lib/utmp.c:273:12: branch_true: following 'true' branch (when 'ut' is non-NULL)...
shadow-4.18.0/lib/utmp.c:274:17: branch_true: ...to here
shadow-4.18.0/lib/utmp.c:283:12: branch_true: following 'true' branch (when 'hostname' is non-NULL)...
shadow-4.18.0/lib/utmp.c:284:34: branch_true: ...to here
shadow-4.18.0/lib/utmp.c:293:21: throw: if 'getaddrinfo' throws an exception...
shadow-4.18.0/lib/utmp.c:272:9: danger: 'xcalloc(1, 384)' leaks here; was allocated at [(9)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/8)
#  270|   	utent->ut_type = USER_PROCESS;
#  271|   	utent->ut_pid = getpid ();
#  272|-> 	STRNCPY(utent->ut_line, line);
#  273|   	if (NULL != ut) {
#  274|   		STRNCPY(utent->ut_id, ut->ut_id);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def188]
shadow-4.18.0/lib/utmp.c:293:21: warning[-Wanalyzer-malloc-leak]: leak of 'hostname'
shadow-4.18.0/lib/utmp.c:370:1: enter_function: entry to 'update_utmp'
shadow-4.18.0/lib/utmp.c:374:17: call_function: calling 'get_current_utmp' from 'update_utmp'
shadow-4.18.0/lib/utmp.c:374:17: return_function: returning to 'update_utmp' from 'get_current_utmp'
shadow-4.18.0/lib/utmp.c:375:14: call_function: calling 'prepare_utmp' from 'update_utmp'
#  291|   #endif
#  292|   #if defined(HAVE_STRUCT_UTMPX_UT_ADDR) || defined(HAVE_STRUCT_UTMPX_UT_ADDR_V6)
#  293|-> 		if (getaddrinfo (hostname, NULL, NULL, &info) == 0) {
#  294|   			/* getaddrinfo might not be reliable.
#  295|   			 * Just try to log what may be useful.

Error: GCC_ANALYZER_WARNING (CWE-401): [#def189]
shadow-4.18.0/lib/xgetXXbyYY.c:64:26: warning[-Wanalyzer-malloc-leak]: leak of 'reallocarray(0, 1, 32)'
shadow-4.18.0/lib/xgetXXbyYY.c:48:35: enter_function: entry to 'xgetgrnam'
shadow-4.18.0/lib/xgetXXbyYY.c:56:18: call_function: inlined call to 'mallocarray' from 'xgetgrnam'
shadow-4.18.0/lib/xgetXXbyYY.c:57:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/xgetXXbyYY.c:57:12: branch_false: ...to here
shadow-4.18.0/lib/xgetXXbyYY.c:64:26: throw: if 'xreallocarray' throws an exception...
shadow-4.18.0/lib/xgetXXbyYY.c:64:26: danger: 'reallocarray(0, 1, 32)' leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   62|   		int status;
#   63|   		LOOKUP_TYPE *resbuf = NULL;
#   64|-> 		buffer = XREALLOC(buffer, length, char);
#   65|   		status = REENTRANT_NAME(ARG_NAME, result, buffer,
#   66|   		                        length, &resbuf);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def190]
shadow-4.18.0/lib/xgetXXbyYY.c:64:26: warning[-Wanalyzer-malloc-leak]: leak of 'reallocarray(0, 1, 48)'
shadow-4.18.0/lib/xgetXXbyYY.c:48:35: enter_function: entry to 'xgetpwnam'
shadow-4.18.0/lib/xgetXXbyYY.c:56:18: call_function: inlined call to 'mallocarray' from 'xgetpwnam'
shadow-4.18.0/lib/xgetXXbyYY.c:57:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/xgetXXbyYY.c:57:12: branch_false: ...to here
shadow-4.18.0/lib/xgetXXbyYY.c:64:26: throw: if 'xreallocarray' throws an exception...
shadow-4.18.0/lib/xgetXXbyYY.c:64:26: danger: 'reallocarray(0, 1, 48)' leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   62|   		int status;
#   63|   		LOOKUP_TYPE *resbuf = NULL;
#   64|-> 		buffer = XREALLOC(buffer, length, char);
#   65|   		status = REENTRANT_NAME(ARG_NAME, result, buffer,
#   66|   		                        length, &resbuf);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def191]
shadow-4.18.0/lib/xgetXXbyYY.c:64:26: warning[-Wanalyzer-malloc-leak]: leak of 'reallocarray(0, 1, 72)'
shadow-4.18.0/lib/xgetXXbyYY.c:48:35: enter_function: entry to 'xgetspnam'
shadow-4.18.0/lib/xgetXXbyYY.c:56:18: call_function: inlined call to 'mallocarray' from 'xgetspnam'
shadow-4.18.0/lib/xgetXXbyYY.c:57:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/xgetXXbyYY.c:57:12: branch_false: ...to here
shadow-4.18.0/lib/xgetXXbyYY.c:64:26: throw: if 'xreallocarray' throws an exception...
shadow-4.18.0/lib/xgetXXbyYY.c:64:26: danger: 'reallocarray(0, 1, 72)' leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   62|   		int status;
#   63|   		LOOKUP_TYPE *resbuf = NULL;
#   64|-> 		buffer = XREALLOC(buffer, length, char);
#   65|   		status = REENTRANT_NAME(ARG_NAME, result, buffer,
#   66|   		                        length, &resbuf);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def192]
shadow-4.18.0/lib/xgetXXbyYY.c:65:26: warning[-Wanalyzer-malloc-leak]: leak of 'reallocarray(0, 1, 32)'
shadow-4.18.0/lib/xgetXXbyYY.c:48:35: enter_function: entry to 'xgetgrnam'
shadow-4.18.0/lib/xgetXXbyYY.c:56:18: call_function: inlined call to 'mallocarray' from 'xgetgrnam'
shadow-4.18.0/lib/xgetXXbyYY.c:57:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/xgetXXbyYY.c:57:12: branch_false: ...to here
shadow-4.18.0/lib/xgetXXbyYY.c:65:26: throw: if 'getgrnam_r' throws an exception...
shadow-4.18.0/lib/xgetXXbyYY.c:65:26: danger: 'reallocarray(0, 1, 32)' leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#   63|   		LOOKUP_TYPE *resbuf = NULL;
#   64|   		buffer = XREALLOC(buffer, length, char);
#   65|-> 		status = REENTRANT_NAME(ARG_NAME, result, buffer,
#   66|   		                        length, &resbuf);
#   67|   		if ((0 == status) && (resbuf == result)) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def193]
shadow-4.18.0/lib/xgetXXbyYY.c:65:26: warning[-Wanalyzer-malloc-leak]: leak of 'reallocarray(0, 1, 48)'
shadow-4.18.0/lib/xgetXXbyYY.c:48:35: enter_function: entry to 'xgetpwnam'
shadow-4.18.0/lib/xgetXXbyYY.c:56:18: call_function: inlined call to 'mallocarray' from 'xgetpwnam'
shadow-4.18.0/lib/xgetXXbyYY.c:57:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/xgetXXbyYY.c:57:12: branch_false: ...to here
shadow-4.18.0/lib/xgetXXbyYY.c:65:26: throw: if 'getpwnam_r' throws an exception...
shadow-4.18.0/lib/xgetXXbyYY.c:65:26: danger: 'reallocarray(0, 1, 48)' leaks here; was allocated at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#   63|   		LOOKUP_TYPE *resbuf = NULL;
#   64|   		buffer = XREALLOC(buffer, length, char);
#   65|-> 		status = REENTRANT_NAME(ARG_NAME, result, buffer,
#   66|   		                        length, &resbuf);
#   67|   		if ((0 == status) && (resbuf == result)) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def194]
shadow-4.18.0/lib/xgetXXbyYY.c:65:26: warning[-Wanalyzer-malloc-leak]: leak of 'reallocarray(0, 1, 72)'
shadow-4.18.0/lib/xgetXXbyYY.c:48:35: enter_function: entry to 'xgetspnam'
shadow-4.18.0/lib/xgetXXbyYY.c:56:18: call_function: inlined call to 'mallocarray' from 'xgetspnam'
shadow-4.18.0/lib/xgetXXbyYY.c:57:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/xgetXXbyYY.c:57:12: branch_false: ...to here
shadow-4.18.0/lib/xgetXXbyYY.c:65:26: throw: if 'getspnam_r' throws an exception...
shadow-4.18.0/lib/xgetXXbyYY.c:65:26: danger: 'reallocarray(0, 1, 72)' leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#   63|   		LOOKUP_TYPE *resbuf = NULL;
#   64|   		buffer = XREALLOC(buffer, length, char);
#   65|-> 		status = REENTRANT_NAME(ARG_NAME, result, buffer,
#   66|   		                        length, &resbuf);
#   67|   		if ((0 == status) && (resbuf == result)) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def195]
shadow-4.18.0/lib/xgetXXbyYY.c:65:26: warning[-Wanalyzer-malloc-leak]: leak of 'xreallocarray(buffer,  length, 1)'
shadow-4.18.0/lib/xgetXXbyYY.c:57:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/xgetXXbyYY.c:57:12: branch_false: ...to here
shadow-4.18.0/lib/xgetXXbyYY.c:64:26: acquire_memory: allocated here
shadow-4.18.0/lib/xgetXXbyYY.c:65:26: throw: if 'getpwnam_r' throws an exception...
shadow-4.18.0/lib/xgetXXbyYY.c:65:26: danger: 'xreallocarray(buffer,  length, 1)' leaks here; was allocated at [(3)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/2)
#   63|   		LOOKUP_TYPE *resbuf = NULL;
#   64|   		buffer = XREALLOC(buffer, length, char);
#   65|-> 		status = REENTRANT_NAME(ARG_NAME, result, buffer,
#   66|   		                        length, &resbuf);
#   67|   		if ((0 == status) && (resbuf == result)) {

Error: GCC_ANALYZER_WARNING (CWE-688): [#def196]
shadow-4.18.0/lib/xgetXXbyYY.c:65:26: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 'xreallocarray(buffer,  length, 1)' where non-null expected
shadow-4.18.0/lib/xgetXXbyYY.c:57:12: branch_false: following 'false' branch...
shadow-4.18.0/lib/xgetXXbyYY.c:57:12: branch_false: ...to here
shadow-4.18.0/lib/xgetXXbyYY.c:64:26: acquire_memory: this call could return NULL
shadow-4.18.0/lib/xgetXXbyYY.c:65:26: danger: argument 3 ('xreallocarray(buffer,  length, 1)') from [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2) could be NULL where non-null expected
#   63|   		LOOKUP_TYPE *resbuf = NULL;
#   64|   		buffer = XREALLOC(buffer, length, char);
#   65|-> 		status = REENTRANT_NAME(ARG_NAME, result, buffer,
#   66|   		                        length, &resbuf);
#   67|   		if ((0 == status) && (resbuf == result)) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def197]
shadow-4.18.0/libsubid/api.c:29:17: warning[-Wanalyzer-malloc-leak]: leak of 'progname'
shadow-4.18.0/libsubid/api.c:25:12: branch_true: following 'true' branch (when 'progname' is non-NULL)...
shadow-4.18.0/libsubid/api.c:26:28: branch_true: ...to here
shadow-4.18.0/libsubid/api.c:26:28: acquire_memory: allocated here
shadow-4.18.0/libsubid/api.c:27:20: branch_false: following 'false' branch (when 'progname' is non-NULL)...
shadow-4.18.0/libsubid/api.c:29:17: branch_false: ...to here
shadow-4.18.0/libsubid/api.c:29:17: throw: if 'log_set_progname' throws an exception...
shadow-4.18.0/libsubid/api.c:29:17: danger: 'progname' leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   27|   		if (!progname)
#   28|   			return false;
#   29|-> 		log_set_progname(progname);
#   30|   	} else {
#   31|   		log_set_progname("(libsubid)");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def198]
shadow-4.18.0/libsubid/api.c:35:17: warning[-Wanalyzer-malloc-leak]: leak of 'progname'
shadow-4.18.0/libsubid/api.c:25:12: branch_true: following 'true' branch (when 'progname' is non-NULL)...
shadow-4.18.0/libsubid/api.c:26:28: branch_true: ...to here
shadow-4.18.0/libsubid/api.c:26:28: acquire_memory: allocated here
shadow-4.18.0/libsubid/api.c:27:20: branch_false: following 'false' branch (when 'progname' is non-NULL)...
shadow-4.18.0/libsubid/api.c:29:17: branch_false: ...to here
shadow-4.18.0/libsubid/api.c:34:12: branch_true: following 'true' branch (when 'logfd' is non-NULL)...
shadow-4.18.0/libsubid/api.c:35:17: branch_true: ...to here
shadow-4.18.0/libsubid/api.c:35:17: throw: if 'log_set_logfd' throws an exception...
shadow-4.18.0/libsubid/api.c:35:17: danger: 'progname' leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#   33|   
#   34|   	if (logfd) {
#   35|-> 		log_set_logfd(logfd);
#   36|   		return true;
#   37|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def199]
shadow-4.18.0/libsubid/api.c:40:17: warning[-Wanalyzer-malloc-leak]: leak of 'progname'
shadow-4.18.0/libsubid/api.c:25:12: branch_true: following 'true' branch (when 'progname' is non-NULL)...
shadow-4.18.0/libsubid/api.c:26:28: branch_true: ...to here
shadow-4.18.0/libsubid/api.c:26:28: acquire_memory: allocated here
shadow-4.18.0/libsubid/api.c:27:20: branch_false: following 'false' branch (when 'progname' is non-NULL)...
shadow-4.18.0/libsubid/api.c:29:17: branch_false: ...to here
shadow-4.18.0/libsubid/api.c:34:12: branch_false: following 'false' branch (when 'logfd' is NULL)...
shadow-4.18.0/libsubid/api.c:38:24: branch_false: ...to here
shadow-4.18.0/libsubid/api.c:39:12: branch_true: following 'true' branch...
shadow-4.18.0/libsubid/api.c:40:17: branch_true: ...to here
shadow-4.18.0/libsubid/api.c:40:17: throw: if 'log_set_logfd' throws an exception...
shadow-4.18.0/libsubid/api.c:40:17: danger: 'progname' leaks here; was allocated at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#   38|   	shadow_logfd = fopen("/dev/null", "w");
#   39|   	if (!shadow_logfd) {
#   40|-> 		log_set_logfd(stderr);
#   41|   		return false;
#   42|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def200]
shadow-4.18.0/libsubid/api.c:43:9: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen("/dev/null", "w")'
shadow-4.18.0/libsubid/api.c:25:12: branch_false: following 'false' branch (when 'progname' is NULL)...
shadow-4.18.0/libsubid/api.c:31:17: branch_false: ...to here
shadow-4.18.0/libsubid/api.c:34:12: branch_false: following 'false' branch (when 'logfd' is NULL)...
shadow-4.18.0/libsubid/api.c:38:24: branch_false: ...to here
shadow-4.18.0/libsubid/api.c:38:24: acquire_resource: opened here
shadow-4.18.0/libsubid/api.c:39:12: branch_false: following 'false' branch...
shadow-4.18.0/libsubid/api.c:43:9: branch_false: ...to here
shadow-4.18.0/libsubid/api.c:43:9: danger: 'fopen("/dev/null", "w")' leaks here; was opened at [(5)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/4)
#   41|   		return false;
#   42|   	}
#   43|-> 	log_set_logfd(shadow_logfd);
#   44|   	return true;
#   45|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def201]
shadow-4.18.0/libsubid/api.c:43:9: warning[-Wanalyzer-malloc-leak]: leak of 'fopen("/dev/null", "w")'
shadow-4.18.0/libsubid/api.c:25:12: branch_false: following 'false' branch (when 'progname' is NULL)...
shadow-4.18.0/libsubid/api.c:31:17: branch_false: ...to here
shadow-4.18.0/libsubid/api.c:34:12: branch_false: following 'false' branch (when 'logfd' is NULL)...
shadow-4.18.0/libsubid/api.c:38:24: branch_false: ...to here
shadow-4.18.0/libsubid/api.c:38:24: acquire_memory: allocated here
shadow-4.18.0/libsubid/api.c:39:12: branch_false: following 'false' branch...
shadow-4.18.0/libsubid/api.c:43:9: branch_false: ...to here
shadow-4.18.0/libsubid/api.c:43:9: danger: 'fopen("/dev/null", "w")' leaks here; was allocated at [(5)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/4)
#   41|   		return false;
#   42|   	}
#   43|-> 	log_set_logfd(shadow_logfd);
#   44|   	return true;
#   45|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def202]
shadow-4.18.0/libsubid/api.c:43:9: warning[-Wanalyzer-malloc-leak]: leak of 'progname'
shadow-4.18.0/libsubid/api.c:25:12: branch_true: following 'true' branch (when 'progname' is non-NULL)...
shadow-4.18.0/libsubid/api.c:26:28: branch_true: ...to here
shadow-4.18.0/libsubid/api.c:26:28: acquire_memory: allocated here
shadow-4.18.0/libsubid/api.c:27:20: branch_false: following 'false' branch (when 'progname' is non-NULL)...
shadow-4.18.0/libsubid/api.c:29:17: branch_false: ...to here
shadow-4.18.0/libsubid/api.c:34:12: branch_false: following 'false' branch (when 'logfd' is NULL)...
shadow-4.18.0/libsubid/api.c:38:24: branch_false: ...to here
shadow-4.18.0/libsubid/api.c:39:12: branch_false: following 'false' branch...
shadow-4.18.0/libsubid/api.c:43:9: branch_false: ...to here
shadow-4.18.0/libsubid/api.c:43:9: throw: if 'log_set_logfd' throws an exception...
shadow-4.18.0/libsubid/api.c:43:9: danger: 'progname' leaks here; was allocated at [(3)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/2)
#   41|   		return false;
#   42|   	}
#   43|-> 	log_set_logfd(shadow_logfd);
#   44|   	return true;
#   45|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def203]
shadow-4.18.0/libsubid/api.c:45:1: warning[-Wanalyzer-malloc-leak]: leak of 'progname'
shadow-4.18.0/libsubid/api.c:25:12: branch_true: following 'true' branch (when 'progname' is non-NULL)...
shadow-4.18.0/libsubid/api.c:26:28: branch_true: ...to here
shadow-4.18.0/libsubid/api.c:26:28: acquire_memory: allocated here
shadow-4.18.0/libsubid/api.c:27:20: branch_false: following 'false' branch (when 'progname' is non-NULL)...
shadow-4.18.0/libsubid/api.c:29:17: branch_false: ...to here
shadow-4.18.0/libsubid/api.c:45:1: danger: 'progname' leaks here; was allocated at [(3)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/2)
#   43|   	log_set_logfd(shadow_logfd);
#   44|   	return true;
#   45|-> }
#   46|   
#   47|   void subid_free(void *ptr)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def204]
shadow-4.18.0/src/chage.c:99:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chage.c:96:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chage.c:97:21: branch_true: ...to here
shadow-4.18.0/src/chage.c:97:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chage.c:98:25: branch_true: ...to here
shadow-4.18.0/src/chage.c:99:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chage.c:99:25: branch_true: ...to here
shadow-4.18.0/src/chage.c:99:25: acquire_memory: allocated here
shadow-4.18.0/src/chage.c:99:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chage.c:99:25: branch_true: ...to here
shadow-4.18.0/src/chage.c:99:25: throw: if ‘spw_dbname’ throws an exception...
shadow-4.18.0/src/chage.c:99:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/6)
#   97|   		if (spw_unlock () == 0) {
#   98|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
#   99|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
#  100|   			/* continue */
#  101|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def205]
shadow-4.18.0/src/chage.c:106:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chage.c:103:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chage.c:104:21: branch_true: ...to here
shadow-4.18.0/src/chage.c:104:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chage.c:105:25: branch_true: ...to here
shadow-4.18.0/src/chage.c:106:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chage.c:106:25: branch_true: ...to here
shadow-4.18.0/src/chage.c:106:25: acquire_memory: allocated here
shadow-4.18.0/src/chage.c:106:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chage.c:106:25: branch_true: ...to here
shadow-4.18.0/src/chage.c:106:25: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/chage.c:106:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/6)
#  104|   		if (pw_unlock () == 0) {
#  105|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
#  106|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
#  107|   			/* continue */
#  108|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def206]
shadow-4.18.0/src/chage.c:513:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chage.c:511:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chage.c:512:17: branch_true: ...to here
shadow-4.18.0/src/chage.c:513:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chage.c:513:17: branch_true: ...to here
shadow-4.18.0/src/chage.c:513:17: acquire_memory: allocated here
shadow-4.18.0/src/chage.c:513:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chage.c:513:17: branch_true: ...to here
shadow-4.18.0/src/chage.c:513:17: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/chage.c:513:17: danger: ‘saved_locale’ leaks here; was allocated at [(5)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/4)
#  511|   	if (pw_open (readonly ? O_RDONLY: O_CREAT | O_RDWR) == 0) {
#  512|   		fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ());
#  513|-> 		SYSLOG ((LOG_WARN, "cannot open %s", pw_dbname ()));
#  514|   		fail_exit (E_NOPERM);
#  515|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def207]
shadow-4.18.0/src/chage.c:535:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chage.c:511:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chage.c:523:12: branch_false: ...to here
shadow-4.18.0/src/chage.c:532:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chage.c:533:17: branch_true: ...to here
shadow-4.18.0/src/chage.c:535:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chage.c:535:17: branch_true: ...to here
shadow-4.18.0/src/chage.c:535:17: acquire_memory: allocated here
shadow-4.18.0/src/chage.c:535:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chage.c:535:17: branch_true: ...to here
shadow-4.18.0/src/chage.c:535:17: throw: if ‘spw_dbname’ throws an exception...
shadow-4.18.0/src/chage.c:535:17: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/6)
#  533|   		fprintf (stderr,
#  534|   		         _("%s: cannot open %s\n"), Prog, spw_dbname ());
#  535|-> 		SYSLOG ((LOG_WARN, "cannot open %s", spw_dbname ()));
#  536|   		fail_exit (E_NOPERM);
#  537|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def208]
shadow-4.18.0/src/chage.c:552:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chage.c:549:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chage.c:550:17: branch_true: ...to here
shadow-4.18.0/src/chage.c:552:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chage.c:552:17: branch_true: ...to here
shadow-4.18.0/src/chage.c:552:17: acquire_memory: allocated here
shadow-4.18.0/src/chage.c:552:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chage.c:552:17: branch_true: ...to here
shadow-4.18.0/src/chage.c:552:17: throw: if ‘spw_dbname’ throws an exception...
shadow-4.18.0/src/chage.c:552:17: danger: ‘saved_locale’ leaks here; was allocated at [(5)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/4)
#  550|   		fprintf (stderr,
#  551|   		         _("%s: failure while writing changes to %s\n"), Prog, spw_dbname ());
#  552|-> 		SYSLOG ((LOG_ERR, "failure while writing changes to %s", spw_dbname ()));
#  553|   		fail_exit (E_NOPERM);
#  554|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def209]
shadow-4.18.0/src/chage.c:562:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chage.c:549:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chage.c:560:13: branch_false: ...to here
shadow-4.18.0/src/chage.c:560:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chage.c:561:17: branch_true: ...to here
shadow-4.18.0/src/chage.c:562:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chage.c:562:17: branch_true: ...to here
shadow-4.18.0/src/chage.c:562:17: acquire_memory: allocated here
shadow-4.18.0/src/chage.c:562:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chage.c:562:17: branch_true: ...to here
shadow-4.18.0/src/chage.c:562:17: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/chage.c:562:17: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/6)
#  560|   	if (pw_close () == 0) {
#  561|   		fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, pw_dbname ());
#  562|-> 		SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
#  563|   		fail_exit (E_NOPERM);
#  564|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def210]
shadow-4.18.0/src/chage.c:567:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chage.c:549:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chage.c:560:13: branch_false: ...to here
shadow-4.18.0/src/chage.c:560:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chage.c:565:13: branch_false: ...to here
shadow-4.18.0/src/chage.c:565:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chage.c:566:17: branch_true: ...to here
shadow-4.18.0/src/chage.c:567:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chage.c:567:17: branch_true: ...to here
shadow-4.18.0/src/chage.c:567:17: acquire_memory: allocated here
shadow-4.18.0/src/chage.c:567:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chage.c:567:17: branch_true: ...to here
shadow-4.18.0/src/chage.c:567:17: throw: if ‘spw_dbname’ throws an exception...
shadow-4.18.0/src/chage.c:567:17: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/8)
#  565|   	if (spw_unlock () == 0) {
#  566|   		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
#  567|-> 		SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
#  568|   		/* continue */
#  569|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def211]
shadow-4.18.0/src/chage.c:573:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chage.c:549:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chage.c:560:13: branch_false: ...to here
shadow-4.18.0/src/chage.c:560:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chage.c:565:13: branch_false: ...to here
shadow-4.18.0/src/chage.c:571:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chage.c:572:17: branch_true: ...to here
shadow-4.18.0/src/chage.c:573:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chage.c:573:17: branch_true: ...to here
shadow-4.18.0/src/chage.c:573:17: acquire_memory: allocated here
shadow-4.18.0/src/chage.c:573:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chage.c:573:17: branch_true: ...to here
shadow-4.18.0/src/chage.c:573:17: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/chage.c:573:17: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/8)
#  571|   	if (pw_unlock () == 0) {
#  572|   		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
#  573|-> 		SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
#  574|   		/* continue */
#  575|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def212]
shadow-4.18.0/src/chage.c:599:43: warning[-Wanalyzer-malloc-leak]: leak of ‘xreallocarray(0, strlen(str) + 1, 1)’
shadow-4.18.0/src/chage.c:584:13: enter_function: entry to ‘update_age’
shadow-4.18.0/src/chage.c:594:12: branch_true: following ‘true’ branch (when ‘sp’ is NULL)...
shadow-4.18.0/src/chage.c:595:31: branch_true: ...to here
shadow-4.18.0/src/chage.c:598:34: call_function: calling ‘xstrdup’ from ‘update_age’
shadow-4.18.0/src/chage.c:598:34: return_function: returning to ‘update_age’ from ‘xstrdup’
shadow-4.18.0/src/chage.c:599:34: call_function: calling ‘xstrdup’ from ‘update_age’
#  597|   		memzero (&spwent, sizeof spwent);
#  598|   		spwent.sp_namp = xstrdup (pwent.pw_name);
#  599|-> 		spwent.sp_pwdp = xstrdup (pwent.pw_passwd);
#  600|   		spwent.sp_flag = SHADOW_SP_FLAG_UNSET;
#  601|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def213]
shadow-4.18.0/src/chage.c:603:21: warning[-Wanalyzer-malloc-leak]: leak of ‘spwent.sp_pwdp’
shadow-4.18.0/src/chage.c:584:13: enter_function: entry to ‘update_age’
shadow-4.18.0/src/chage.c:594:12: branch_true: following ‘true’ branch (when ‘sp’ is NULL)...
shadow-4.18.0/src/chage.c:595:31: branch_true: ...to here
shadow-4.18.0/src/chage.c:598:34: call_function: calling ‘xstrdup’ from ‘update_age’
shadow-4.18.0/src/chage.c:598:34: return_function: returning to ‘update_age’ from ‘xstrdup’
shadow-4.18.0/src/chage.c:599:34: call_function: calling ‘xstrdup’ from ‘update_age’
shadow-4.18.0/src/chage.c:599:34: return_function: returning to ‘update_age’ from ‘xstrdup’
shadow-4.18.0/src/chage.c:603:21: throw: if ‘pw_update’ throws an exception...
shadow-4.18.0/src/chage.c:603:21: danger: ‘spwent.sp_pwdp’ leaks here; was allocated at [(13)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/12)
#  601|   
#  602|   		pwent.pw_passwd = SHADOW_PASSWD_STRING;	/* XXX warning: const */
#  603|-> 		if (pw_update (&pwent) == 0) {
#  604|   			fprintf (stderr,
#  605|   			         _("%s: failed to prepare the new %s entry '%s'\n"), Prog, pw_dbname (), pwent.pw_name);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def214]
shadow-4.18.0/src/chage.c:610:43: warning[-Wanalyzer-malloc-leak]: leak of ‘xreallocarray(0, strlen(str) + 1, 1)’
shadow-4.18.0/src/chage.c:584:13: enter_function: entry to ‘update_age’
shadow-4.18.0/src/chage.c:594:12: branch_false: following ‘false’ branch (when ‘sp’ is non-NULL)...
shadow-4.18.0/src/chage.c:609:43: branch_false: ...to here
shadow-4.18.0/src/chage.c:609:34: call_function: calling ‘xstrdup’ from ‘update_age’
shadow-4.18.0/src/chage.c:609:34: return_function: returning to ‘update_age’ from ‘xstrdup’
shadow-4.18.0/src/chage.c:610:34: call_function: calling ‘xstrdup’ from ‘update_age’
#  608|   	} else {
#  609|   		spwent.sp_namp = xstrdup (sp->sp_namp);
#  610|-> 		spwent.sp_pwdp = xstrdup (sp->sp_pwdp);
#  611|   		spwent.sp_flag = sp->sp_flag;
#  612|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def215]
shadow-4.18.0/src/chage.c:626:13: warning[-Wanalyzer-malloc-leak]: leak of ‘spwent.sp_pwdp’
shadow-4.18.0/src/chage.c:584:13: enter_function: entry to ‘update_age’
shadow-4.18.0/src/chage.c:594:12: branch_false: following ‘false’ branch (when ‘sp’ is non-NULL)...
shadow-4.18.0/src/chage.c:609:43: branch_false: ...to here
shadow-4.18.0/src/chage.c:609:34: call_function: calling ‘xstrdup’ from ‘update_age’
shadow-4.18.0/src/chage.c:609:34: return_function: returning to ‘update_age’ from ‘xstrdup’
shadow-4.18.0/src/chage.c:610:34: call_function: calling ‘xstrdup’ from ‘update_age’
shadow-4.18.0/src/chage.c:610:34: return_function: returning to ‘update_age’ from ‘xstrdup’
shadow-4.18.0/src/chage.c:626:13: throw: if ‘spw_update’ throws an exception...
shadow-4.18.0/src/chage.c:626:13: danger: ‘spwent.sp_pwdp’ leaks here; was allocated at [(13)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/12)
#  624|   	spwent.sp_expire = expdate;
#  625|   
#  626|-> 	if (spw_update (&spwent) == 0) {
#  627|   		fprintf (stderr,
#  628|   		         _("%s: failed to prepare the new %s entry '%s'\n"), Prog, spw_dbname (), spwent.sp_namp);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def216]
shadow-4.18.0/src/chage.c:751:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chage.c:709:5: enter_function: entry to ‘main’
shadow-4.18.0/src/chage.c:743:9: call_function: calling ‘process_flags’ from ‘main’
shadow-4.18.0/src/chage.c:743:9: return_function: returning to ‘main’ from ‘process_flags’
shadow-4.18.0/src/chage.c:747:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chage.c:749:26: branch_false: ...to here
shadow-4.18.0/src/chage.c:751:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chage.c:751:17: branch_true: ...to here
shadow-4.18.0/src/chage.c:751:17: acquire_memory: allocated here
shadow-4.18.0/src/chage.c:751:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chage.c:751:17: branch_true: ...to here
shadow-4.18.0/src/chage.c:751:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/chage.c:751:17: danger: ‘saved_locale’ leaks here; was allocated at [(14)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/13)
#  749|   		         _("%s: the shadow password file is not present\n"),
#  750|   		         Prog);
#  751|-> 		SYSLOG ((LOG_WARN, "can't find the shadow password file"));
#  752|   		closelog ();
#  753|   		exit (E_SHADOW_NOTFOUND);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def217]
shadow-4.18.0/src/chfn.c:84:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chfn.c:81:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chfn.c:82:21: branch_true: ...to here
shadow-4.18.0/src/chfn.c:82:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chfn.c:83:25: branch_true: ...to here
shadow-4.18.0/src/chfn.c:84:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chfn.c:84:25: branch_true: ...to here
shadow-4.18.0/src/chfn.c:84:25: acquire_memory: allocated here
shadow-4.18.0/src/chfn.c:84:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chfn.c:84:25: branch_true: ...to here
shadow-4.18.0/src/chfn.c:84:25: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/chfn.c:84:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/6)
#   82|   		if (pw_unlock () == 0) {
#   83|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
#   84|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
#   85|   			/* continue */
#   86|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def218]
shadow-4.18.0/src/chfn.c:411:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chfn.c:391:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chfn.c:398:35: branch_false: ...to here
shadow-4.18.0/src/chfn.c:411:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chfn.c:411:17: branch_true: ...to here
shadow-4.18.0/src/chfn.c:411:17: acquire_memory: allocated here
shadow-4.18.0/src/chfn.c:411:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chfn.c:411:17: branch_true: ...to here
shadow-4.18.0/src/chfn.c:411:17: throw: if ‘pam_strerror’ throws an exception...
shadow-4.18.0/src/chfn.c:411:17: danger: ‘saved_locale’ leaks here; was allocated at [(5)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/4)
#  409|   		fprintf (stderr, _("%s: PAM: %s\n"),
#  410|   		         Prog, pam_strerror (pamh, retval));
#  411|-> 		SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
#  412|   		if (NULL != pamh) {
#  413|   			(void) pam_end (pamh, retval);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def219]
shadow-4.18.0/src/chfn.c:439:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chfn.c:437:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chfn.c:438:17: branch_true: ...to here
shadow-4.18.0/src/chfn.c:439:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chfn.c:439:17: branch_true: ...to here
shadow-4.18.0/src/chfn.c:439:17: acquire_memory: allocated here
shadow-4.18.0/src/chfn.c:439:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chfn.c:439:17: branch_true: ...to here
shadow-4.18.0/src/chfn.c:439:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/chfn.c:439:17: danger: ‘saved_locale’ leaks here; was allocated at [(5)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/4)
#  437|   	if (setuid (0) != 0) {
#  438|   		fputs (_("Cannot change ID to root.\n"), stderr);
#  439|-> 		SYSLOG ((LOG_ERR, "can't setuid(0)"));
#  440|   		fail_exit (E_NOPERM);
#  441|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def220]
shadow-4.18.0/src/chfn.c:498:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chfn.c:437:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chfn.c:442:9: branch_false: ...to here
shadow-4.18.0/src/chfn.c:448:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chfn.c:454:9: branch_false: ...to here
shadow-4.18.0/src/chfn.c:455:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chfn.c:467:14: branch_false: ...to here
shadow-4.18.0/src/chfn.c:468:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chfn.c:479:9: branch_false: ...to here
shadow-4.18.0/src/chfn.c:486:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chfn.c:496:13: branch_false: ...to here
shadow-4.18.0/src/chfn.c:496:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chfn.c:497:17: branch_true: ...to here
shadow-4.18.0/src/chfn.c:498:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chfn.c:498:17: branch_true: ...to here
shadow-4.18.0/src/chfn.c:498:17: acquire_memory: allocated here
shadow-4.18.0/src/chfn.c:498:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chfn.c:498:17: branch_true: ...to here
shadow-4.18.0/src/chfn.c:498:17: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/chfn.c:498:17: danger: ‘saved_locale’ leaks here; was allocated at [(15)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/14)
#  496|   	if (pw_close () == 0) {
#  497|   		fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, pw_dbname ());
#  498|-> 		SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
#  499|   		fail_exit (E_NOPERM);
#  500|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def221]
shadow-4.18.0/src/chfn.c:503:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chfn.c:437:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chfn.c:442:9: branch_false: ...to here
shadow-4.18.0/src/chfn.c:448:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chfn.c:454:9: branch_false: ...to here
shadow-4.18.0/src/chfn.c:455:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chfn.c:467:14: branch_false: ...to here
shadow-4.18.0/src/chfn.c:468:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chfn.c:479:9: branch_false: ...to here
shadow-4.18.0/src/chfn.c:486:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chfn.c:496:13: branch_false: ...to here
shadow-4.18.0/src/chfn.c:496:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chfn.c:501:13: branch_false: ...to here
shadow-4.18.0/src/chfn.c:501:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chfn.c:502:17: branch_true: ...to here
shadow-4.18.0/src/chfn.c:503:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chfn.c:503:17: branch_true: ...to here
shadow-4.18.0/src/chfn.c:503:17: acquire_memory: allocated here
shadow-4.18.0/src/chfn.c:503:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chfn.c:503:17: branch_true: ...to here
shadow-4.18.0/src/chfn.c:503:17: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/chfn.c:503:17: danger: ‘saved_locale’ leaks here; was allocated at [(17)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/16)
#  501|   	if (pw_unlock () == 0) {
#  502|   		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
#  503|-> 		SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
#  504|   		/* continue */
#  505|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def222]
shadow-4.18.0/src/chfn.c:671:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chfn.c:653:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chfn.c:666:22: branch_false: ...to here
shadow-4.18.0/src/chfn.c:667:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chfn.c:669:34: branch_true: ...to here
shadow-4.18.0/src/chfn.c:671:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chfn.c:671:25: branch_true: ...to here
shadow-4.18.0/src/chfn.c:671:25: acquire_memory: allocated here
shadow-4.18.0/src/chfn.c:671:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chfn.c:671:25: branch_true: ...to here
shadow-4.18.0/src/chfn.c:671:25: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/chfn.c:671:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/6)
#  669|   			         _("%s: Cannot determine your user name.\n"),
#  670|   			         Prog);
#  671|-> 			SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)",
#  672|   			         (unsigned long) getuid ()));
#  673|   			fail_exit (E_NOPERM);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def223]
shadow-4.18.0/src/chgpasswd.c:87:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chgpasswd.c:84:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chgpasswd.c:85:21: branch_true: ...to here
shadow-4.18.0/src/chgpasswd.c:85:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chgpasswd.c:86:25: branch_true: ...to here
shadow-4.18.0/src/chgpasswd.c:87:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chgpasswd.c:87:25: branch_true: ...to here
shadow-4.18.0/src/chgpasswd.c:87:25: acquire_memory: allocated here
shadow-4.18.0/src/chgpasswd.c:87:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chgpasswd.c:87:25: branch_true: ...to here
shadow-4.18.0/src/chgpasswd.c:87:25: throw: if ‘gr_dbname’ throws an exception...
shadow-4.18.0/src/chgpasswd.c:87:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6)
#   85|   		if (gr_unlock () == 0) {
#   86|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
#   87|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
#   88|   			/* continue */
#   89|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def224]
shadow-4.18.0/src/chgpasswd.c:96:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chgpasswd.c:93:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chgpasswd.c:94:21: branch_true: ...to here
shadow-4.18.0/src/chgpasswd.c:94:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chgpasswd.c:95:25: branch_true: ...to here
shadow-4.18.0/src/chgpasswd.c:96:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chgpasswd.c:96:25: branch_true: ...to here
shadow-4.18.0/src/chgpasswd.c:96:25: acquire_memory: allocated here
shadow-4.18.0/src/chgpasswd.c:96:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chgpasswd.c:96:25: branch_true: ...to here
shadow-4.18.0/src/chgpasswd.c:96:25: throw: if ‘sgr_dbname’ throws an exception...
shadow-4.18.0/src/chgpasswd.c:96:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/6)
#   94|   		if (sgr_unlock () == 0) {
#   95|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
#   96|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
#   97|   			/* continue */
#   98|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def225]
shadow-4.18.0/src/chgpasswd.c:388:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chgpasswd.c:383:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chgpasswd.c:384:21: branch_true: ...to here
shadow-4.18.0/src/chgpasswd.c:384:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chgpasswd.c:385:25: branch_true: ...to here
shadow-4.18.0/src/chgpasswd.c:388:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chgpasswd.c:388:25: branch_true: ...to here
shadow-4.18.0/src/chgpasswd.c:388:25: acquire_memory: allocated here
shadow-4.18.0/src/chgpasswd.c:388:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chgpasswd.c:388:25: branch_true: ...to here
shadow-4.18.0/src/chgpasswd.c:388:25: throw: if ‘sgr_dbname’ throws an exception...
shadow-4.18.0/src/chgpasswd.c:388:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/6)
#  386|   			         _("%s: failure while writing changes to %s\n"),
#  387|   			         Prog, sgr_dbname ());
#  388|-> 			SYSLOG ((LOG_ERR, "failure while writing changes to %s", sgr_dbname ()));
#  389|   			fail_exit (1);
#  390|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def226]
shadow-4.18.0/src/chgpasswd.c:393:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chgpasswd.c:383:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chgpasswd.c:384:21: branch_true: ...to here
shadow-4.18.0/src/chgpasswd.c:384:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chgpasswd.c:391:21: branch_false: ...to here
shadow-4.18.0/src/chgpasswd.c:391:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chgpasswd.c:392:25: branch_true: ...to here
shadow-4.18.0/src/chgpasswd.c:393:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chgpasswd.c:393:25: branch_true: ...to here
shadow-4.18.0/src/chgpasswd.c:393:25: acquire_memory: allocated here
shadow-4.18.0/src/chgpasswd.c:393:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chgpasswd.c:393:25: branch_true: ...to here
shadow-4.18.0/src/chgpasswd.c:393:25: throw: if ‘sgr_dbname’ throws an exception...
shadow-4.18.0/src/chgpasswd.c:393:25: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/8)
#  391|   		if (sgr_unlock () == 0) {
#  392|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
#  393|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
#  394|   			/* continue */
#  395|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def227]
shadow-4.18.0/src/chgpasswd.c:404:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chgpasswd.c:400:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chgpasswd.c:401:17: branch_true: ...to here
shadow-4.18.0/src/chgpasswd.c:404:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chgpasswd.c:404:17: branch_true: ...to here
shadow-4.18.0/src/chgpasswd.c:404:17: acquire_memory: allocated here
shadow-4.18.0/src/chgpasswd.c:404:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chgpasswd.c:404:17: branch_true: ...to here
shadow-4.18.0/src/chgpasswd.c:404:17: throw: if ‘gr_dbname’ throws an exception...
shadow-4.18.0/src/chgpasswd.c:404:17: danger: ‘saved_locale’ leaks here; was allocated at [(5)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/4)
#  402|   		         _("%s: failure while writing changes to %s\n"),
#  403|   		         Prog, gr_dbname ());
#  404|-> 		SYSLOG ((LOG_ERR, "failure while writing changes to %s", gr_dbname ()));
#  405|   		fail_exit (1);
#  406|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def228]
shadow-4.18.0/src/chgpasswd.c:409:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chgpasswd.c:400:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chgpasswd.c:407:13: branch_false: ...to here
shadow-4.18.0/src/chgpasswd.c:407:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chgpasswd.c:408:17: branch_true: ...to here
shadow-4.18.0/src/chgpasswd.c:409:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chgpasswd.c:409:17: branch_true: ...to here
shadow-4.18.0/src/chgpasswd.c:409:17: acquire_memory: allocated here
shadow-4.18.0/src/chgpasswd.c:409:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chgpasswd.c:409:17: branch_true: ...to here
shadow-4.18.0/src/chgpasswd.c:409:17: throw: if ‘gr_dbname’ throws an exception...
shadow-4.18.0/src/chgpasswd.c:409:17: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/6)
#  407|   	if (gr_unlock () == 0) {
#  408|   		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
#  409|-> 		SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
#  410|   		/* continue */
#  411|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def229]
shadow-4.18.0/src/chpasswd.c:86:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chpasswd.c:338:13: enter_function: entry to ‘open_files’
shadow-4.18.0/src/chpasswd.c:344:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chpasswd.c:345:17: branch_true: ...to here
shadow-4.18.0/src/chpasswd.c:348:17: call_function: calling ‘fail_exit’ from ‘open_files’
#   84|   		if (pw_unlock () == 0) {
#   85|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
#   86|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
#   87|   			/* continue */
#   88|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def230]
shadow-4.18.0/src/chpasswd.c:94:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chpasswd.c:338:13: enter_function: entry to ‘open_files’
shadow-4.18.0/src/chpasswd.c:344:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chpasswd.c:345:17: branch_true: ...to here
shadow-4.18.0/src/chpasswd.c:348:17: call_function: calling ‘fail_exit’ from ‘open_files’
#   92|   		if (spw_unlock () == 0) {
#   93|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
#   94|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
#   95|   			/* continue */
#   96|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def231]
shadow-4.18.0/src/chpasswd.c:385:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chpasswd.c:380:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chpasswd.c:381:21: branch_true: ...to here
shadow-4.18.0/src/chpasswd.c:381:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chpasswd.c:382:25: branch_true: ...to here
shadow-4.18.0/src/chpasswd.c:385:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chpasswd.c:385:25: branch_true: ...to here
shadow-4.18.0/src/chpasswd.c:385:25: acquire_memory: allocated here
shadow-4.18.0/src/chpasswd.c:385:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chpasswd.c:385:25: branch_true: ...to here
shadow-4.18.0/src/chpasswd.c:385:25: throw: if ‘spw_dbname’ throws an exception...
shadow-4.18.0/src/chpasswd.c:385:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/6)
#  383|   			         _("%s: failure while writing changes to %s\n"),
#  384|   			         Prog, spw_dbname ());
#  385|-> 			SYSLOG ((LOG_ERR, "failure while writing changes to %s", spw_dbname ()));
#  386|   			fail_exit (1);
#  387|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def232]
shadow-4.18.0/src/chpasswd.c:390:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chpasswd.c:380:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chpasswd.c:381:21: branch_true: ...to here
shadow-4.18.0/src/chpasswd.c:381:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chpasswd.c:388:21: branch_false: ...to here
shadow-4.18.0/src/chpasswd.c:388:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chpasswd.c:389:25: branch_true: ...to here
shadow-4.18.0/src/chpasswd.c:390:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chpasswd.c:390:25: branch_true: ...to here
shadow-4.18.0/src/chpasswd.c:390:25: acquire_memory: allocated here
shadow-4.18.0/src/chpasswd.c:390:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chpasswd.c:390:25: branch_true: ...to here
shadow-4.18.0/src/chpasswd.c:390:25: throw: if ‘spw_dbname’ throws an exception...
shadow-4.18.0/src/chpasswd.c:390:25: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/8)
#  388|   		if (spw_unlock () == 0) {
#  389|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
#  390|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
#  391|   			/* continue */
#  392|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def233]
shadow-4.18.0/src/chpasswd.c:400:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chpasswd.c:396:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chpasswd.c:397:17: branch_true: ...to here
shadow-4.18.0/src/chpasswd.c:400:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chpasswd.c:400:17: branch_true: ...to here
shadow-4.18.0/src/chpasswd.c:400:17: acquire_memory: allocated here
shadow-4.18.0/src/chpasswd.c:400:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chpasswd.c:400:17: branch_true: ...to here
shadow-4.18.0/src/chpasswd.c:400:17: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/chpasswd.c:400:17: danger: ‘saved_locale’ leaks here; was allocated at [(5)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/4)
#  398|   		         _("%s: failure while writing changes to %s\n"),
#  399|   		         Prog, pw_dbname ());
#  400|-> 		SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
#  401|   		fail_exit (1);
#  402|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def234]
shadow-4.18.0/src/chpasswd.c:405:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chpasswd.c:396:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chpasswd.c:403:13: branch_false: ...to here
shadow-4.18.0/src/chpasswd.c:403:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chpasswd.c:404:17: branch_true: ...to here
shadow-4.18.0/src/chpasswd.c:405:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chpasswd.c:405:17: branch_true: ...to here
shadow-4.18.0/src/chpasswd.c:405:17: acquire_memory: allocated here
shadow-4.18.0/src/chpasswd.c:405:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chpasswd.c:405:17: branch_true: ...to here
shadow-4.18.0/src/chpasswd.c:405:17: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/chpasswd.c:405:17: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/6)
#  403|   	if (pw_unlock () == 0) {
#  404|   		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
#  405|-> 		SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
#  406|   		/* continue */
#  407|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def235]
shadow-4.18.0/src/chsh.c:83:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chsh.c:80:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chsh.c:81:21: branch_true: ...to here
shadow-4.18.0/src/chsh.c:81:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chsh.c:82:25: branch_true: ...to here
shadow-4.18.0/src/chsh.c:83:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chsh.c:83:25: branch_true: ...to here
shadow-4.18.0/src/chsh.c:83:25: acquire_memory: allocated here
shadow-4.18.0/src/chsh.c:83:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chsh.c:83:25: branch_true: ...to here
shadow-4.18.0/src/chsh.c:83:25: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/chsh.c:83:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/6)
#   81|   		if (pw_unlock () == 0) {
#   82|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
#   83|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
#   84|   			/* continue */
#   85|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def236]
shadow-4.18.0/src/chsh.c:279:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chsh.c:278:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chsh.c:278:24: branch_false: ...to here
shadow-4.18.0/src/chsh.c:278:13: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chsh.c:279:17: branch_true: ...to here
shadow-4.18.0/src/chsh.c:279:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chsh.c:279:17: branch_true: ...to here
shadow-4.18.0/src/chsh.c:279:17: acquire_memory: allocated here
shadow-4.18.0/src/chsh.c:279:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chsh.c:279:17: branch_true: ...to here
shadow-4.18.0/src/chsh.c:279:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/chsh.c:279:17: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/6)
#  277|   	 */
#  278|   	if (!amroot && pw->pw_uid != getuid ()) {
#  279|-> 		SYSLOG ((LOG_WARN, "can't change shell for '%s'", pw->pw_name));
#  280|   		fprintf (stderr,
#  281|   		         _("You may not change the shell for '%s'.\n"),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def237]
shadow-4.18.0/src/chsh.c:291:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chsh.c:278:13: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chsh.c:290:13: branch_false: ...to here
shadow-4.18.0/src/chsh.c:290:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chsh.c:291:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chsh.c:291:17: branch_true: ...to here
shadow-4.18.0/src/chsh.c:291:17: acquire_memory: allocated here
shadow-4.18.0/src/chsh.c:291:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chsh.c:291:17: branch_true: ...to here
shadow-4.18.0/src/chsh.c:291:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/chsh.c:291:17: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/6)
#  289|   	 */
#  290|   	if (!amroot && is_restricted_shell (pw->pw_shell)) {
#  291|-> 		SYSLOG ((LOG_WARN, "can't change shell for '%s'", pw->pw_name));
#  292|   		fprintf (stderr,
#  293|   		         _("You may not change the shell for '%s'.\n"),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def238]
shadow-4.18.0/src/chsh.c:304:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chsh.c:302:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chsh.c:303:17: branch_true: ...to here
shadow-4.18.0/src/chsh.c:302:13: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chsh.c:304:17: branch_true: ...to here
shadow-4.18.0/src/chsh.c:304:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chsh.c:304:17: branch_true: ...to here
shadow-4.18.0/src/chsh.c:304:17: acquire_memory: allocated here
shadow-4.18.0/src/chsh.c:304:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chsh.c:304:17: branch_true: ...to here
shadow-4.18.0/src/chsh.c:304:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/chsh.c:304:17: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/6)
#  302|   	if ((pw->pw_uid != getuid ())
#  303|   	    && (check_selinux_permit(Prog) != 0)) {
#  304|-> 		SYSLOG ((LOG_WARN, "can't change shell for '%s'", pw->pw_name));
#  305|   		fprintf (stderr,
#  306|   		         _("You may not change the shell for '%s'.\n"),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def239]
shadow-4.18.0/src/chsh.c:345:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chsh.c:325:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chsh.c:332:35: branch_false: ...to here
shadow-4.18.0/src/chsh.c:345:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chsh.c:345:17: branch_true: ...to here
shadow-4.18.0/src/chsh.c:345:17: acquire_memory: allocated here
shadow-4.18.0/src/chsh.c:345:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chsh.c:345:17: branch_true: ...to here
shadow-4.18.0/src/chsh.c:345:17: throw: if ‘pam_strerror’ throws an exception...
shadow-4.18.0/src/chsh.c:345:17: danger: ‘saved_locale’ leaks here; was allocated at [(5)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/4)
#  343|   		fprintf (stderr, _("%s: PAM: %s\n"),
#  344|   		         Prog, pam_strerror (pamh, retval));
#  345|-> 		SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
#  346|   		if (NULL != pamh) {
#  347|   			(void) pam_end (pamh, retval);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def240]
shadow-4.18.0/src/chsh.c:374:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chsh.c:373:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chsh.c:374:17: branch_true: ...to here
shadow-4.18.0/src/chsh.c:374:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chsh.c:374:17: branch_true: ...to here
shadow-4.18.0/src/chsh.c:374:17: acquire_memory: allocated here
shadow-4.18.0/src/chsh.c:374:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chsh.c:374:17: branch_true: ...to here
shadow-4.18.0/src/chsh.c:374:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/chsh.c:374:17: danger: ‘saved_locale’ leaks here; was allocated at [(5)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/4)
#  372|   	 */
#  373|   	if (setuid (0) != 0) {
#  374|-> 		SYSLOG ((LOG_ERR, "can't setuid(0)"));
#  375|   		fputs (_("Cannot change ID to root.\n"), stderr);
#  376|   		fail_exit (1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def241]
shadow-4.18.0/src/chsh.c:392:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chsh.c:373:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chsh.c:378:9: branch_false: ...to here
shadow-4.18.0/src/chsh.c:384:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chsh.c:389:9: branch_false: ...to here
shadow-4.18.0/src/chsh.c:390:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chsh.c:391:17: branch_true: ...to here
shadow-4.18.0/src/chsh.c:392:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chsh.c:392:17: branch_true: ...to here
shadow-4.18.0/src/chsh.c:392:17: acquire_memory: allocated here
shadow-4.18.0/src/chsh.c:392:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chsh.c:392:17: branch_true: ...to here
shadow-4.18.0/src/chsh.c:392:17: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/chsh.c:392:17: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/8)
#  390|   	if (pw_open (O_CREAT | O_RDWR) == 0) {
#  391|   		fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ());
#  392|-> 		SYSLOG ((LOG_WARN, "cannot open %s", pw_dbname ()));
#  393|   		fail_exit (1);
#  394|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def242]
shadow-4.18.0/src/chsh.c:433:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chsh.c:373:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chsh.c:378:9: branch_false: ...to here
shadow-4.18.0/src/chsh.c:384:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chsh.c:389:9: branch_false: ...to here
shadow-4.18.0/src/chsh.c:390:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chsh.c:402:14: branch_false: ...to here
shadow-4.18.0/src/chsh.c:403:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chsh.c:414:9: branch_false: ...to here
shadow-4.18.0/src/chsh.c:421:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chsh.c:431:13: branch_false: ...to here
shadow-4.18.0/src/chsh.c:431:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chsh.c:432:17: branch_true: ...to here
shadow-4.18.0/src/chsh.c:433:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chsh.c:433:17: branch_true: ...to here
shadow-4.18.0/src/chsh.c:433:17: acquire_memory: allocated here
shadow-4.18.0/src/chsh.c:433:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chsh.c:433:17: branch_true: ...to here
shadow-4.18.0/src/chsh.c:433:17: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/chsh.c:433:17: danger: ‘saved_locale’ leaks here; was allocated at [(15)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/14)
#  431|   	if (pw_close () == 0) {
#  432|   		fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, pw_dbname ());
#  433|-> 		SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
#  434|   		fail_exit (1);
#  435|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def243]
shadow-4.18.0/src/chsh.c:438:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chsh.c:373:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chsh.c:378:9: branch_false: ...to here
shadow-4.18.0/src/chsh.c:384:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chsh.c:389:9: branch_false: ...to here
shadow-4.18.0/src/chsh.c:390:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chsh.c:402:14: branch_false: ...to here
shadow-4.18.0/src/chsh.c:403:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chsh.c:414:9: branch_false: ...to here
shadow-4.18.0/src/chsh.c:421:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chsh.c:431:13: branch_false: ...to here
shadow-4.18.0/src/chsh.c:431:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chsh.c:436:13: branch_false: ...to here
shadow-4.18.0/src/chsh.c:436:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chsh.c:437:17: branch_true: ...to here
shadow-4.18.0/src/chsh.c:438:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chsh.c:438:17: branch_true: ...to here
shadow-4.18.0/src/chsh.c:438:17: acquire_memory: allocated here
shadow-4.18.0/src/chsh.c:438:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chsh.c:438:17: branch_true: ...to here
shadow-4.18.0/src/chsh.c:438:17: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/chsh.c:438:17: danger: ‘saved_locale’ leaks here; was allocated at [(17)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/16)
#  436|   	if (pw_unlock () == 0) {
#  437|   		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
#  438|-> 		SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
#  439|   		/* continue */
#  440|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def244]
shadow-4.18.0/src/chsh.c:499:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/chsh.c:450:5: enter_function: entry to ‘main’
shadow-4.18.0/src/chsh.c:475:9: call_function: calling ‘process_flags’ from ‘main’
shadow-4.18.0/src/chsh.c:475:9: return_function: returning to ‘main’ from ‘process_flags’
shadow-4.18.0/src/chsh.c:481:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/chsh.c:494:22: branch_false: ...to here
shadow-4.18.0/src/chsh.c:495:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/chsh.c:497:34: branch_true: ...to here
shadow-4.18.0/src/chsh.c:499:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/chsh.c:499:25: branch_true: ...to here
shadow-4.18.0/src/chsh.c:499:25: acquire_memory: allocated here
shadow-4.18.0/src/chsh.c:499:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/chsh.c:499:25: branch_true: ...to here
shadow-4.18.0/src/chsh.c:499:25: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/chsh.c:499:25: danger: ‘saved_locale’ leaks here; was allocated at [(13)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/12)
#  497|   			         _("%s: Cannot determine your user name.\n"),
#  498|   			         Prog);
#  499|-> 			SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)",
#  500|   			         (unsigned long) getuid ()));
#  501|   			fail_exit (1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def245]
shadow-4.18.0/src/expiry.c:161:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/expiry.c:123:5: enter_function: entry to ‘main’
shadow-4.18.0/src/expiry.c:152:9: call_function: calling ‘process_flags’ from ‘main’
shadow-4.18.0/src/expiry.c:152:9: return_function: returning to ‘main’ from ‘process_flags’
shadow-4.18.0/src/expiry.c:158:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/expiry.c:159:34: branch_true: ...to here
shadow-4.18.0/src/expiry.c:161:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/expiry.c:161:17: branch_true: ...to here
shadow-4.18.0/src/expiry.c:161:17: acquire_memory: allocated here
shadow-4.18.0/src/expiry.c:161:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/expiry.c:161:17: branch_true: ...to here
shadow-4.18.0/src/expiry.c:161:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/expiry.c:161:17: danger: ‘saved_locale’ leaks here; was allocated at [(13)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/12)
#  159|   		fprintf (stderr, _("%s: Cannot determine your user name.\n"),
#  160|   		         Prog);
#  161|-> 		SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)",
#  162|   		         (unsigned long) getuid ()));
#  163|   		exit (10);

Error: CPPCHECK_WARNING (CWE-908): [#def246]
shadow-4.18.0/src/faillog.c:677: error[useClosedFile]: Used file that is not opened.
#  675|   			         _("%s: Failed to write %s: %s\n"),
#  676|   			         Prog, FAILLOG_FILE, strerror (errno));
#  677|-> 			(void) fclose (fail);
#  678|   			errors = true;
#  679|   		}

Error: COMPILER_WARNING (CWE-252): [#def247]
shadow-4.18.0/src/gpasswd.c: scope_hint: In function ‘catch_signals’
shadow-4.18.0/src/gpasswd.c:162:24: warning[-Wunused-result]: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’
#  162 |                 (void) write (STDOUT_FILENO, "\n", 1);
#      |                        ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  160|   
#  161|   	if (0 != killed) {
#  162|-> 		(void) write (STDOUT_FILENO, "\n", 1);
#  163|   		_exit (killed);
#  164|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def248]
shadow-4.18.0/src/gpasswd.c:192:21: warning[-Wanalyzer-malloc-leak]: leak of ‘tmpusers’
shadow-4.18.0/src/gpasswd.c:175:13: enter_function: entry to ‘is_valid_user_list’
shadow-4.18.0/src/gpasswd.c:180:26: call_function: calling ‘xstrdup’ from ‘is_valid_user_list’
shadow-4.18.0/src/gpasswd.c:180:26: return_function: returning to ‘is_valid_user_list’ from ‘xstrdup’
shadow-4.18.0/src/gpasswd.c:182:16: branch_true: following ‘true’ branch...
shadow-4.18.0/src/gpasswd.c:182:37: call_function: inlined call to ‘streq’ from ‘is_valid_user_list’
shadow-4.18.0/src/gpasswd.c:182:16: branch_true: following ‘true’ branch...
shadow-4.18.0/src/gpasswd.c:185:21: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:192:21: throw: if ‘getpwnam’ throws an exception...
shadow-4.18.0/src/gpasswd.c:192:21: danger: ‘tmpusers’ leaks here; was allocated at [(5)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/4)
#  190|   
#  191|   		/* local, no need for xgetpwnam */
#  192|-> 		if (getpwnam(u) == NULL) {
#  193|   			fprintf (stderr, _("%s: user '%s' does not exist\n"),
#  194|   			         Prog, u);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def249]
shadow-4.18.0/src/gpasswd.c:362:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/gpasswd.c:336:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:342:9: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:358:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/gpasswd.c:359:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:362:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:362:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:362:17: acquire_memory: allocated here
shadow-4.18.0/src/gpasswd.c:362:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:362:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:362:17: throw: if ‘gr_dbname’ throws an exception...
shadow-4.18.0/src/gpasswd.c:362:17: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/6)
#  360|   		         _("%s: cannot open %s\n"),
#  361|   		         Prog, gr_dbname ());
#  362|-> 		SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ()));
#  363|   		exit (E_NOPERM);
#  364|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def250]
shadow-4.18.0/src/gpasswd.c:372:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/gpasswd.c:336:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:342:9: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:346:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:352:17: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:358:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:367:13: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:367:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/gpasswd.c:368:21: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:368:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/gpasswd.c:369:25: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:372:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:372:25: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:372:25: acquire_memory: allocated here
shadow-4.18.0/src/gpasswd.c:372:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:372:25: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:372:25: throw: if ‘sgr_dbname’ throws an exception...
shadow-4.18.0/src/gpasswd.c:372:25: danger: ‘saved_locale’ leaks here; was allocated at [(13)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/12)
#  370|   			         _("%s: cannot open %s\n"),
#  371|   			         Prog, sgr_dbname ());
#  372|-> 			SYSLOG ((LOG_WARN, "cannot open %s", sgr_dbname ()));
#  373|   			exit (E_NOPERM);
#  374|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def251]
shadow-4.18.0/src/gpasswd.c:386:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/gpasswd.c:385:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/gpasswd.c:386:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:386:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:386:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:386:17: acquire_memory: allocated here
shadow-4.18.0/src/gpasswd.c:386:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:386:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:386:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/gpasswd.c:386:17: danger: ‘saved_locale’ leaks here; was allocated at [(5)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/4)
#  384|   {
#  385|   	if (aflg) {
#  386|-> 		SYSLOG ((LOG_ERR,
#  387|   		         "%s failed to add user %s to group %s%s",
#  388|   		         myname, user, group, suffix));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def252]
shadow-4.18.0/src/gpasswd.c:396:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/gpasswd.c:385:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:395:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:395:19: branch_true: following ‘true’ branch...
shadow-4.18.0/src/gpasswd.c:396:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:396:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:396:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:396:17: acquire_memory: allocated here
shadow-4.18.0/src/gpasswd.c:396:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:396:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:396:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/gpasswd.c:396:17: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/6)
#  394|   #endif
#  395|   	} else if (dflg) {
#  396|-> 		SYSLOG ((LOG_ERR,
#  397|   		         "%s failed to remove user %s from group %s%s",
#  398|   		         myname, user, group, suffix));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def253]
shadow-4.18.0/src/gpasswd.c:406:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/gpasswd.c:385:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:395:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:395:19: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:405:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:405:19: branch_true: following ‘true’ branch...
shadow-4.18.0/src/gpasswd.c:406:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:406:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:406:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:406:17: acquire_memory: allocated here
shadow-4.18.0/src/gpasswd.c:406:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:406:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:406:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/gpasswd.c:406:17: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/8)
#  404|   #endif
#  405|   	} else if (rflg) {
#  406|-> 		SYSLOG ((LOG_ERR,
#  407|   		         "%s failed to remove password of group %s%s",
#  408|   		         myname, group, suffix));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def254]
shadow-4.18.0/src/gpasswd.c:416:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/gpasswd.c:385:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:395:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:395:19: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:405:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:405:19: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:415:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:415:19: branch_true: following ‘true’ branch...
shadow-4.18.0/src/gpasswd.c:416:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:416:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:416:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:416:17: acquire_memory: allocated here
shadow-4.18.0/src/gpasswd.c:416:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:416:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:416:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/gpasswd.c:416:17: danger: ‘saved_locale’ leaks here; was allocated at [(11)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/10)
#  414|   #endif
#  415|   	} else if (Rflg) {
#  416|-> 		SYSLOG ((LOG_ERR,
#  417|   		         "%s failed to restrict access to group %s%s",
#  418|   		         myname, group, suffix));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def255]
shadow-4.18.0/src/gpasswd.c:428:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/gpasswd.c:385:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:395:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:395:19: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:405:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:405:19: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:415:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:415:19: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:425:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:427:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/gpasswd.c:428:25: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:428:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:428:25: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:428:25: acquire_memory: allocated here
shadow-4.18.0/src/gpasswd.c:428:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:428:25: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:428:25: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/gpasswd.c:428:25: danger: ‘saved_locale’ leaks here; was allocated at [(13)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/12)
#  426|   #ifdef SHADOWGRP
#  427|   		if (Aflg) {
#  428|-> 			SYSLOG ((LOG_ERR,
#  429|   			         "%s failed to set the administrators of group %s to %s%s",
#  430|   			         myname, group, admins, suffix));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def256]
shadow-4.18.0/src/gpasswd.c:440:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/gpasswd.c:385:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:395:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:395:19: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:405:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:405:19: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:415:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:415:19: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:425:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:425:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/gpasswd.c:427:20: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:439:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/gpasswd.c:440:25: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:440:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:440:25: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:440:25: acquire_memory: allocated here
shadow-4.18.0/src/gpasswd.c:440:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:440:25: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:440:25: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/gpasswd.c:440:25: danger: ‘saved_locale’ leaks here; was allocated at [(15)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/14)
#  438|   #endif				/* SHADOWGRP */
#  439|   		if (Mflg) {
#  440|-> 			SYSLOG ((LOG_ERR,
#  441|   			         "%s failed to set the members of group %s to %s%s",
#  442|   			         myname, group, members, suffix));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def257]
shadow-4.18.0/src/gpasswd.c:451:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/gpasswd.c:385:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:395:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:395:19: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:405:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:405:19: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:415:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:415:19: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:425:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:425:19: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:451:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:451:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:451:17: acquire_memory: allocated here
shadow-4.18.0/src/gpasswd.c:451:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:451:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:451:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/gpasswd.c:451:17: danger: ‘saved_locale’ leaks here; was allocated at [(13)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/12)
#  449|   		}
#  450|   	} else {
#  451|-> 		SYSLOG ((LOG_ERR,
#  452|   		         "%s failed to change password of group %s%s",
#  453|   		         myname, group, suffix));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def258]
shadow-4.18.0/src/gpasswd.c:493:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/gpasswd.c:492:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/gpasswd.c:493:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:493:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:493:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:493:17: acquire_memory: allocated here
shadow-4.18.0/src/gpasswd.c:493:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:493:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:493:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/gpasswd.c:493:17: danger: ‘saved_locale’ leaks here; was allocated at [(5)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/4)
#  491|   
#  492|   	if (aflg) {
#  493|-> 		SYSLOG ((LOG_INFO,
#  494|   		         "user %s added by %s to group %s%s",
#  495|   		         user, myname, group, suffix));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def259]
shadow-4.18.0/src/gpasswd.c:503:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/gpasswd.c:492:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:502:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:502:19: branch_true: following ‘true’ branch...
shadow-4.18.0/src/gpasswd.c:503:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:503:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:503:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:503:17: acquire_memory: allocated here
shadow-4.18.0/src/gpasswd.c:503:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:503:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:503:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/gpasswd.c:503:17: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/6)
#  501|   #endif
#  502|   	} else if (dflg) {
#  503|-> 		SYSLOG ((LOG_INFO,
#  504|   		         "user %s removed by %s from group %s%s",
#  505|   		         user, myname, group, suffix));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def260]
shadow-4.18.0/src/gpasswd.c:513:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/gpasswd.c:492:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:502:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:502:19: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:512:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:512:19: branch_true: following ‘true’ branch...
shadow-4.18.0/src/gpasswd.c:513:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:513:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:513:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:513:17: acquire_memory: allocated here
shadow-4.18.0/src/gpasswd.c:513:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:513:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:513:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/gpasswd.c:513:17: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/8)
#  511|   #endif
#  512|   	} else if (rflg) {
#  513|-> 		SYSLOG ((LOG_INFO,
#  514|   		         "password of group %s removed by %s%s",
#  515|   		         group, myname, suffix));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def261]
shadow-4.18.0/src/gpasswd.c:525:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/gpasswd.c:492:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:502:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:502:19: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:512:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:512:19: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:524:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:524:19: branch_true: following ‘true’ branch...
shadow-4.18.0/src/gpasswd.c:525:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:525:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:525:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:525:17: acquire_memory: allocated here
shadow-4.18.0/src/gpasswd.c:525:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:525:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:525:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/gpasswd.c:525:17: danger: ‘saved_locale’ leaks here; was allocated at [(11)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/10)
#  523|   #endif
#  524|   	} else if (Rflg) {
#  525|-> 		SYSLOG ((LOG_INFO,
#  526|   		         "access to group %s restricted by %s%s",
#  527|   		         group, myname, suffix));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def262]
shadow-4.18.0/src/gpasswd.c:539:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/gpasswd.c:492:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:502:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:502:19: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:512:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:512:19: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:524:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:524:19: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:536:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:538:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/gpasswd.c:539:25: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:539:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:539:25: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:539:25: acquire_memory: allocated here
shadow-4.18.0/src/gpasswd.c:539:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:539:25: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:539:25: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/gpasswd.c:539:25: danger: ‘saved_locale’ leaks here; was allocated at [(13)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/12)
#  537|   #ifdef SHADOWGRP
#  538|   		if (Aflg) {
#  539|-> 			SYSLOG ((LOG_INFO,
#  540|   			         "administrators of group %s set by %s to %s%s",
#  541|   			         group, myname, admins, suffix));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def263]
shadow-4.18.0/src/gpasswd.c:551:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/gpasswd.c:492:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:502:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:502:19: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:512:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:512:19: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:524:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:524:19: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:536:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:536:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/gpasswd.c:538:20: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:550:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/gpasswd.c:551:25: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:551:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:551:25: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:551:25: acquire_memory: allocated here
shadow-4.18.0/src/gpasswd.c:551:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:551:25: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:551:25: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/gpasswd.c:551:25: danger: ‘saved_locale’ leaks here; was allocated at [(15)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/14)
#  549|   #endif				/* SHADOWGRP */
#  550|   		if (Mflg) {
#  551|-> 			SYSLOG ((LOG_INFO,
#  552|   			         "members of group %s set by %s to %s%s",
#  553|   			         group, myname, members, suffix));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def264]
shadow-4.18.0/src/gpasswd.c:562:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/gpasswd.c:492:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:502:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:502:19: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:512:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:512:19: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:524:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:524:19: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:536:20: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:536:19: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:562:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:562:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:562:17: acquire_memory: allocated here
shadow-4.18.0/src/gpasswd.c:562:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:562:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:562:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/gpasswd.c:562:17: danger: ‘saved_locale’ leaks here; was allocated at [(13)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/12)
#  560|   		}
#  561|   	} else {
#  562|-> 		SYSLOG ((LOG_INFO,
#  563|   		         "password of group %s changed by %s%s",
#  564|   		         group, myname, suffix));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def265]
shadow-4.18.0/src/gpasswd.c:710:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/gpasswd.c:708:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/gpasswd.c:709:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:710:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:710:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:710:17: acquire_memory: allocated here
shadow-4.18.0/src/gpasswd.c:710:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:710:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:710:17: throw: if ‘gr_dbname’ throws an exception...
shadow-4.18.0/src/gpasswd.c:710:17: danger: ‘saved_locale’ leaks here; was allocated at [(5)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/4)
#  708|   	if (gr_open (O_RDONLY) == 0) {
#  709|   		fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
#  710|-> 		SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ()));
#  711|   		exit (E_NOPERM);
#  712|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def266]
shadow-4.18.0/src/gpasswd.c:724:34: warning[-Wanalyzer-malloc-leak]: leak of ‘xreallocarray(0, strlen(str) + 1, 1)’
shadow-4.18.0/src/gpasswd.c:698:13: enter_function: entry to ‘get_group’
shadow-4.18.0/src/gpasswd.c:708:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:714:17: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:715:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:722:9: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:723:23: call_function: calling ‘xstrdup’ from ‘get_group’
shadow-4.18.0/src/gpasswd.c:723:23: return_function: returning to ‘get_group’ from ‘xstrdup’
shadow-4.18.0/src/gpasswd.c:724:25: call_function: calling ‘xstrdup’ from ‘get_group’
#  722|   	*gr = *tmpgr;
#  723|   	gr->gr_name = xstrdup (tmpgr->gr_name);
#  724|-> 	gr->gr_passwd = xstrdup (tmpgr->gr_passwd);
#  725|   	gr->gr_mem = dup_list (tmpgr->gr_mem);
#  726|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def267]
shadow-4.18.0/src/gpasswd.c:731:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/gpasswd.c:708:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:714:17: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:715:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:722:9: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:727:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/gpasswd.c:728:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:731:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:731:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:731:17: acquire_memory: allocated here
shadow-4.18.0/src/gpasswd.c:731:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:731:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:731:17: throw: if ‘gr_dbname’ throws an exception...
shadow-4.18.0/src/gpasswd.c:731:17: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/8)
#  729|   		         _("%s: failure while closing read-only %s\n"),
#  730|   		         Prog, gr_dbname ());
#  731|-> 		SYSLOG ((LOG_ERR,
#  732|   		         "failure while closing read-only %s",
#  733|   		         gr_dbname ()));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def268]
shadow-4.18.0/src/gpasswd.c:743:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/gpasswd.c:708:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:714:17: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:715:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:722:9: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:727:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:738:13: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:738:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/gpasswd.c:739:21: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:739:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/gpasswd.c:740:25: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:743:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:743:25: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:743:25: acquire_memory: allocated here
shadow-4.18.0/src/gpasswd.c:743:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:743:25: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:743:25: throw: if ‘sgr_dbname’ throws an exception...
shadow-4.18.0/src/gpasswd.c:743:25: danger: ‘saved_locale’ leaks here; was allocated at [(13)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/12)
#  741|   			         _("%s: cannot open %s\n"),
#  742|   			         Prog, sgr_dbname ());
#  743|-> 			SYSLOG ((LOG_WARN, "cannot open %s", sgr_dbname ()));
#  744|   			exit (E_NOPERM);
#  745|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def269]
shadow-4.18.0/src/gpasswd.c:750:50: warning[-Wanalyzer-malloc-leak]: leak of ‘xreallocarray(0, strlen(str) + 1, 1)’
shadow-4.18.0/src/gpasswd.c:698:13: enter_function: entry to ‘get_group’
shadow-4.18.0/src/gpasswd.c:708:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:714:17: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:715:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:722:9: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:723:23: call_function: calling ‘xstrdup’ from ‘get_group’
shadow-4.18.0/src/gpasswd.c:723:23: return_function: returning to ‘get_group’ from ‘xstrdup’
shadow-4.18.0/src/gpasswd.c:724:25: call_function: calling ‘xstrdup’ from ‘get_group’
shadow-4.18.0/src/gpasswd.c:724:25: return_function: returning to ‘get_group’ from ‘xstrdup’
shadow-4.18.0/src/gpasswd.c:727:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:738:13: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:738:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/gpasswd.c:739:21: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:739:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:746:25: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:747:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/gpasswd.c:748:25: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:749:39: call_function: calling ‘xstrdup’ from ‘get_group’
shadow-4.18.0/src/gpasswd.c:749:39: return_function: returning to ‘get_group’ from ‘xstrdup’
shadow-4.18.0/src/gpasswd.c:750:41: call_function: calling ‘xstrdup’ from ‘get_group’
#  748|   			*sg = *tmpsg;
#  749|   			sg->sg_namp = xstrdup (tmpsg->sg_namp);
#  750|-> 			sg->sg_passwd = xstrdup (tmpsg->sg_passwd);
#  751|   
#  752|   			sg->sg_mem = dup_list (tmpsg->sg_mem);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def270]
shadow-4.18.0/src/gpasswd.c:762:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘xreallocarray(0, 1, 8)’
shadow-4.18.0/src/gpasswd.c:698:13: enter_function: entry to ‘get_group’
shadow-4.18.0/src/gpasswd.c:708:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:714:17: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:715:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:722:9: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:727:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:738:13: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:738:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/gpasswd.c:739:21: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:739:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:746:25: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:747:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:755:39: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:761:38: call_function: inlined call to ‘xmallocarray’ from ‘get_group’
shadow-4.18.0/src/gpasswd.c:762:25: danger: ‘xreallocarray(0, 1, 8)’ could be NULL: unchecked value from [(15)](sarif:/runs/0/results/29/codeFlows/0/threadFlows/0/locations/14)
#  760|   
#  761|   			sg->sg_adm = XMALLOC(1, char *);
#  762|-> 			sg->sg_adm[0] = NULL;
#  763|   
#  764|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def271]
shadow-4.18.0/src/gpasswd.c:769:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/gpasswd.c:708:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:714:17: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:715:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:722:9: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:727:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:738:13: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:738:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/gpasswd.c:739:21: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:739:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:746:25: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:765:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/gpasswd.c:766:25: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:769:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:769:25: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:769:25: acquire_memory: allocated here
shadow-4.18.0/src/gpasswd.c:769:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:769:25: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:769:25: throw: if ‘sgr_dbname’ throws an exception...
shadow-4.18.0/src/gpasswd.c:769:25: danger: ‘saved_locale’ leaks here; was allocated at [(15)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/14)
#  767|   			         _("%s: failure while closing read-only %s\n"),
#  768|   			         Prog, sgr_dbname ());
#  769|-> 			SYSLOG ((LOG_ERR,
#  770|   			         "failure while closing read-only %s",
#  771|   			         sgr_dbname ()));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def272]
shadow-4.18.0/src/gpasswd.c:820:25: warning[-Wanalyzer-malloc-leak]: leak of ‘agetpass(dcgettext(0, "Re-enter new password: ", 5))’
shadow-4.18.0/src/gpasswd.c:787:13: enter_function: entry to ‘change_passwd’
shadow-4.18.0/src/gpasswd.c:805:27: branch_true: following ‘true’ branch (when ‘retries != 3’)...
shadow-4.18.0/src/gpasswd.c:806:32: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:807:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:811:17: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:811:17: call_function: calling ‘strtcpy’ from ‘change_passwd’
shadow-4.18.0/src/gpasswd.c:811:17: return_function: returning to ‘change_passwd’ from ‘strtcpy’
shadow-4.18.0/src/gpasswd.c:813:22: acquire_memory: allocated here
shadow-4.18.0/src/gpasswd.c:814:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:819:21: call_function: inlined call to ‘streq’ from ‘change_passwd’
shadow-4.18.0/src/gpasswd.c:820:25: danger: ‘agetpass(dcgettext(0, "Re-enter new password: ", 5))’ leaks here; was allocated at [(11)](sarif:/runs/0/results/32/codeFlows/0/threadFlows/0/locations/10)
#  818|   
#  819|   		if (streq(pass, cp)) {
#  820|-> 			erase_pass (cp);
#  821|   			break;
#  822|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def273]
shadow-4.18.0/src/gpasswd.c:824:17: warning[-Wanalyzer-malloc-leak]: leak of ‘agetpass(dcgettext(0, "Re-enter new password: ", 5))’
shadow-4.18.0/src/gpasswd.c:787:13: enter_function: entry to ‘change_passwd’
shadow-4.18.0/src/gpasswd.c:805:27: branch_true: following ‘true’ branch (when ‘retries != 3’)...
shadow-4.18.0/src/gpasswd.c:806:32: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:807:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:811:17: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:811:17: call_function: calling ‘strtcpy’ from ‘change_passwd’
shadow-4.18.0/src/gpasswd.c:811:17: return_function: returning to ‘change_passwd’ from ‘strtcpy’
shadow-4.18.0/src/gpasswd.c:813:22: acquire_memory: allocated here
shadow-4.18.0/src/gpasswd.c:814:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/gpasswd.c:819:21: call_function: inlined call to ‘streq’ from ‘change_passwd’
shadow-4.18.0/src/gpasswd.c:819:20: branch_false: following ‘false’ branch (when the strings are non-equal)...
shadow-4.18.0/src/gpasswd.c:824:17: branch_false: ...to here
shadow-4.18.0/src/gpasswd.c:824:17: danger: ‘agetpass(dcgettext(0, "Re-enter new password: ", 5))’ leaks here; was allocated at [(11)](sarif:/runs/0/results/33/codeFlows/0/threadFlows/0/locations/10)
#  822|   		}
#  823|   
#  824|-> 		erase_pass (cp);
#  825|   		MEMZERO(pass);
#  826|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def274]
shadow-4.18.0/src/gpasswd.c:910:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/gpasswd.c:907:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/gpasswd.c:908:34: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:910:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:910:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:910:17: acquire_memory: allocated here
shadow-4.18.0/src/gpasswd.c:910:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/gpasswd.c:910:17: branch_true: ...to here
shadow-4.18.0/src/gpasswd.c:910:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/gpasswd.c:910:17: danger: ‘saved_locale’ leaks here; was allocated at [(5)](sarif:/runs/0/results/34/codeFlows/0/threadFlows/0/locations/4)
#  908|   		fprintf (stderr, _("%s: Cannot determine your user name.\n"),
#  909|   		         Prog);
#  910|-> 		SYSLOG ((LOG_WARN,
#  911|   		         "Cannot determine the user name of the caller (UID %lu)",
#  912|   		         (unsigned long) getuid ()));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def275]
shadow-4.18.0/src/groupadd.c:288:9: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/groupadd.c:277:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupadd.c:284:9: branch_false: ...to here
shadow-4.18.0/src/groupadd.c:288:9: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/groupadd.c:288:9: branch_true: ...to here
shadow-4.18.0/src/groupadd.c:288:9: acquire_memory: allocated here
shadow-4.18.0/src/groupadd.c:288:9: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/groupadd.c:288:9: branch_true: ...to here
shadow-4.18.0/src/groupadd.c:288:9: throw: if ‘gr_dbname’ throws an exception...
shadow-4.18.0/src/groupadd.c:288:9: danger: ‘saved_locale’ leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  286|   	              group_name, group_id, SHADOW_AUDIT_SUCCESS);
#  287|   #endif
#  288|-> 	SYSLOG ((LOG_INFO, "group added to %s: name=%s, GID=%u",
#  289|   	         gr_dbname (), group_name, (unsigned int) group_id));
#  290|   	del_cleanup (cleanup_report_add_group_group);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def276]
shadow-4.18.0/src/groupadd.c:309:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/groupadd.c:277:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupadd.c:284:9: branch_false: ...to here
shadow-4.18.0/src/groupadd.c:288:9: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/groupadd.c:290:9: branch_false: ...to here
shadow-4.18.0/src/groupadd.c:297:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupadd.c:298:21: branch_true: ...to here
shadow-4.18.0/src/groupadd.c:298:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupadd.c:305:17: branch_false: ...to here
shadow-4.18.0/src/groupadd.c:309:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/groupadd.c:309:17: branch_true: ...to here
shadow-4.18.0/src/groupadd.c:309:17: acquire_memory: allocated here
shadow-4.18.0/src/groupadd.c:309:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/groupadd.c:309:17: branch_true: ...to here
shadow-4.18.0/src/groupadd.c:309:17: throw: if ‘sgr_dbname’ throws an exception...
shadow-4.18.0/src/groupadd.c:309:17: danger: ‘saved_locale’ leaks here; was allocated at [(11)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/10)
#  307|   		              group_name, group_id, SHADOW_AUDIT_SUCCESS);
#  308|   #endif
#  309|-> 		SYSLOG ((LOG_INFO, "group added to %s: name=%s",
#  310|   		         sgr_dbname (), group_name));
#  311|   		del_cleanup (cleanup_report_add_group_gshadow);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def277]
shadow-4.18.0/src/groupadd.c:319:9: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/groupadd.c:277:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupadd.c:284:9: branch_false: ...to here
shadow-4.18.0/src/groupadd.c:288:9: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/groupadd.c:290:9: branch_false: ...to here
shadow-4.18.0/src/groupadd.c:319:9: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/groupadd.c:319:9: branch_true: ...to here
shadow-4.18.0/src/groupadd.c:319:9: acquire_memory: allocated here
shadow-4.18.0/src/groupadd.c:319:9: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/groupadd.c:319:9: branch_true: ...to here
shadow-4.18.0/src/groupadd.c:319:9: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/groupadd.c:319:9: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/6)
#  317|   
#  318|   	/* Report success at the system level */
#  319|-> 	SYSLOG ((LOG_INFO, "new group: name=%s, GID=%u",
#  320|   	         group_name, (unsigned int) group_id));
#  321|   	del_cleanup (cleanup_report_add_group);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def278]
shadow-4.18.0/src/groupadd.c:361:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/groupadd.c:332:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupadd.c:338:9: branch_false: ...to here
shadow-4.18.0/src/groupadd.c:359:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupadd.c:360:94: branch_true: ...to here
shadow-4.18.0/src/groupadd.c:361:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/groupadd.c:361:17: branch_true: ...to here
shadow-4.18.0/src/groupadd.c:361:17: acquire_memory: allocated here
shadow-4.18.0/src/groupadd.c:361:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/groupadd.c:361:17: branch_true: ...to here
shadow-4.18.0/src/groupadd.c:361:17: throw: if ‘gr_dbname’ throws an exception...
shadow-4.18.0/src/groupadd.c:361:17: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/6)
#  359|   	if (gr_open (O_CREAT | O_RDWR) == 0) {
#  360|   		fprintf (stderr, _("%s: cannot open %s: %s\n"), Prog, gr_dbname (), strerror(errno));
#  361|-> 		SYSLOG ((LOG_WARN, "cannot open %s: %s", gr_dbname (), strerror(errno)));
#  362|   		fail_exit (E_GRP_UPDATE);
#  363|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def279]
shadow-4.18.0/src/groupadd.c:371:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/groupadd.c:332:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupadd.c:338:9: branch_false: ...to here
shadow-4.18.0/src/groupadd.c:342:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupadd.c:348:17: branch_false: ...to here
shadow-4.18.0/src/groupadd.c:359:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupadd.c:366:13: branch_false: ...to here
shadow-4.18.0/src/groupadd.c:366:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupadd.c:367:21: branch_true: ...to here
shadow-4.18.0/src/groupadd.c:367:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupadd.c:370:64: branch_true: ...to here
shadow-4.18.0/src/groupadd.c:371:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/groupadd.c:371:25: branch_true: ...to here
shadow-4.18.0/src/groupadd.c:371:25: acquire_memory: allocated here
shadow-4.18.0/src/groupadd.c:371:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/groupadd.c:371:25: branch_true: ...to here
shadow-4.18.0/src/groupadd.c:371:25: throw: if ‘sgr_dbname’ throws an exception...
shadow-4.18.0/src/groupadd.c:371:25: danger: ‘saved_locale’ leaks here; was allocated at [(13)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/12)
#  369|   			         _("%s: cannot open %s: %s\n"),
#  370|   			         Prog, sgr_dbname (), strerror(errno));
#  371|-> 			SYSLOG ((LOG_WARN, "cannot open %s: %s", sgr_dbname (), strerror(errno)));
#  372|   			fail_exit (E_GRP_UPDATE);
#  373|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def280]
shadow-4.18.0/src/groupdel.c:164:9: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/groupdel.c:152:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupdel.c:160:9: branch_false: ...to here
shadow-4.18.0/src/groupdel.c:164:9: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/groupdel.c:164:9: branch_true: ...to here
shadow-4.18.0/src/groupdel.c:164:9: acquire_memory: allocated here
shadow-4.18.0/src/groupdel.c:164:9: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/groupdel.c:164:9: branch_true: ...to here
shadow-4.18.0/src/groupdel.c:164:9: throw: if ‘gr_dbname’ throws an exception...
shadow-4.18.0/src/groupdel.c:164:9: danger: ‘saved_locale’ leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  162|   	              group_name, group_id, SHADOW_AUDIT_SUCCESS);
#  163|   #endif
#  164|-> 	SYSLOG ((LOG_INFO,
#  165|   	         "group '%s' removed from %s",
#  166|   	         group_name, gr_dbname ()));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def281]
shadow-4.18.0/src/groupdel.c:188:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/groupdel.c:152:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupdel.c:160:9: branch_false: ...to here
shadow-4.18.0/src/groupdel.c:164:9: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/groupdel.c:167:9: branch_false: ...to here
shadow-4.18.0/src/groupdel.c:175:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupdel.c:176:21: branch_true: ...to here
shadow-4.18.0/src/groupdel.c:176:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupdel.c:184:17: branch_false: ...to here
shadow-4.18.0/src/groupdel.c:188:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/groupdel.c:188:17: branch_true: ...to here
shadow-4.18.0/src/groupdel.c:188:17: acquire_memory: allocated here
shadow-4.18.0/src/groupdel.c:188:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/groupdel.c:188:17: branch_true: ...to here
shadow-4.18.0/src/groupdel.c:188:17: throw: if ‘sgr_dbname’ throws an exception...
shadow-4.18.0/src/groupdel.c:188:17: danger: ‘saved_locale’ leaks here; was allocated at [(11)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/10)
#  186|   		              group_name, group_id, SHADOW_AUDIT_SUCCESS);
#  187|   #endif
#  188|-> 		SYSLOG ((LOG_INFO,
#  189|   		         "group '%s' removed from %s",
#  190|   		         group_name, sgr_dbname ()));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def282]
shadow-4.18.0/src/groupdel.c:198:9: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/groupdel.c:152:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupdel.c:160:9: branch_false: ...to here
shadow-4.18.0/src/groupdel.c:164:9: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/groupdel.c:167:9: branch_false: ...to here
shadow-4.18.0/src/groupdel.c:198:9: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/groupdel.c:198:9: branch_true: ...to here
shadow-4.18.0/src/groupdel.c:198:9: acquire_memory: allocated here
shadow-4.18.0/src/groupdel.c:198:9: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/groupdel.c:198:9: branch_true: ...to here
shadow-4.18.0/src/groupdel.c:198:9: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/groupdel.c:198:9: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/6)
#  196|   #endif				/* SHADOWGRP */
#  197|   
#  198|-> 	SYSLOG ((LOG_INFO, "group '%s' removed\n", group_name));
#  199|   	del_cleanup (cleanup_report_del_group);
#  200|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def283]
shadow-4.18.0/src/groupdel.c:240:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/groupdel.c:210:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupdel.c:216:9: branch_false: ...to here
shadow-4.18.0/src/groupdel.c:236:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupdel.c:237:17: branch_true: ...to here
shadow-4.18.0/src/groupdel.c:240:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/groupdel.c:240:17: branch_true: ...to here
shadow-4.18.0/src/groupdel.c:240:17: acquire_memory: allocated here
shadow-4.18.0/src/groupdel.c:240:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/groupdel.c:240:17: branch_true: ...to here
shadow-4.18.0/src/groupdel.c:240:17: throw: if ‘gr_dbname’ throws an exception...
shadow-4.18.0/src/groupdel.c:240:17: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/6)
#  238|   		         _("%s: cannot open %s\n"),
#  239|   		         Prog, gr_dbname ());
#  240|-> 		SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ()));
#  241|   		fail_exit (E_GRP_UPDATE);
#  242|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def284]
shadow-4.18.0/src/groupdel.c:249:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/groupdel.c:210:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupdel.c:216:9: branch_false: ...to here
shadow-4.18.0/src/groupdel.c:219:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupdel.c:225:17: branch_false: ...to here
shadow-4.18.0/src/groupdel.c:236:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupdel.c:244:13: branch_false: ...to here
shadow-4.18.0/src/groupdel.c:244:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupdel.c:245:21: branch_true: ...to here
shadow-4.18.0/src/groupdel.c:245:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupdel.c:246:25: branch_true: ...to here
shadow-4.18.0/src/groupdel.c:249:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/groupdel.c:249:25: branch_true: ...to here
shadow-4.18.0/src/groupdel.c:249:25: acquire_memory: allocated here
shadow-4.18.0/src/groupdel.c:249:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/groupdel.c:249:25: branch_true: ...to here
shadow-4.18.0/src/groupdel.c:249:25: throw: if ‘sgr_dbname’ throws an exception...
shadow-4.18.0/src/groupdel.c:249:25: danger: ‘saved_locale’ leaks here; was allocated at [(13)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/12)
#  247|   			         _("%s: cannot open %s\n"),
#  248|   			         Prog, sgr_dbname ());
#  249|-> 			SYSLOG ((LOG_WARN, "cannot open %s", sgr_dbname ()));
#  250|   			fail_exit (E_GRP_UPDATE);
#  251|   		}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def285]
shadow-4.18.0/src/groupmems.c:276:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘xreallocarray(0, 1, 8)’
shadow-4.18.0/src/groupmems.c:252:13: enter_function: entry to ‘purge_members’
shadow-4.18.0/src/groupmems.c:256:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupmems.c:264:9: branch_false: ...to here
shadow-4.18.0/src/groupmems.c:267:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmems.c:268:53: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:271:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmems.c:274:51: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:275:41: call_function: inlined call to ‘xmallocarray’ from ‘purge_members’
shadow-4.18.0/src/groupmems.c:276:25: danger: ‘xreallocarray(0, 1, 8)’ could be NULL: unchecked value from [(9)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/8)
#  274|   			sgrent.sg_namp = xstrdup (newgrp->gr_name);
#  275|   			sgrent.sg_mem = XMALLOC(1, char *);
#  276|-> 			sgrent.sg_mem[0] = NULL;
#  277|   			sgrent.sg_adm = XMALLOC(1, char *);
#  278|   			sgrent.sg_adm[0] = NULL;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def286]
shadow-4.18.0/src/groupmems.c:278:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘xreallocarray(0, 1, 8)’
shadow-4.18.0/src/groupmems.c:252:13: enter_function: entry to ‘purge_members’
shadow-4.18.0/src/groupmems.c:256:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupmems.c:264:9: branch_false: ...to here
shadow-4.18.0/src/groupmems.c:267:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmems.c:268:53: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:271:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmems.c:274:51: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:277:41: call_function: inlined call to ‘xmallocarray’ from ‘purge_members’
shadow-4.18.0/src/groupmems.c:278:25: danger: ‘xreallocarray(0, 1, 8)’ could be NULL: unchecked value from [(9)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/8)
#  276|   			sgrent.sg_mem[0] = NULL;
#  277|   			sgrent.sg_adm = XMALLOC(1, char *);
#  278|-> 			sgrent.sg_adm[0] = NULL;
#  279|   
#  280|   			/* Move any password to gshadow */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def287]
shadow-4.18.0/src/groupmems.c:301:21: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
shadow-4.18.0/src/groupmems.c:252:13: enter_function: entry to ‘purge_members’
shadow-4.18.0/src/groupmems.c:256:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupmems.c:264:9: branch_false: ...to here
shadow-4.18.0/src/groupmems.c:267:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmems.c:268:53: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:271:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmems.c:274:51: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:274:42: call_function: calling ‘xstrdup’ from ‘purge_members’
shadow-4.18.0/src/groupmems.c:274:42: return_function: returning to ‘purge_members’ from ‘xstrdup’
shadow-4.18.0/src/groupmems.c:282:45: call_function: calling ‘xstrdup’ from ‘purge_members’
shadow-4.18.0/src/groupmems.c:282:45: return_function: returning to ‘purge_members’ from ‘xstrdup’
shadow-4.18.0/src/groupmems.c:301:21: throw: if ‘sgr_update’ throws an exception...
shadow-4.18.0/src/groupmems.c:301:21: danger: ‘<unknown>’ leaks here; was allocated at [(17)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/16)
#  299|   		}
#  300|   
#  301|-> 		if (sgr_update (newsg) == 0) {
#  302|   			fprintf (stderr,
#  303|   			         _("%s: failed to prepare the new %s entry '%s'\n"),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def288]
shadow-4.18.0/src/groupmems.c:373:21: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
shadow-4.18.0/src/groupmems.c:359:13: enter_function: entry to ‘process_flags’
shadow-4.18.0/src/groupmems.c:373:16: branch_true: following ‘true’ branch (when ‘c != -1’)...
shadow-4.18.0/src/groupmems.c:375:17: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:385:37: call_function: calling ‘xstrdup’ from ‘process_flags’
shadow-4.18.0/src/groupmems.c:385:37: return_function: returning to ‘process_flags’ from ‘xstrdup’
shadow-4.18.0/src/groupmems.c:373:21: danger: ‘<unknown>’ leaks here; was allocated at [(7)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/6)
#  371|   	};
#  372|   
#  373|-> 	while ((c = getopt_long (argc, argv, "a:d:g:hlpR:",
#  374|   	                         long_options, NULL)) != EOF) {
#  375|   		switch (c) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def289]
shadow-4.18.0/src/groupmems.c:468:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/groupmems.c:463:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmems.c:464:21: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:464:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmems.c:465:25: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:468:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/groupmems.c:468:25: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:468:25: acquire_memory: allocated here
shadow-4.18.0/src/groupmems.c:468:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/groupmems.c:468:25: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:468:25: throw: if ‘gr_dbname’ throws an exception...
shadow-4.18.0/src/groupmems.c:468:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/6)
#  466|   			         _("%s: failed to unlock %s\n"),
#  467|   			         Prog, gr_dbname ());
#  468|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
#  469|   			/* continue */
#  470|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def290]
shadow-4.18.0/src/groupmems.c:479:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/groupmems.c:474:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmems.c:475:21: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:475:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmems.c:476:25: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:479:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/groupmems.c:479:25: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:479:25: acquire_memory: allocated here
shadow-4.18.0/src/groupmems.c:479:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/groupmems.c:479:25: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:479:25: throw: if ‘sgr_dbname’ throws an exception...
shadow-4.18.0/src/groupmems.c:479:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/6)
#  477|   			         _("%s: failed to unlock %s\n"),
#  478|   			         Prog, sgr_dbname ());
#  479|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
#  480|   			/* continue */
#  481|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def291]
shadow-4.18.0/src/groupmems.c:531:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/groupmems.c:529:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmems.c:529:35: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:529:13: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupmems.c:530:17: branch_false: ...to here
shadow-4.18.0/src/groupmems.c:531:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/groupmems.c:531:17: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:531:17: acquire_memory: allocated here
shadow-4.18.0/src/groupmems.c:531:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/groupmems.c:531:17: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:531:17: throw: if ‘gr_dbname’ throws an exception...
shadow-4.18.0/src/groupmems.c:531:17: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/6)
#  529|   	if ((gr_close () == 0) && !list) {
#  530|   		fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, gr_dbname ());
#  531|-> 		SYSLOG ((LOG_ERR, "failure while writing changes to %s", gr_dbname ()));
#  532|   		fail_exit (EXIT_GROUP_FILE);
#  533|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def292]
shadow-4.18.0/src/groupmems.c:537:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/groupmems.c:534:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmems.c:535:21: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:535:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmems.c:536:25: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:537:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/groupmems.c:537:25: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:537:25: acquire_memory: allocated here
shadow-4.18.0/src/groupmems.c:537:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/groupmems.c:537:25: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:537:25: throw: if ‘gr_dbname’ throws an exception...
shadow-4.18.0/src/groupmems.c:537:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/6)
#  535|   		if (gr_unlock () == 0) {
#  536|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
#  537|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
#  538|   			/* continue */
#  539|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def293]
shadow-4.18.0/src/groupmems.c:547:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/groupmems.c:544:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmems.c:545:22: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:545:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmems.c:545:44: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:545:21: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupmems.c:546:25: branch_false: ...to here
shadow-4.18.0/src/groupmems.c:547:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/groupmems.c:547:25: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:547:25: acquire_memory: allocated here
shadow-4.18.0/src/groupmems.c:547:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/groupmems.c:547:25: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:547:25: throw: if ‘sgr_dbname’ throws an exception...
shadow-4.18.0/src/groupmems.c:547:25: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/8)
#  545|   		if ((sgr_close () == 0) && !list) {
#  546|   			fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, sgr_dbname ());
#  547|-> 			SYSLOG ((LOG_ERR, "failure while writing changes to %s", sgr_dbname ()));
#  548|   			fail_exit (EXIT_GROUP_FILE);
#  549|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def294]
shadow-4.18.0/src/groupmems.c:553:33: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/groupmems.c:544:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmems.c:545:22: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:550:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmems.c:551:29: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:551:28: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmems.c:552:33: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:553:33: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/groupmems.c:553:33: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:553:33: acquire_memory: allocated here
shadow-4.18.0/src/groupmems.c:553:33: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/groupmems.c:553:33: branch_true: ...to here
shadow-4.18.0/src/groupmems.c:553:33: throw: if ‘sgr_dbname’ throws an exception...
shadow-4.18.0/src/groupmems.c:553:33: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/8)
#  551|   			if (sgr_unlock () == 0) {
#  552|   				fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
#  553|-> 				SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
#  554|   				/* continue */
#  555|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def295]
shadow-4.18.0/src/groupmod.c:192:17: warning[-Wanalyzer-malloc-leak]: leak of ‘sgrp.sg_passwd’
shadow-4.18.0/src/groupmod.c:203:1: enter_function: entry to ‘grp_update’
shadow-4.18.0/src/groupmod.c:217:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupmod.c:223:9: branch_false: ...to here
shadow-4.18.0/src/groupmod.c:224:9: call_function: calling ‘new_grent’ from ‘grp_update’
shadow-4.18.0/src/groupmod.c:224:9: return_function: returning to ‘grp_update’ from ‘new_grent’
shadow-4.18.0/src/groupmod.c:226:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmod.c:227:17: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:229:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupmod.c:232:31: branch_false: ...to here
shadow-4.18.0/src/groupmod.c:232:27: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmod.c:233:37: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:232:31: branch_true: following ‘true’ branch (when the strings are equal)...
shadow-4.18.0/src/groupmod.c:240:25: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:241:42: call_function: calling ‘xstrdup’ from ‘grp_update’
shadow-4.18.0/src/groupmod.c:241:42: return_function: returning to ‘grp_update’ from ‘xstrdup’
shadow-4.18.0/src/groupmod.c:242:42: call_function: calling ‘xstrdup’ from ‘grp_update’
shadow-4.18.0/src/groupmod.c:242:42: return_function: returning to ‘grp_update’ from ‘xstrdup’
shadow-4.18.0/src/groupmod.c:245:25: call_function: calling ‘new_sgent’ from ‘grp_update’
#  190|   	 */
#  191|   	if (pflg) {
#  192|-> 		sgent->sg_passwd = group_passwd;
#  193|   	}
#  194|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def296]
shadow-4.18.0/src/groupmod.c:242:51: warning[-Wanalyzer-malloc-leak]: leak of ‘xreallocarray(0, strlen(str) + 1, 1)’
shadow-4.18.0/src/groupmod.c:203:1: enter_function: entry to ‘grp_update’
shadow-4.18.0/src/groupmod.c:217:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupmod.c:223:9: branch_false: ...to here
shadow-4.18.0/src/groupmod.c:224:9: call_function: calling ‘new_grent’ from ‘grp_update’
shadow-4.18.0/src/groupmod.c:224:9: return_function: returning to ‘grp_update’ from ‘new_grent’
shadow-4.18.0/src/groupmod.c:226:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmod.c:227:17: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:229:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupmod.c:232:31: branch_false: ...to here
shadow-4.18.0/src/groupmod.c:232:27: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmod.c:233:37: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:232:31: branch_true: following ‘true’ branch (when the strings are equal)...
shadow-4.18.0/src/groupmod.c:240:25: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:241:42: call_function: calling ‘xstrdup’ from ‘grp_update’
shadow-4.18.0/src/groupmod.c:241:42: return_function: returning to ‘grp_update’ from ‘xstrdup’
shadow-4.18.0/src/groupmod.c:242:42: call_function: calling ‘xstrdup’ from ‘grp_update’
#  240|   			bzero(&sgrp, sizeof sgrp);
#  241|   			sgrp.sg_namp   = xstrdup (grp.gr_name);
#  242|-> 			sgrp.sg_passwd = xstrdup (grp.gr_passwd);
#  243|   			sgrp.sg_adm    = &empty;
#  244|   			sgrp.sg_mem    = dup_list (grp.gr_mem);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def297]
shadow-4.18.0/src/groupmod.c:244:42: warning[-Wanalyzer-malloc-leak]: leak of ‘sgrp.sg_passwd’
shadow-4.18.0/src/groupmod.c:203:1: enter_function: entry to ‘grp_update’
shadow-4.18.0/src/groupmod.c:217:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupmod.c:223:9: branch_false: ...to here
shadow-4.18.0/src/groupmod.c:224:9: call_function: calling ‘new_grent’ from ‘grp_update’
shadow-4.18.0/src/groupmod.c:224:9: return_function: returning to ‘grp_update’ from ‘new_grent’
shadow-4.18.0/src/groupmod.c:226:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmod.c:227:17: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:229:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupmod.c:232:31: branch_false: ...to here
shadow-4.18.0/src/groupmod.c:232:27: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmod.c:233:37: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:232:31: branch_true: following ‘true’ branch (when the strings are equal)...
shadow-4.18.0/src/groupmod.c:240:25: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:241:42: call_function: calling ‘xstrdup’ from ‘grp_update’
shadow-4.18.0/src/groupmod.c:241:42: return_function: returning to ‘grp_update’ from ‘xstrdup’
shadow-4.18.0/src/groupmod.c:242:42: call_function: calling ‘xstrdup’ from ‘grp_update’
shadow-4.18.0/src/groupmod.c:242:42: return_function: returning to ‘grp_update’ from ‘xstrdup’
shadow-4.18.0/src/groupmod.c:244:42: throw: if ‘dup_list’ throws an exception...
shadow-4.18.0/src/groupmod.c:244:42: danger: ‘sgrp.sg_passwd’ leaks here; was allocated at [(26)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/25)
#  242|   			sgrp.sg_passwd = xstrdup (grp.gr_passwd);
#  243|   			sgrp.sg_adm    = &empty;
#  244|-> 			sgrp.sg_mem    = dup_list (grp.gr_mem);
#  245|   			new_sgent (&sgrp);
#  246|   			osgrp = &sgrp; /* entry needs to be committed */

Error: GCC_ANALYZER_WARNING (CWE-476): [#def298]
shadow-4.18.0/src/groupmod.c:261:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘xreallocarray(0, 1, 8)’
shadow-4.18.0/src/groupmod.c:203:1: enter_function: entry to ‘grp_update’
shadow-4.18.0/src/groupmod.c:217:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupmod.c:223:9: branch_false: ...to here
shadow-4.18.0/src/groupmod.c:224:9: call_function: calling ‘new_grent’ from ‘grp_update’
shadow-4.18.0/src/groupmod.c:224:9: return_function: returning to ‘grp_update’ from ‘new_grent’
shadow-4.18.0/src/groupmod.c:251:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupmod.c:255:13: branch_false: ...to here
shadow-4.18.0/src/groupmod.c:255:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmod.c:258:21: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:258:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupmod.c:260:38: call_function: inlined call to ‘xmallocarray’ from ‘grp_update’
shadow-4.18.0/src/groupmod.c:261:25: danger: ‘xreallocarray(0, 1, 8)’ could be NULL: unchecked value from [(18)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/17)
#  259|   			// requested to replace the existing groups
#  260|   			grp.gr_mem = XMALLOC(1, char *);
#  261|-> 			grp.gr_mem[0] = NULL;
#  262|   		} else {
#  263|   			// append to existing groups

Error: GCC_ANALYZER_WARNING (CWE-476): [#def299]
shadow-4.18.0/src/groupmod.c:271:33: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘xreallocarray(0, 1, 8)’
shadow-4.18.0/src/groupmod.c:203:1: enter_function: entry to ‘grp_update’
shadow-4.18.0/src/groupmod.c:217:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupmod.c:223:9: branch_false: ...to here
shadow-4.18.0/src/groupmod.c:224:9: call_function: calling ‘new_grent’ from ‘grp_update’
shadow-4.18.0/src/groupmod.c:224:9: return_function: returning to ‘grp_update’ from ‘new_grent’
shadow-4.18.0/src/groupmod.c:226:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmod.c:227:17: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:227:17: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupmod.c:227:30: branch_false: ...to here
shadow-4.18.0/src/groupmod.c:227:16: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmod.c:228:25: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:229:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmod.c:230:25: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:231:25: call_function: calling ‘new_sgent’ from ‘grp_update’
shadow-4.18.0/src/groupmod.c:231:25: return_function: returning to ‘grp_update’ from ‘new_sgent’
shadow-4.18.0/src/groupmod.c:251:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupmod.c:255:13: branch_false: ...to here
shadow-4.18.0/src/groupmod.c:255:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmod.c:258:21: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:268:20: branch_true: following ‘true’ branch (when ‘osgrp’ is non-NULL)...
shadow-4.18.0/src/groupmod.c:269:29: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:269:28: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupmod.c:270:47: call_function: inlined call to ‘xmallocarray’ from ‘grp_update’
shadow-4.18.0/src/groupmod.c:271:33: danger: ‘xreallocarray(0, 1, 8)’ could be NULL: unchecked value from [(35)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/34)
#  269|   			if (!aflg) {
#  270|   				sgrp.sg_mem = XMALLOC(1, char *);
#  271|-> 				sgrp.sg_mem[0] = NULL;
#  272|   			} else {
#  273|   				if (NULL != sgrp.sg_mem[0])

Error: GCC_ANALYZER_WARNING (CWE-401): [#def300]
shadow-4.18.0/src/groupmod.c:496:9: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/groupmod.c:484:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupmod.c:491:9: branch_false: ...to here
shadow-4.18.0/src/groupmod.c:496:9: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/groupmod.c:496:9: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:496:9: acquire_memory: allocated here
shadow-4.18.0/src/groupmod.c:496:9: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/groupmod.c:496:9: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:496:9: throw: if ‘gr_dbname’ throws an exception...
shadow-4.18.0/src/groupmod.c:496:9: danger: ‘saved_locale’ leaks here; was allocated at [(5)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/4)
#  494|   	              SHADOW_AUDIT_SUCCESS);
#  495|   #endif
#  496|-> 	SYSLOG ((LOG_INFO,
#  497|   	         "group changed in %s (%s)",
#  498|   	         gr_dbname (), info_group.action));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def301]
shadow-4.18.0/src/groupmod.c:526:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/groupmod.c:484:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupmod.c:491:9: branch_false: ...to here
shadow-4.18.0/src/groupmod.c:496:9: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/groupmod.c:499:9: branch_false: ...to here
shadow-4.18.0/src/groupmod.c:505:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmod.c:506:17: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:507:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupmod.c:515:21: branch_false: ...to here
shadow-4.18.0/src/groupmod.c:526:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/groupmod.c:526:17: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:526:17: acquire_memory: allocated here
shadow-4.18.0/src/groupmod.c:526:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/groupmod.c:526:17: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:526:17: throw: if ‘sgr_dbname’ throws an exception...
shadow-4.18.0/src/groupmod.c:526:17: danger: ‘saved_locale’ leaks here; was allocated at [(11)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/10)
#  524|   		              SHADOW_AUDIT_SUCCESS);
#  525|   #endif
#  526|-> 		SYSLOG ((LOG_INFO,
#  527|   		         "group changed in %s (%s)",
#  528|   		         sgr_dbname (), info_gshadow.action));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def302]
shadow-4.18.0/src/groupmod.c:549:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/groupmod.c:484:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupmod.c:491:9: branch_false: ...to here
shadow-4.18.0/src/groupmod.c:496:9: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/groupmod.c:499:9: branch_false: ...to here
shadow-4.18.0/src/groupmod.c:536:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmod.c:537:21: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:537:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupmod.c:544:17: branch_false: ...to here
shadow-4.18.0/src/groupmod.c:549:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/groupmod.c:549:17: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:549:17: acquire_memory: allocated here
shadow-4.18.0/src/groupmod.c:549:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/groupmod.c:549:17: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:549:17: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/groupmod.c:549:17: danger: ‘saved_locale’ leaks here; was allocated at [(11)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/10)
#  547|   		              SHADOW_AUDIT_SUCCESS);
#  548|   #endif
#  549|-> 		SYSLOG ((LOG_INFO,
#  550|   		         "group changed in %s (%s)",
#  551|   		         pw_dbname (), info_passwd.action));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def303]
shadow-4.18.0/src/groupmod.c:704:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/groupmod.c:702:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmod.c:703:17: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:704:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/groupmod.c:704:17: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:704:17: acquire_memory: allocated here
shadow-4.18.0/src/groupmod.c:704:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/groupmod.c:704:17: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:704:17: throw: if ‘gr_dbname’ throws an exception...
shadow-4.18.0/src/groupmod.c:704:17: danger: ‘saved_locale’ leaks here; was allocated at [(5)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/4)
#  702|   	if (gr_open (O_CREAT | O_RDWR) == 0) {
#  703|   		fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
#  704|-> 		SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ()));
#  705|   		exit (E_GRP_UPDATE);
#  706|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def304]
shadow-4.18.0/src/groupmod.c:715:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/groupmod.c:702:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupmod.c:709:16: branch_false: ...to here
shadow-4.18.0/src/groupmod.c:709:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmod.c:710:17: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:711:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmod.c:712:25: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:715:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/groupmod.c:715:25: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:715:25: acquire_memory: allocated here
shadow-4.18.0/src/groupmod.c:715:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/groupmod.c:715:25: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:715:25: throw: if ‘sgr_dbname’ throws an exception...
shadow-4.18.0/src/groupmod.c:715:25: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/8)
#  713|   			         _("%s: cannot open %s\n"),
#  714|   			         Prog, sgr_dbname ());
#  715|-> 			SYSLOG ((LOG_WARN, "cannot open %s", sgr_dbname ()));
#  716|   			exit (E_GRP_UPDATE);
#  717|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def305]
shadow-4.18.0/src/groupmod.c:726:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/groupmod.c:702:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/groupmod.c:709:16: branch_false: ...to here
shadow-4.18.0/src/groupmod.c:721:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmod.c:722:21: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:722:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/groupmod.c:723:25: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:726:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/groupmod.c:726:25: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:726:25: acquire_memory: allocated here
shadow-4.18.0/src/groupmod.c:726:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/groupmod.c:726:25: branch_true: ...to here
shadow-4.18.0/src/groupmod.c:726:25: throw: if ‘gr_dbname’ throws an exception...
shadow-4.18.0/src/groupmod.c:726:25: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/8)
#  724|   			         _("%s: cannot open %s\n"),
#  725|   			         Prog, pw_dbname ());
#  726|-> 			SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ()));
#  727|   			exit (E_GRP_UPDATE);
#  728|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def306]
shadow-4.18.0/src/grpck.c:97:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/grpck.c:94:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpck.c:95:21: branch_true: ...to here
shadow-4.18.0/src/grpck.c:95:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpck.c:96:25: branch_true: ...to here
shadow-4.18.0/src/grpck.c:97:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/grpck.c:97:25: branch_true: ...to here
shadow-4.18.0/src/grpck.c:97:25: acquire_memory: allocated here
shadow-4.18.0/src/grpck.c:97:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/grpck.c:97:25: branch_true: ...to here
shadow-4.18.0/src/grpck.c:97:25: throw: if ‘gr_dbname’ throws an exception...
shadow-4.18.0/src/grpck.c:97:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6)
#   95|   		if (gr_unlock () == 0) {
#   96|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
#   97|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
#   98|   			/* continue */
#   99|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def307]
shadow-4.18.0/src/grpck.c:106:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/grpck.c:103:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpck.c:104:21: branch_true: ...to here
shadow-4.18.0/src/grpck.c:104:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpck.c:105:25: branch_true: ...to here
shadow-4.18.0/src/grpck.c:106:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/grpck.c:106:25: branch_true: ...to here
shadow-4.18.0/src/grpck.c:106:25: acquire_memory: allocated here
shadow-4.18.0/src/grpck.c:106:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/grpck.c:106:25: branch_true: ...to here
shadow-4.18.0/src/grpck.c:106:25: throw: if ‘sgr_dbname’ throws an exception...
shadow-4.18.0/src/grpck.c:106:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/6)
#  104|   		if (sgr_unlock () == 0) {
#  105|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
#  106|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
#  107|   			/* continue */
#  108|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def308]
shadow-4.18.0/src/grpck.c:294:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/grpck.c:290:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpck.c:291:17: branch_true: ...to here
shadow-4.18.0/src/grpck.c:293:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpck.c:294:25: branch_true: ...to here
shadow-4.18.0/src/grpck.c:294:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/grpck.c:294:25: branch_true: ...to here
shadow-4.18.0/src/grpck.c:294:25: acquire_memory: allocated here
shadow-4.18.0/src/grpck.c:294:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/grpck.c:294:25: branch_true: ...to here
shadow-4.18.0/src/grpck.c:294:25: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/grpck.c:294:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/6)
#  292|   		         grp_file);
#  293|   		if (use_system_grp_file) {
#  294|-> 			SYSLOG ((LOG_WARN, "cannot open %s", grp_file));
#  295|   		}
#  296|   		fail_exit (E_CANT_OPEN);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def309]
shadow-4.18.0/src/grpck.c:303:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/grpck.c:290:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpck.c:299:13: branch_false: ...to here
shadow-4.18.0/src/grpck.c:299:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpck.c:302:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpck.c:303:25: branch_true: ...to here
shadow-4.18.0/src/grpck.c:303:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/grpck.c:303:25: branch_true: ...to here
shadow-4.18.0/src/grpck.c:303:25: acquire_memory: allocated here
shadow-4.18.0/src/grpck.c:303:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/grpck.c:303:25: branch_true: ...to here
shadow-4.18.0/src/grpck.c:303:25: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/grpck.c:303:25: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/8)
#  301|   		         sgr_file);
#  302|   		if (use_system_sgr_file) {
#  303|-> 			SYSLOG ((LOG_WARN, "cannot open %s", sgr_file));
#  304|   		}
#  305|   		fail_exit (E_CANT_OPEN);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def310]
shadow-4.18.0/src/grpck.c:345:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/grpck.c:342:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpck.c:343:21: branch_true: ...to here
shadow-4.18.0/src/grpck.c:343:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpck.c:344:25: branch_true: ...to here
shadow-4.18.0/src/grpck.c:345:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/grpck.c:345:25: branch_true: ...to here
shadow-4.18.0/src/grpck.c:345:25: acquire_memory: allocated here
shadow-4.18.0/src/grpck.c:345:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/grpck.c:345:25: branch_true: ...to here
shadow-4.18.0/src/grpck.c:345:25: throw: if ‘sgr_dbname’ throws an exception...
shadow-4.18.0/src/grpck.c:345:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/6)
#  343|   		if (sgr_unlock () == 0) {
#  344|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
#  345|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
#  346|   			/* continue */
#  347|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def311]
shadow-4.18.0/src/grpck.c:354:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/grpck.c:351:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpck.c:352:21: branch_true: ...to here
shadow-4.18.0/src/grpck.c:352:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpck.c:353:25: branch_true: ...to here
shadow-4.18.0/src/grpck.c:354:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/grpck.c:354:25: branch_true: ...to here
shadow-4.18.0/src/grpck.c:354:25: acquire_memory: allocated here
shadow-4.18.0/src/grpck.c:354:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/grpck.c:354:25: branch_true: ...to here
shadow-4.18.0/src/grpck.c:354:25: throw: if ‘gr_dbname’ throws an exception...
shadow-4.18.0/src/grpck.c:354:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/6)
#  352|   		if (gr_unlock () == 0) {
#  353|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
#  354|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
#  355|   			/* continue */
#  356|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def312]
shadow-4.18.0/src/grpck.c:410:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/grpck.c:393:21: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpck.c:395:21: branch_true: ...to here
shadow-4.18.0/src/grpck.c:406:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpck.c:410:17: branch_true: ...to here
shadow-4.18.0/src/grpck.c:410:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/grpck.c:410:17: branch_true: ...to here
shadow-4.18.0/src/grpck.c:410:17: acquire_memory: allocated here
shadow-4.18.0/src/grpck.c:410:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/grpck.c:410:17: branch_true: ...to here
shadow-4.18.0/src/grpck.c:410:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/grpck.c:410:17: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/6)
#  408|   		}
#  409|   
#  410|-> 		SYSLOG ((LOG_INFO, fmt_syslog, members[i], groupname));
#  411|   		members_changed = 1;
#  412|   		delete_member (members, members[i]);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def313]
shadow-4.18.0/src/grpck.c:507:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/grpck.c:469:38: branch_true: following ‘true’ branch (when ‘gre’ is non-NULL)...
shadow-4.18.0/src/grpck.c:474:21: branch_true: ...to here
shadow-4.18.0/src/grpck.c:474:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpck.c:483:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpck.c:489:38: branch_true: ...to here
shadow-4.18.0/src/grpck.c:507:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/grpck.c:507:25: branch_true: ...to here
shadow-4.18.0/src/grpck.c:507:25: acquire_memory: allocated here
shadow-4.18.0/src/grpck.c:507:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/grpck.c:507:25: branch_true: ...to here
shadow-4.18.0/src/grpck.c:507:25: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/grpck.c:507:25: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/8)
#  505|   			 */
#  506|   		      delete_gr:
#  507|-> 			SYSLOG ((LOG_INFO, "delete group line '%s'",
#  508|   			         gre->line));
#  509|   			*changed = true;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def314]
shadow-4.18.0/src/grpck.c:710:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/grpck.c:679:39: branch_true: following ‘true’ branch (when ‘sge’ is non-NULL)...
shadow-4.18.0/src/grpck.c:686:29: branch_true: ...to here
shadow-4.18.0/src/grpck.c:686:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpck.c:692:38: branch_true: ...to here
shadow-4.18.0/src/grpck.c:710:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/grpck.c:710:25: branch_true: ...to here
shadow-4.18.0/src/grpck.c:710:25: acquire_memory: allocated here
shadow-4.18.0/src/grpck.c:710:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/grpck.c:710:25: branch_true: ...to here
shadow-4.18.0/src/grpck.c:710:25: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/grpck.c:710:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/6)
#  708|   			 */
#  709|   		      delete_sg:
#  710|-> 			SYSLOG ((LOG_INFO, "delete shadow line '%s'",
#  711|   			         sge->line));
#  712|   			*changed = true;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def315]
shadow-4.18.0/src/grpconv.c:61:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/grpconv.c:58:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpconv.c:59:21: branch_true: ...to here
shadow-4.18.0/src/grpconv.c:59:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpconv.c:60:25: branch_true: ...to here
shadow-4.18.0/src/grpconv.c:61:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/grpconv.c:61:25: branch_true: ...to here
shadow-4.18.0/src/grpconv.c:61:25: acquire_memory: allocated here
shadow-4.18.0/src/grpconv.c:61:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/grpconv.c:61:25: branch_true: ...to here
shadow-4.18.0/src/grpconv.c:61:25: throw: if ‘gr_dbname’ throws an exception...
shadow-4.18.0/src/grpconv.c:61:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6)
#   59|   		if (gr_unlock () == 0) {
#   60|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
#   61|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
#   62|   			/* continue */
#   63|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def316]
shadow-4.18.0/src/grpconv.c:69:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/grpconv.c:126:5: enter_function: entry to ‘main’
shadow-4.18.0/src/grpconv.c:144:9: call_function: calling ‘process_flags’ from ‘main’
shadow-4.18.0/src/grpconv.c:144:9: return_function: returning to ‘main’ from ‘process_flags’
shadow-4.18.0/src/grpconv.c:146:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpconv.c:152:9: branch_false: ...to here
shadow-4.18.0/src/grpconv.c:153:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpconv.c:158:13: branch_false: ...to here
shadow-4.18.0/src/grpconv.c:158:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpconv.c:164:9: branch_false: ...to here
shadow-4.18.0/src/grpconv.c:165:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpconv.c:166:17: branch_true: ...to here
shadow-4.18.0/src/grpconv.c:167:17: call_function: calling ‘fail_exit’ from ‘main’
#   67|   		if (sgr_unlock () == 0) {
#   68|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
#   69|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
#   70|   			/* continue */
#   71|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def317]
shadow-4.18.0/src/grpconv.c:241:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/grpconv.c:126:5: enter_function: entry to ‘main’
shadow-4.18.0/src/grpconv.c:144:9: call_function: calling ‘process_flags’ from ‘main’
shadow-4.18.0/src/grpconv.c:144:9: return_function: returning to ‘main’ from ‘process_flags’
shadow-4.18.0/src/grpconv.c:146:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpconv.c:152:9: branch_false: ...to here
shadow-4.18.0/src/grpconv.c:153:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpconv.c:158:13: branch_false: ...to here
shadow-4.18.0/src/grpconv.c:158:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpconv.c:164:9: branch_false: ...to here
shadow-4.18.0/src/grpconv.c:165:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpconv.c:173:16: branch_false: ...to here
shadow-4.18.0/src/grpconv.c:237:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpconv.c:238:17: branch_true: ...to here
shadow-4.18.0/src/grpconv.c:241:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/grpconv.c:241:17: branch_true: ...to here
shadow-4.18.0/src/grpconv.c:241:17: acquire_memory: allocated here
shadow-4.18.0/src/grpconv.c:241:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/grpconv.c:241:17: branch_true: ...to here
shadow-4.18.0/src/grpconv.c:241:17: throw: if ‘sgr_dbname’ throws an exception...
shadow-4.18.0/src/grpconv.c:241:17: danger: ‘saved_locale’ leaks here; was allocated at [(19)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/18)
#  239|   		         _("%s: failure while writing changes to %s\n"),
#  240|   		         Prog, sgr_dbname ());
#  241|-> 		SYSLOG ((LOG_ERR, "failure while writing changes to %s", sgr_dbname ()));
#  242|   		fail_exit (3);
#  243|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def318]
shadow-4.18.0/src/grpconv.c:248:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/grpconv.c:126:5: enter_function: entry to ‘main’
shadow-4.18.0/src/grpconv.c:144:9: call_function: calling ‘process_flags’ from ‘main’
shadow-4.18.0/src/grpconv.c:144:9: return_function: returning to ‘main’ from ‘process_flags’
shadow-4.18.0/src/grpconv.c:146:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpconv.c:152:9: branch_false: ...to here
shadow-4.18.0/src/grpconv.c:153:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpconv.c:158:13: branch_false: ...to here
shadow-4.18.0/src/grpconv.c:158:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpconv.c:164:9: branch_false: ...to here
shadow-4.18.0/src/grpconv.c:165:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpconv.c:173:16: branch_false: ...to here
shadow-4.18.0/src/grpconv.c:237:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpconv.c:244:13: branch_false: ...to here
shadow-4.18.0/src/grpconv.c:244:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpconv.c:245:17: branch_true: ...to here
shadow-4.18.0/src/grpconv.c:248:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/grpconv.c:248:17: branch_true: ...to here
shadow-4.18.0/src/grpconv.c:248:17: acquire_memory: allocated here
shadow-4.18.0/src/grpconv.c:248:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/grpconv.c:248:17: branch_true: ...to here
shadow-4.18.0/src/grpconv.c:248:17: throw: if ‘gr_dbname’ throws an exception...
shadow-4.18.0/src/grpconv.c:248:17: danger: ‘saved_locale’ leaks here; was allocated at [(21)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/20)
#  246|   		         _("%s: failure while writing changes to %s\n"),
#  247|   		         Prog, gr_dbname ());
#  248|-> 		SYSLOG ((LOG_ERR, "failure while writing changes to %s", gr_dbname ()));
#  249|   		fail_exit (3);
#  250|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def319]
shadow-4.18.0/src/grpconv.c:253:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/grpconv.c:126:5: enter_function: entry to ‘main’
shadow-4.18.0/src/grpconv.c:144:9: call_function: calling ‘process_flags’ from ‘main’
shadow-4.18.0/src/grpconv.c:144:9: return_function: returning to ‘main’ from ‘process_flags’
shadow-4.18.0/src/grpconv.c:146:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpconv.c:152:9: branch_false: ...to here
shadow-4.18.0/src/grpconv.c:153:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpconv.c:158:13: branch_false: ...to here
shadow-4.18.0/src/grpconv.c:158:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpconv.c:164:9: branch_false: ...to here
shadow-4.18.0/src/grpconv.c:165:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpconv.c:173:16: branch_false: ...to here
shadow-4.18.0/src/grpconv.c:237:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpconv.c:244:13: branch_false: ...to here
shadow-4.18.0/src/grpconv.c:244:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpconv.c:251:13: branch_false: ...to here
shadow-4.18.0/src/grpconv.c:251:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpconv.c:252:17: branch_true: ...to here
shadow-4.18.0/src/grpconv.c:253:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/grpconv.c:253:17: branch_true: ...to here
shadow-4.18.0/src/grpconv.c:253:17: acquire_memory: allocated here
shadow-4.18.0/src/grpconv.c:253:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/grpconv.c:253:17: branch_true: ...to here
shadow-4.18.0/src/grpconv.c:253:17: throw: if ‘sgr_dbname’ throws an exception...
shadow-4.18.0/src/grpconv.c:253:17: danger: ‘saved_locale’ leaks here; was allocated at [(23)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/22)
#  251|   	if (sgr_unlock () == 0) {
#  252|   		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
#  253|-> 		SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
#  254|   		/* continue */
#  255|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def320]
shadow-4.18.0/src/grpconv.c:258:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/grpconv.c:126:5: enter_function: entry to ‘main’
shadow-4.18.0/src/grpconv.c:144:9: call_function: calling ‘process_flags’ from ‘main’
shadow-4.18.0/src/grpconv.c:144:9: return_function: returning to ‘main’ from ‘process_flags’
shadow-4.18.0/src/grpconv.c:146:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpconv.c:152:9: branch_false: ...to here
shadow-4.18.0/src/grpconv.c:153:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpconv.c:158:13: branch_false: ...to here
shadow-4.18.0/src/grpconv.c:158:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpconv.c:164:9: branch_false: ...to here
shadow-4.18.0/src/grpconv.c:165:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpconv.c:173:16: branch_false: ...to here
shadow-4.18.0/src/grpconv.c:237:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpconv.c:244:13: branch_false: ...to here
shadow-4.18.0/src/grpconv.c:244:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpconv.c:251:13: branch_false: ...to here
shadow-4.18.0/src/grpconv.c:256:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpconv.c:257:17: branch_true: ...to here
shadow-4.18.0/src/grpconv.c:258:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/grpconv.c:258:17: branch_true: ...to here
shadow-4.18.0/src/grpconv.c:258:17: acquire_memory: allocated here
shadow-4.18.0/src/grpconv.c:258:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/grpconv.c:258:17: branch_true: ...to here
shadow-4.18.0/src/grpconv.c:258:17: throw: if ‘gr_dbname’ throws an exception...
shadow-4.18.0/src/grpconv.c:258:17: danger: ‘saved_locale’ leaks here; was allocated at [(23)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/22)
#  256|   	if (gr_unlock () == 0) {
#  257|   		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
#  258|-> 		SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
#  259|   		/* continue */
#  260|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def321]
shadow-4.18.0/src/grpunconv.c:60:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/grpunconv.c:57:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpunconv.c:58:21: branch_true: ...to here
shadow-4.18.0/src/grpunconv.c:58:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpunconv.c:59:25: branch_true: ...to here
shadow-4.18.0/src/grpunconv.c:60:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/grpunconv.c:60:25: branch_true: ...to here
shadow-4.18.0/src/grpunconv.c:60:25: acquire_memory: allocated here
shadow-4.18.0/src/grpunconv.c:60:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/grpunconv.c:60:25: branch_true: ...to here
shadow-4.18.0/src/grpunconv.c:60:25: throw: if ‘gr_dbname’ throws an exception...
shadow-4.18.0/src/grpunconv.c:60:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6)
#   58|   		if (gr_unlock () == 0) {
#   59|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
#   60|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
#   61|   			/* continue */
#   62|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def322]
shadow-4.18.0/src/grpunconv.c:68:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/grpunconv.c:65:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpunconv.c:66:21: branch_true: ...to here
shadow-4.18.0/src/grpunconv.c:66:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpunconv.c:67:25: branch_true: ...to here
shadow-4.18.0/src/grpunconv.c:68:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/grpunconv.c:68:25: branch_true: ...to here
shadow-4.18.0/src/grpunconv.c:68:25: acquire_memory: allocated here
shadow-4.18.0/src/grpunconv.c:68:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/grpunconv.c:68:25: branch_true: ...to here
shadow-4.18.0/src/grpunconv.c:68:25: throw: if ‘sgr_dbname’ throws an exception...
shadow-4.18.0/src/grpunconv.c:68:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/6)
#   66|   		if (sgr_unlock () == 0) {
#   67|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
#   68|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
#   69|   			/* continue */
#   70|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def323]
shadow-4.18.0/src/grpunconv.c:200:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/grpunconv.c:125:5: enter_function: entry to ‘main’
shadow-4.18.0/src/grpunconv.c:142:9: call_function: calling ‘process_flags’ from ‘main’
shadow-4.18.0/src/grpunconv.c:142:9: return_function: returning to ‘main’ from ‘process_flags’
shadow-4.18.0/src/grpunconv.c:144:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpunconv.c:148:13: branch_true: ...to here
shadow-4.18.0/src/grpunconv.c:148:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpunconv.c:154:9: branch_false: ...to here
shadow-4.18.0/src/grpunconv.c:155:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpunconv.c:161:13: branch_false: ...to here
shadow-4.18.0/src/grpunconv.c:161:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpunconv.c:167:9: branch_false: ...to here
shadow-4.18.0/src/grpunconv.c:168:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpunconv.c:177:16: branch_false: ...to here
shadow-4.18.0/src/grpunconv.c:196:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpunconv.c:197:17: branch_true: ...to here
shadow-4.18.0/src/grpunconv.c:200:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/grpunconv.c:200:17: branch_true: ...to here
shadow-4.18.0/src/grpunconv.c:200:17: acquire_memory: allocated here
shadow-4.18.0/src/grpunconv.c:200:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/grpunconv.c:200:17: branch_true: ...to here
shadow-4.18.0/src/grpunconv.c:200:17: throw: if ‘gr_dbname’ throws an exception...
shadow-4.18.0/src/grpunconv.c:200:17: danger: ‘saved_locale’ leaks here; was allocated at [(21)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/20)
#  198|   		         _("%s: failure while writing changes to %s\n"),
#  199|   		         Prog, gr_dbname ());
#  200|-> 		SYSLOG ((LOG_ERR, "failure while writing changes to %s", gr_dbname ()));
#  201|   		fail_exit (3);
#  202|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def324]
shadow-4.18.0/src/grpunconv.c:208:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/grpunconv.c:125:5: enter_function: entry to ‘main’
shadow-4.18.0/src/grpunconv.c:142:9: call_function: calling ‘process_flags’ from ‘main’
shadow-4.18.0/src/grpunconv.c:142:9: return_function: returning to ‘main’ from ‘process_flags’
shadow-4.18.0/src/grpunconv.c:144:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpunconv.c:148:13: branch_true: ...to here
shadow-4.18.0/src/grpunconv.c:148:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpunconv.c:154:9: branch_false: ...to here
shadow-4.18.0/src/grpunconv.c:155:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpunconv.c:161:13: branch_false: ...to here
shadow-4.18.0/src/grpunconv.c:161:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpunconv.c:167:9: branch_false: ...to here
shadow-4.18.0/src/grpunconv.c:168:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpunconv.c:177:16: branch_false: ...to here
shadow-4.18.0/src/grpunconv.c:196:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpunconv.c:204:13: branch_false: ...to here
shadow-4.18.0/src/grpunconv.c:204:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpunconv.c:206:26: branch_true: ...to here
shadow-4.18.0/src/grpunconv.c:208:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/grpunconv.c:208:17: branch_true: ...to here
shadow-4.18.0/src/grpunconv.c:208:17: acquire_memory: allocated here
shadow-4.18.0/src/grpunconv.c:208:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/grpunconv.c:208:17: branch_true: ...to here
shadow-4.18.0/src/grpunconv.c:208:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/grpunconv.c:208:17: danger: ‘saved_locale’ leaks here; was allocated at [(23)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/22)
#  206|   		         _("%s: cannot delete %s\n"),
#  207|   		         Prog, SGROUP_FILE);
#  208|-> 		SYSLOG ((LOG_ERR, "cannot delete %s", SGROUP_FILE));
#  209|   		fail_exit (3);
#  210|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def325]
shadow-4.18.0/src/grpunconv.c:214:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/grpunconv.c:125:5: enter_function: entry to ‘main’
shadow-4.18.0/src/grpunconv.c:142:9: call_function: calling ‘process_flags’ from ‘main’
shadow-4.18.0/src/grpunconv.c:142:9: return_function: returning to ‘main’ from ‘process_flags’
shadow-4.18.0/src/grpunconv.c:144:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpunconv.c:148:13: branch_true: ...to here
shadow-4.18.0/src/grpunconv.c:148:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpunconv.c:154:9: branch_false: ...to here
shadow-4.18.0/src/grpunconv.c:155:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpunconv.c:161:13: branch_false: ...to here
shadow-4.18.0/src/grpunconv.c:161:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpunconv.c:167:9: branch_false: ...to here
shadow-4.18.0/src/grpunconv.c:168:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpunconv.c:177:16: branch_false: ...to here
shadow-4.18.0/src/grpunconv.c:196:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpunconv.c:204:13: branch_false: ...to here
shadow-4.18.0/src/grpunconv.c:204:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpunconv.c:212:13: branch_false: ...to here
shadow-4.18.0/src/grpunconv.c:212:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpunconv.c:213:17: branch_true: ...to here
shadow-4.18.0/src/grpunconv.c:214:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/grpunconv.c:214:17: branch_true: ...to here
shadow-4.18.0/src/grpunconv.c:214:17: acquire_memory: allocated here
shadow-4.18.0/src/grpunconv.c:214:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/grpunconv.c:214:17: branch_true: ...to here
shadow-4.18.0/src/grpunconv.c:214:17: throw: if ‘gr_dbname’ throws an exception...
shadow-4.18.0/src/grpunconv.c:214:17: danger: ‘saved_locale’ leaks here; was allocated at [(25)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/24)
#  212|   	if (gr_unlock () == 0) {
#  213|   		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
#  214|-> 		SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
#  215|   		/* continue */
#  216|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def326]
shadow-4.18.0/src/grpunconv.c:220:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/grpunconv.c:125:5: enter_function: entry to ‘main’
shadow-4.18.0/src/grpunconv.c:142:9: call_function: calling ‘process_flags’ from ‘main’
shadow-4.18.0/src/grpunconv.c:142:9: return_function: returning to ‘main’ from ‘process_flags’
shadow-4.18.0/src/grpunconv.c:144:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpunconv.c:148:13: branch_true: ...to here
shadow-4.18.0/src/grpunconv.c:148:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpunconv.c:154:9: branch_false: ...to here
shadow-4.18.0/src/grpunconv.c:155:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpunconv.c:161:13: branch_false: ...to here
shadow-4.18.0/src/grpunconv.c:161:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpunconv.c:167:9: branch_false: ...to here
shadow-4.18.0/src/grpunconv.c:168:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpunconv.c:177:16: branch_false: ...to here
shadow-4.18.0/src/grpunconv.c:196:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpunconv.c:204:13: branch_false: ...to here
shadow-4.18.0/src/grpunconv.c:204:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/grpunconv.c:212:13: branch_false: ...to here
shadow-4.18.0/src/grpunconv.c:218:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/grpunconv.c:219:17: branch_true: ...to here
shadow-4.18.0/src/grpunconv.c:220:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/grpunconv.c:220:17: branch_true: ...to here
shadow-4.18.0/src/grpunconv.c:220:17: acquire_memory: allocated here
shadow-4.18.0/src/grpunconv.c:220:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/grpunconv.c:220:17: branch_true: ...to here
shadow-4.18.0/src/grpunconv.c:220:17: throw: if ‘sgr_dbname’ throws an exception...
shadow-4.18.0/src/grpunconv.c:220:17: danger: ‘saved_locale’ leaks here; was allocated at [(25)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/24)
#  218|   	if (sgr_unlock () == 0) {
#  219|   		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
#  220|-> 		SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
#  221|   		/* continue */
#  222|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def327]
shadow-4.18.0/src/login.c:400:9: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/login.c:397:9: branch_true: following ‘true’ branch (when ‘ptr_pam_user’ is non-NULL)...
shadow-4.18.0/src/login.c:399:19: branch_true: ...to here
shadow-4.18.0/src/login.c:400:9: branch_true: following ‘true’ branch...
shadow-4.18.0/src/login.c:400:9: acquire_memory: allocated here
shadow-4.18.0/src/login.c:400:9: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/login.c:400:9: branch_true: ...to here
shadow-4.18.0/src/login.c:400:9: throw: if ‘pam_strerror’ throws an exception...
shadow-4.18.0/src/login.c:400:9: danger: ‘saved_locale’ leaks here; was allocated at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
#  398|   
#  399|   	retcode = pam_get_item (pamh, PAM_USER, &ptr_user);
#  400|-> 	PAM_FAIL_CHECK;
#  401|   
#  402|   	free (*ptr_pam_user);

Error: COMPILER_WARNING: [#def328]
shadow-4.18.0/src/login.c: scope_hint: In function ‘main’
shadow-4.18.0/src/login.c:454:24: warning[-Wunused-but-set-variable=]: variable ‘subroot’ set but not used
#  454 |         bool           subroot = false;
#      |                        ^~~~~~~
#  452|   {
#  453|   	int            err;
#  454|-> 	bool           subroot = false;
#  455|   	char           **envp = environ;
#  456|   	char           *host = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def329]
shadow-4.18.0/src/login.c:513:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/login.c:451:5: enter_function: entry to ‘main’
shadow-4.18.0/src/login.c:496:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/login.c:501:9: branch_false: ...to here
shadow-4.18.0/src/login.c:501:9: call_function: calling ‘process_flags’ from ‘main’
shadow-4.18.0/src/login.c:501:9: return_function: returning to ‘main’ from ‘process_flags’
shadow-4.18.0/src/login.c:503:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/login.c:503:35: branch_false: ...to here
shadow-4.18.0/src/login.c:503:13: branch_false: following ‘false’ branch...
shadow-4.18.0/src/login.c:503:56: branch_false: ...to here
shadow-4.18.0/src/login.c:503:13: branch_false: following ‘false’ branch...
shadow-4.18.0/src/login.c:507:15: branch_false: ...to here
shadow-4.18.0/src/login.c:512:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/login.c:512:13: branch_false: ...to here
shadow-4.18.0/src/login.c:512:13: branch_true: following ‘true’ branch...
shadow-4.18.0/src/login.c:513:17: branch_true: ...to here
shadow-4.18.0/src/login.c:513:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/login.c:513:17: branch_true: ...to here
shadow-4.18.0/src/login.c:513:17: acquire_memory: allocated here
shadow-4.18.0/src/login.c:513:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/login.c:513:17: branch_true: ...to here
shadow-4.18.0/src/login.c:513:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/login.c:513:17: danger: ‘saved_locale’ leaks here; was allocated at [(24)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/23)
#  511|   	 */
#  512|   	if (!amroot && (err != 0)) {
#  513|-> 		SYSLOG ((LOG_ERR,
#  514|   				 "No session entry, error %d.  You must exec \"login\" from the lowest level \"sh\"",
#  515|   				 err));

Error: COMPILER_WARNING (CWE-252): [#def330]
shadow-4.18.0/src/login.c:719:25: warning[-Wunused-result]: ignoring return value of ‘audit_log_acct_message’ declared with attribute ‘warn_unused_result’
#  719 |                         audit_log_acct_message (audit_fd,
#      |                         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  720 |                                                 AUDIT_USER_LOGIN,
#      |                                                 ~~~~~~~~~~~~~~~~~
#  721 |                                                 NULL,    /* Prog. name */
#      |                                                 ~~~~~~~~~~~~~~~~~~~~~~~~~
#  722 |                                                 "login",
#      |                                                 ~~~~~~~~
#  723 |                                                 failent_user,
#      |                                                 ~~~~~~~~~~~~~
#  724 |                                                 AUDIT_NO_ID,
#      |                                                 ~~~~~~~~~~~~
#  725 |                                                 hostname,
#      |                                                 ~~~~~~~~~
#  726 |                                                 NULL,    /* addr */
#      |                                                 ~~~~~~~~~~~~~~~~~~~
#  727 |                                                 tty,
#      |                                                 ~~~~
#  728 |                                                 0);      /* result */
#      |                                                 ~~
#  717|   #ifdef WITH_AUDIT
#  718|   			audit_fd = audit_open ();
#  719|-> 			audit_log_acct_message (audit_fd,
#  720|   			                        AUDIT_USER_LOGIN,
#  721|   			                        NULL,    /* Prog. name */

Error: COMPILER_WARNING (CWE-252): [#def331]
shadow-4.18.0/src/login.c:1034:9: warning[-Wunused-result]: ignoring return value of ‘audit_log_acct_message’ declared with attribute ‘warn_unused_result’
# 1034 |         audit_log_acct_message (audit_fd,
#      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 1035 |                                 AUDIT_USER_LOGIN,
#      |                                 ~~~~~~~~~~~~~~~~~
# 1036 |                                 NULL,    /* Prog. name */
#      |                                 ~~~~~~~~~~~~~~~~~~~~~~~~~
# 1037 |                                 "login",
#      |                                 ~~~~~~~~
# 1038 |                                 username,
#      |                                 ~~~~~~~~~
# 1039 |                                 AUDIT_NO_ID,
#      |                                 ~~~~~~~~~~~~
# 1040 |                                 hostname,
#      |                                 ~~~~~~~~~
# 1041 |                                 NULL,    /* addr */
#      |                                 ~~~~~~~~~~~~~~~~~~~
# 1042 |                                 tty,
#      |                                 ~~~~
# 1043 |                                 1);      /* result */
#      |                                 ~~
# 1032|   #ifdef WITH_AUDIT
# 1033|   	audit_fd = audit_open ();
# 1034|-> 	audit_log_acct_message (audit_fd,
# 1035|   	                        AUDIT_USER_LOGIN,
# 1036|   	                        NULL,    /* Prog. name */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def332]
shadow-4.18.0/src/logoutd.c:99:9: warning[-Wanalyzer-malloc-leak]: leak of ‘tty_file’
shadow-4.18.0/src/logoutd.c:72:20: acquire_memory: allocated here
shadow-4.18.0/src/logoutd.c:73:12: branch_false: following ‘false’ branch (when ‘tty_file’ is non-NULL)...
shadow-4.18.0/src/logoutd.c:77:19: branch_false: ...to here
shadow-4.18.0/src/logoutd.c:99:9: throw: if ‘fflush’ throws an exception...
shadow-4.18.0/src/logoutd.c:99:9: danger: ‘tty_file’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#   97|   		fputs (DEFAULT_HUP_MESG, tty_file);
#   98|   	}
#   99|-> 	fflush (tty_file);
#  100|   	fclose (tty_file);
#  101|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def333]
shadow-4.18.0/src/newgidmap.c:189:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/newgidmap.c:164:12: branch_false: following ‘false’ branch (when ‘argc > 1’)...
shadow-4.18.0/src/newgidmap.c:171:9: branch_false: ...to here
shadow-4.18.0/src/newgidmap.c:180:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newgidmap.c:184:14: branch_false: ...to here
shadow-4.18.0/src/newgidmap.c:185:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newgidmap.c:187:25: branch_true: ...to here
shadow-4.18.0/src/newgidmap.c:189:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/newgidmap.c:189:17: branch_true: ...to here
shadow-4.18.0/src/newgidmap.c:189:17: acquire_memory: allocated here
shadow-4.18.0/src/newgidmap.c:189:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/newgidmap.c:189:17: branch_true: ...to here
shadow-4.18.0/src/newgidmap.c:189:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/newgidmap.c:189:17: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/8)
#  187|   			_("%s: Cannot determine your user name.\n"),
#  188|   			Prog);
#  189|-> 		SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)",
#  190|   				(unsigned long) getuid ()));
#  191|   		return EXIT_FAILURE;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def334]
shadow-4.18.0/src/newgrp.c:181:43: warning[-Wanalyzer-malloc-leak]: leak of ‘agetpass(dcgettext(0, "Password: ", 5))’
shadow-4.18.0/src/newgrp.c:166:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newgrp.c:171:22: acquire_memory: allocated here
shadow-4.18.0/src/newgrp.c:172:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newgrp.c:181:43: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:181:27: throw: if ‘pw_encrypt’ throws an exception...
shadow-4.18.0/src/newgrp.c:181:43: danger: ‘agetpass(dcgettext(0, "Password: ", 5))’ leaks here; was allocated at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#  179|   		 * must match the previously encrypted value in the file.
#  180|   		 */
#  181|-> 		cpasswd = pw_encrypt (cp, grp->gr_passwd);
#  182|   		erase_pass (cp);
#  183|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def335]
shadow-4.18.0/src/newgrp.c:188:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/newgrp.c:166:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newgrp.c:172:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newgrp.c:181:43: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:184:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newgrp.c:187:50: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:188:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:188:25: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:188:25: acquire_memory: allocated here
shadow-4.18.0/src/newgrp.c:188:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:188:25: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:188:25: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/newgrp.c:188:25: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/8)
#  186|   			         _("%s: failed to crypt password with previous salt: %s\n"),
#  187|   			         Prog, strerror (errno));
#  188|-> 			SYSLOG ((LOG_INFO,
#  189|   			         "Failed to crypt password with previous salt of group '%s'",
#  190|   			         groupname));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def336]
shadow-4.18.0/src/newgrp.c:202:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/newgrp.c:166:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newgrp.c:172:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newgrp.c:181:43: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:184:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newgrp.c:194:27: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:202:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:202:25: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:202:25: acquire_memory: allocated here
shadow-4.18.0/src/newgrp.c:202:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:202:25: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:202:25: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/newgrp.c:202:25: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/8)
#  200|   			              audit_buf, NULL, getuid (), SHADOW_AUDIT_FAILURE);
#  201|   #endif
#  202|-> 			SYSLOG ((LOG_INFO,
#  203|   				 "Invalid password for group '%s' from '%s'",
#  204|   				 groupname, pwd->pw_name));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def337]
shadow-4.18.0/src/newgrp.c:256:9: warning[-Wanalyzer-malloc-leak]: leak of ‘free_tty’
shadow-4.18.0/src/newgrp.c:233:13: enter_function: entry to ‘syslog_sg’
shadow-4.18.0/src/newgrp.c:239:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newgrp.c:243:12: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:243:12: branch_true: following ‘true’ branch (when ‘tty’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:244:28: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:244:28: call_function: calling ‘xstrdup’ from ‘syslog_sg’
shadow-4.18.0/src/newgrp.c:244:28: return_function: returning to ‘syslog_sg’ from ‘xstrdup’
shadow-4.18.0/src/newgrp.c:248:12: branch_true: following ‘true’ branch (when ‘loginname’ is NULL)...
shadow-4.18.0/src/newgrp.c:248:12: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:251:12: branch_false: following ‘false’ branch (when ‘tty’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:254:15: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:254:15: call_function: calling ‘strprefix_’ from ‘syslog_sg’
shadow-4.18.0/src/newgrp.c:254:15: return_function: returning to ‘syslog_sg’ from ‘strprefix_’
shadow-4.18.0/src/newgrp.c:254:15: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newgrp.c:256:9: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:256:9: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/newgrp.c:256:9: danger: ‘free_tty’ leaks here; was allocated at [(9)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/8)
#  254|   	tty = strprefix(tty, "/dev/") ?: tty;
#  255|   
#  256|-> 	SYSLOG ((LOG_INFO,
#  257|   		 "user '%s' (login '%s' on %s) switched to group '%s'",
#  258|   		 name, loginname, tty, group));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def338]
shadow-4.18.0/src/newgrp.c:256:9: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/newgrp.c:239:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newgrp.c:243:12: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:243:12: branch_false: following ‘false’ branch (when ‘tty’ is NULL)...
shadow-4.18.0/src/newgrp.c:248:12: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:248:12: branch_true: following ‘true’ branch (when ‘loginname’ is NULL)...
shadow-4.18.0/src/newgrp.c:248:12: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:251:12: branch_true: following ‘true’ branch (when ‘tty’ is NULL)...
shadow-4.18.0/src/newgrp.c:251:12: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:254:15: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newgrp.c:254:15: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:256:9: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:256:9: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:256:9: acquire_memory: allocated here
shadow-4.18.0/src/newgrp.c:256:9: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:256:9: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:256:9: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/newgrp.c:256:9: danger: ‘saved_locale’ leaks here; was allocated at [(13)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/12)
#  254|   	tty = strprefix(tty, "/dev/") ?: tty;
#  255|   
#  256|-> 	SYSLOG ((LOG_INFO,
#  257|   		 "user '%s' (login '%s' on %s) switched to group '%s'",
#  258|   		 name, loginname, tty, group));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def339]
shadow-4.18.0/src/newgrp.c:297:33: warning[-Wanalyzer-malloc-leak]: leak of ‘tty’
shadow-4.18.0/src/newgrp.c:233:13: enter_function: entry to ‘syslog_sg’
shadow-4.18.0/src/newgrp.c:243:12: branch_true: following ‘true’ branch (when ‘tty’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:244:28: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:244:28: call_function: calling ‘xstrdup’ from ‘syslog_sg’
shadow-4.18.0/src/newgrp.c:244:28: return_function: returning to ‘syslog_sg’ from ‘xstrdup’
shadow-4.18.0/src/newgrp.c:248:12: branch_true: following ‘true’ branch (when ‘loginname’ is NULL)...
shadow-4.18.0/src/newgrp.c:248:12: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:251:12: branch_false: following ‘false’ branch (when ‘tty’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:254:15: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:254:15: call_function: calling ‘strprefix_’ from ‘syslog_sg’
shadow-4.18.0/src/newgrp.c:254:15: return_function: returning to ‘syslog_sg’ from ‘strprefix_’
shadow-4.18.0/src/newgrp.c:254:15: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newgrp.c:256:9: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:256:9: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/newgrp.c:281:24: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:291:20: branch_true: following ‘true’ branch (when ‘child == -1’)...
shadow-4.18.0/src/newgrp.c:294:73: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:296:28: branch_true: following ‘true’ branch (when ‘group’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:298:57: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:297:33: throw: if ‘audit_logger_with_group’ throws an exception...
shadow-4.18.0/src/newgrp.c:297:33: danger: ‘tty’ leaks here; was allocated at [(7)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/6)
#  295|   #ifdef WITH_AUDIT
#  296|   			if (group) {
#  297|-> 				audit_logger_with_group(AUDIT_CHGRP_ID, "changing", NULL,
#  298|   							getuid(), "new_group", group,
#  299|   							SHADOW_AUDIT_FAILURE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def340]
shadow-4.18.0/src/newgrp.c:301:33: warning[-Wanalyzer-malloc-leak]: leak of ‘tty’
shadow-4.18.0/src/newgrp.c:233:13: enter_function: entry to ‘syslog_sg’
shadow-4.18.0/src/newgrp.c:243:12: branch_true: following ‘true’ branch (when ‘tty’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:244:28: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:244:28: call_function: calling ‘xstrdup’ from ‘syslog_sg’
shadow-4.18.0/src/newgrp.c:244:28: return_function: returning to ‘syslog_sg’ from ‘xstrdup’
shadow-4.18.0/src/newgrp.c:248:12: branch_true: following ‘true’ branch (when ‘loginname’ is NULL)...
shadow-4.18.0/src/newgrp.c:248:12: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:251:12: branch_false: following ‘false’ branch (when ‘tty’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:254:15: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:254:15: call_function: calling ‘strprefix_’ from ‘syslog_sg’
shadow-4.18.0/src/newgrp.c:254:15: return_function: returning to ‘syslog_sg’ from ‘strprefix_’
shadow-4.18.0/src/newgrp.c:254:15: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newgrp.c:256:9: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:256:9: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/newgrp.c:281:24: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:291:20: branch_true: following ‘true’ branch (when ‘child == -1’)...
shadow-4.18.0/src/newgrp.c:294:73: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:296:28: branch_false: following ‘false’ branch (when ‘group’ is NULL)...
shadow-4.18.0/src/newgrp.c:302:65: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:301:33: throw: if ‘audit_logger’ throws an exception...
shadow-4.18.0/src/newgrp.c:301:33: danger: ‘tty’ leaks here; was allocated at [(7)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/6)
#  299|   							SHADOW_AUDIT_FAILURE);
#  300|   			} else {
#  301|-> 				audit_logger (AUDIT_CHGRP_ID, Prog,
#  302|   				              "changing", NULL, getuid(),
#  303|   				              SHADOW_AUDIT_FAILURE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def341]
shadow-4.18.0/src/newgrp.c:311:45: warning[-Wanalyzer-malloc-leak]: leak of ‘free_tty’
shadow-4.18.0/src/newgrp.c:233:13: enter_function: entry to ‘syslog_sg’
shadow-4.18.0/src/newgrp.c:243:12: branch_true: following ‘true’ branch (when ‘tty’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:244:28: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:244:28: call_function: calling ‘xstrdup’ from ‘syslog_sg’
shadow-4.18.0/src/newgrp.c:244:28: return_function: returning to ‘syslog_sg’ from ‘xstrdup’
shadow-4.18.0/src/newgrp.c:248:12: branch_true: following ‘true’ branch (when ‘loginname’ is NULL)...
shadow-4.18.0/src/newgrp.c:248:12: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:251:12: branch_false: following ‘false’ branch (when ‘tty’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:254:15: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:254:15: call_function: calling ‘strprefix_’ from ‘syslog_sg’
shadow-4.18.0/src/newgrp.c:254:15: return_function: returning to ‘syslog_sg’ from ‘strprefix_’
shadow-4.18.0/src/newgrp.c:254:15: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newgrp.c:256:9: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:256:9: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/newgrp.c:281:24: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:291:20: branch_false: following ‘false’ branch (when ‘child != -1’)...
shadow-4.18.0/src/newgrp.c:307:27: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:307:27: branch_true: following ‘true’ branch (when ‘child != 0’)...
shadow-4.18.0/src/newgrp.c:309:29: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:311:45: throw: if ‘getgrgid’ throws an exception...
shadow-4.18.0/src/newgrp.c:311:45: danger: ‘free_tty’ leaks here; was allocated at [(7)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/6)
#  309|   			int cst = 0;
#  310|   			gid_t gid = getgid();
#  311|-> 			struct group *grp = getgrgid (gid);
#  312|   			pid_t pid;
#  313|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def342]
shadow-4.18.0/src/newgrp.c:316:39: warning[-Wanalyzer-malloc-leak]: leak of ‘free_tty’
shadow-4.18.0/src/newgrp.c:233:13: enter_function: entry to ‘syslog_sg’
shadow-4.18.0/src/newgrp.c:243:12: branch_true: following ‘true’ branch (when ‘tty’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:244:28: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:244:28: call_function: calling ‘xstrdup’ from ‘syslog_sg’
shadow-4.18.0/src/newgrp.c:244:28: return_function: returning to ‘syslog_sg’ from ‘xstrdup’
shadow-4.18.0/src/newgrp.c:248:12: branch_true: following ‘true’ branch (when ‘loginname’ is NULL)...
shadow-4.18.0/src/newgrp.c:248:12: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:251:12: branch_false: following ‘false’ branch (when ‘tty’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:254:15: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:254:15: call_function: calling ‘strprefix_’ from ‘syslog_sg’
shadow-4.18.0/src/newgrp.c:254:15: return_function: returning to ‘syslog_sg’ from ‘strprefix_’
shadow-4.18.0/src/newgrp.c:254:15: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newgrp.c:256:9: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:256:9: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/newgrp.c:281:24: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:291:20: branch_false: following ‘false’ branch (when ‘child != -1’)...
shadow-4.18.0/src/newgrp.c:307:27: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:307:27: branch_true: following ‘true’ branch (when ‘child != 0’)...
shadow-4.18.0/src/newgrp.c:309:29: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:316:39: throw: if ‘waitpid’ throws an exception...
shadow-4.18.0/src/newgrp.c:316:39: danger: ‘free_tty’ leaks here; was allocated at [(7)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/6)
#  314|   			do {
#  315|   				errno = 0;
#  316|-> 				pid = waitpid (child, &cst, WUNTRACED);
#  317|   				if ((pid == child) && (WIFSTOPPED (cst) != 0)) {
#  318|   					/* The child (shell) was suspended.

Error: GCC_ANALYZER_WARNING (CWE-401): [#def343]
shadow-4.18.0/src/newgrp.c:328:33: warning[-Wanalyzer-malloc-leak]: leak of ‘free_tty’
shadow-4.18.0/src/newgrp.c:233:13: enter_function: entry to ‘syslog_sg’
shadow-4.18.0/src/newgrp.c:243:12: branch_true: following ‘true’ branch (when ‘tty’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:244:28: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:244:28: call_function: calling ‘xstrdup’ from ‘syslog_sg’
shadow-4.18.0/src/newgrp.c:244:28: return_function: returning to ‘syslog_sg’ from ‘xstrdup’
shadow-4.18.0/src/newgrp.c:248:12: branch_true: following ‘true’ branch (when ‘loginname’ is NULL)...
shadow-4.18.0/src/newgrp.c:248:12: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:251:12: branch_false: following ‘false’ branch (when ‘tty’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:254:15: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:254:15: call_function: calling ‘strprefix_’ from ‘syslog_sg’
shadow-4.18.0/src/newgrp.c:254:15: return_function: returning to ‘syslog_sg’ from ‘strprefix_’
shadow-4.18.0/src/newgrp.c:254:15: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newgrp.c:256:9: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:256:9: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/newgrp.c:281:24: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:291:20: branch_false: following ‘false’ branch (when ‘child != -1’)...
shadow-4.18.0/src/newgrp.c:307:27: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:307:27: branch_true: following ‘true’ branch (when ‘child != 0’)...
shadow-4.18.0/src/newgrp.c:309:29: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:327:28: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newgrp.c:328:33: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:328:33: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/newgrp.c:328:33: danger: ‘free_tty’ leaks here; was allocated at [(7)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/6)
#  326|   			/* local, no need for xgetgrgid */
#  327|   			if (NULL != grp) {
#  328|-> 				SYSLOG ((LOG_INFO,
#  329|   				         "user '%s' (login '%s' on %s) returned to group '%s'",
#  330|   				         name, loginname, tty, grp->gr_name));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def344]
shadow-4.18.0/src/newgrp.c:328:33: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/newgrp.c:239:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newgrp.c:243:12: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:243:12: branch_false: following ‘false’ branch (when ‘tty’ is NULL)...
shadow-4.18.0/src/newgrp.c:248:12: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:248:12: branch_true: following ‘true’ branch (when ‘loginname’ is NULL)...
shadow-4.18.0/src/newgrp.c:248:12: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:251:12: branch_true: following ‘true’ branch (when ‘tty’ is NULL)...
shadow-4.18.0/src/newgrp.c:251:12: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:254:15: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newgrp.c:254:15: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:256:9: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/newgrp.c:281:24: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:291:20: branch_false: following ‘false’ branch (when ‘child != -1’)...
shadow-4.18.0/src/newgrp.c:307:27: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:307:27: branch_true: following ‘true’ branch (when ‘child != 0’)...
shadow-4.18.0/src/newgrp.c:309:29: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:327:28: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newgrp.c:328:33: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:328:33: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:328:33: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:328:33: acquire_memory: allocated here
shadow-4.18.0/src/newgrp.c:328:33: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:328:33: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:328:33: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/newgrp.c:328:33: danger: ‘saved_locale’ leaks here; was allocated at [(21)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/20)
#  326|   			/* local, no need for xgetgrgid */
#  327|   			if (NULL != grp) {
#  328|-> 				SYSLOG ((LOG_INFO,
#  329|   				         "user '%s' (login '%s' on %s) returned to group '%s'",
#  330|   				         name, loginname, tty, grp->gr_name));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def345]
shadow-4.18.0/src/newgrp.c:332:33: warning[-Wanalyzer-malloc-leak]: leak of ‘free_tty’
shadow-4.18.0/src/newgrp.c:233:13: enter_function: entry to ‘syslog_sg’
shadow-4.18.0/src/newgrp.c:243:12: branch_true: following ‘true’ branch (when ‘tty’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:244:28: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:244:28: call_function: calling ‘xstrdup’ from ‘syslog_sg’
shadow-4.18.0/src/newgrp.c:244:28: return_function: returning to ‘syslog_sg’ from ‘xstrdup’
shadow-4.18.0/src/newgrp.c:248:12: branch_true: following ‘true’ branch (when ‘loginname’ is NULL)...
shadow-4.18.0/src/newgrp.c:248:12: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:251:12: branch_false: following ‘false’ branch (when ‘tty’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:254:15: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:254:15: call_function: calling ‘strprefix_’ from ‘syslog_sg’
shadow-4.18.0/src/newgrp.c:254:15: return_function: returning to ‘syslog_sg’ from ‘strprefix_’
shadow-4.18.0/src/newgrp.c:254:15: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newgrp.c:256:9: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:256:9: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/newgrp.c:281:24: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:291:20: branch_false: following ‘false’ branch (when ‘child != -1’)...
shadow-4.18.0/src/newgrp.c:307:27: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:307:27: branch_true: following ‘true’ branch (when ‘child != 0’)...
shadow-4.18.0/src/newgrp.c:309:29: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:327:28: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newgrp.c:332:33: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:332:33: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/newgrp.c:332:33: danger: ‘free_tty’ leaks here; was allocated at [(7)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/6)
#  330|   				         name, loginname, tty, grp->gr_name));
#  331|   			} else {
#  332|-> 				SYSLOG ((LOG_INFO,
#  333|   				         "user '%s' (login '%s' on %s) returned to group '%lu'",
#  334|   				         name, loginname, tty,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def346]
shadow-4.18.0/src/newgrp.c:332:33: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/newgrp.c:239:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newgrp.c:243:12: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:243:12: branch_false: following ‘false’ branch (when ‘tty’ is NULL)...
shadow-4.18.0/src/newgrp.c:248:12: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:248:12: branch_true: following ‘true’ branch (when ‘loginname’ is NULL)...
shadow-4.18.0/src/newgrp.c:248:12: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:251:12: branch_true: following ‘true’ branch (when ‘tty’ is NULL)...
shadow-4.18.0/src/newgrp.c:251:12: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:254:15: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newgrp.c:254:15: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:256:9: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/newgrp.c:281:24: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:291:20: branch_false: following ‘false’ branch (when ‘child != -1’)...
shadow-4.18.0/src/newgrp.c:307:27: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:307:27: branch_true: following ‘true’ branch (when ‘child != 0’)...
shadow-4.18.0/src/newgrp.c:309:29: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:327:28: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newgrp.c:332:33: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:332:33: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:332:33: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:332:33: acquire_memory: allocated here
shadow-4.18.0/src/newgrp.c:332:33: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:332:33: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:332:33: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/newgrp.c:332:33: danger: ‘saved_locale’ leaks here; was allocated at [(21)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/20)
#  330|   				         name, loginname, tty, grp->gr_name));
#  331|   			} else {
#  332|-> 				SYSLOG ((LOG_INFO,
#  333|   				         "user '%s' (login '%s' on %s) returned to group '%lu'",
#  334|   				         name, loginname, tty,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def347]
shadow-4.18.0/src/newgrp.c:340:33: warning[-Wanalyzer-malloc-leak]: leak of ‘free_tty’
shadow-4.18.0/src/newgrp.c:233:13: enter_function: entry to ‘syslog_sg’
shadow-4.18.0/src/newgrp.c:243:12: branch_true: following ‘true’ branch (when ‘tty’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:244:28: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:244:28: call_function: calling ‘xstrdup’ from ‘syslog_sg’
shadow-4.18.0/src/newgrp.c:244:28: return_function: returning to ‘syslog_sg’ from ‘xstrdup’
shadow-4.18.0/src/newgrp.c:248:12: branch_true: following ‘true’ branch (when ‘loginname’ is NULL)...
shadow-4.18.0/src/newgrp.c:248:12: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:251:12: branch_false: following ‘false’ branch (when ‘tty’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:254:15: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:254:15: call_function: calling ‘strprefix_’ from ‘syslog_sg’
shadow-4.18.0/src/newgrp.c:254:15: return_function: returning to ‘syslog_sg’ from ‘strprefix_’
shadow-4.18.0/src/newgrp.c:254:15: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newgrp.c:256:9: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:256:9: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/newgrp.c:281:24: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:291:20: branch_false: following ‘false’ branch (when ‘child != -1’)...
shadow-4.18.0/src/newgrp.c:307:27: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:307:27: branch_true: following ‘true’ branch (when ‘child != 0’)...
shadow-4.18.0/src/newgrp.c:309:29: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:327:28: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newgrp.c:332:33: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:332:33: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/newgrp.c:340:33: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:340:33: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/newgrp.c:340:33: danger: ‘free_tty’ leaks here; was allocated at [(7)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/6)
#  338|   				 * or the group was deleted while the user
#  339|   				 * was in a newgrp session.*/
#  340|-> 				SYSLOG ((LOG_WARN,
#  341|   				         "unknown GID '%lu' used by user '%s'",
#  342|   				         (unsigned long) gid, name));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def348]
shadow-4.18.0/src/newgrp.c:340:33: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/newgrp.c:239:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newgrp.c:243:12: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:243:12: branch_false: following ‘false’ branch (when ‘tty’ is NULL)...
shadow-4.18.0/src/newgrp.c:248:12: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:248:12: branch_true: following ‘true’ branch (when ‘loginname’ is NULL)...
shadow-4.18.0/src/newgrp.c:248:12: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:251:12: branch_true: following ‘true’ branch (when ‘tty’ is NULL)...
shadow-4.18.0/src/newgrp.c:251:12: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:254:15: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newgrp.c:254:15: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:256:9: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/newgrp.c:281:24: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:291:20: branch_false: following ‘false’ branch (when ‘child != -1’)...
shadow-4.18.0/src/newgrp.c:307:27: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:307:27: branch_true: following ‘true’ branch (when ‘child != 0’)...
shadow-4.18.0/src/newgrp.c:309:29: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:327:28: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newgrp.c:332:33: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:332:33: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/newgrp.c:340:33: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:340:33: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:340:33: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:340:33: acquire_memory: allocated here
shadow-4.18.0/src/newgrp.c:340:33: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:340:33: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:340:33: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/newgrp.c:340:33: danger: ‘saved_locale’ leaks here; was allocated at [(23)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/22)
#  338|   				 * or the group was deleted while the user
#  339|   				 * was in a newgrp session.*/
#  340|-> 				SYSLOG ((LOG_WARN,
#  341|   				         "unknown GID '%lu' used by user '%s'",
#  342|   				         (unsigned long) gid, name));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def349]
shadow-4.18.0/src/newgrp.c:344:25: warning[-Wanalyzer-malloc-leak]: leak of ‘free_tty’
shadow-4.18.0/src/newgrp.c:233:13: enter_function: entry to ‘syslog_sg’
shadow-4.18.0/src/newgrp.c:243:12: branch_true: following ‘true’ branch (when ‘tty’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:244:28: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:244:28: call_function: calling ‘xstrdup’ from ‘syslog_sg’
shadow-4.18.0/src/newgrp.c:244:28: return_function: returning to ‘syslog_sg’ from ‘xstrdup’
shadow-4.18.0/src/newgrp.c:248:12: branch_true: following ‘true’ branch (when ‘loginname’ is NULL)...
shadow-4.18.0/src/newgrp.c:248:12: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:251:12: branch_false: following ‘false’ branch (when ‘tty’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:254:15: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:254:15: call_function: calling ‘strprefix_’ from ‘syslog_sg’
shadow-4.18.0/src/newgrp.c:254:15: return_function: returning to ‘syslog_sg’ from ‘strprefix_’
shadow-4.18.0/src/newgrp.c:254:15: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newgrp.c:256:9: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:256:9: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/newgrp.c:281:24: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:291:20: branch_false: following ‘false’ branch (when ‘child != -1’)...
shadow-4.18.0/src/newgrp.c:307:27: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:307:27: branch_true: following ‘true’ branch (when ‘child != 0’)...
shadow-4.18.0/src/newgrp.c:309:29: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:328:33: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/newgrp.c:344:25: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:344:25: throw: if ‘closelog’ throws an exception...
shadow-4.18.0/src/newgrp.c:344:25: danger: ‘free_tty’ leaks here; was allocated at [(7)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/6)
#  342|   				         (unsigned long) gid, name));
#  343|   			}
#  344|-> 			closelog ();
#  345|   			exit ((0 != WIFEXITED (cst)) ? WEXITSTATUS (cst)
#  346|   			                             : WTERMSIG (cst) + 128);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def350]
shadow-4.18.0/src/newgrp.c:443:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/newgrp.c:436:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newgrp.c:437:17: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:443:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:443:17: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:443:17: acquire_memory: allocated here
shadow-4.18.0/src/newgrp.c:443:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:443:17: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:443:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/newgrp.c:443:17: danger: ‘saved_locale’ leaks here; was allocated at [(5)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/4)
#  441|   		              "changing", NULL, getuid (), SHADOW_AUDIT_FAILURE);
#  442|   #endif
#  443|-> 		SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)",
#  444|   		         (unsigned long) getuid ()));
#  445|   		closelog ();

Error: GCC_ANALYZER_WARNING (CWE-401): [#def351]
shadow-4.18.0/src/newgrp.c:537:33: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/newgrp.c:436:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newgrp.c:448:9: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:474:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newgrp.c:513:20: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:516:27: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newgrp.c:532:42: branch_false: ...to here
shadow-4.18.0/src/newgrp.c:533:28: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newgrp.c:536:64: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:537:33: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:537:33: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:537:33: acquire_memory: allocated here
shadow-4.18.0/src/newgrp.c:537:33: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/newgrp.c:537:33: branch_true: ...to here
shadow-4.18.0/src/newgrp.c:537:33: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/newgrp.c:537:33: danger: ‘saved_locale’ leaks here; was allocated at [(11)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/10)
#  535|   				         _("%s: GID '%lu' does not exist\n"),
#  536|   				         Prog, (unsigned long) pwd->pw_gid);
#  537|-> 				SYSLOG ((LOG_CRIT, "GID '%lu' does not exist",
#  538|   				        (unsigned long) pwd->pw_gid));
#  539|   				goto failure;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def352]
shadow-4.18.0/src/newuidmap.c:118:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/newuidmap.c:93:12: branch_false: following ‘false’ branch (when ‘argc > 1’)...
shadow-4.18.0/src/newuidmap.c:96:9: branch_false: ...to here
shadow-4.18.0/src/newuidmap.c:108:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newuidmap.c:113:14: branch_false: ...to here
shadow-4.18.0/src/newuidmap.c:114:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newuidmap.c:116:25: branch_true: ...to here
shadow-4.18.0/src/newuidmap.c:118:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/newuidmap.c:118:17: branch_true: ...to here
shadow-4.18.0/src/newuidmap.c:118:17: acquire_memory: allocated here
shadow-4.18.0/src/newuidmap.c:118:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/newuidmap.c:118:17: branch_true: ...to here
shadow-4.18.0/src/newuidmap.c:118:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/newuidmap.c:118:17: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/8)
#  116|   			_("%s: Cannot determine your user name.\n"),
#  117|   			Prog);
#  118|-> 		SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)",
#  119|   				(unsigned long) getuid ()));
#  120|   		return EXIT_FAILURE;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def353]
shadow-4.18.0/src/newusers.c:178:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/newusers.c:862:13: enter_function: entry to ‘open_files’
shadow-4.18.0/src/newusers.c:870:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newusers.c:871:17: branch_true: ...to here
shadow-4.18.0/src/newusers.c:874:17: call_function: calling ‘fail_exit’ from ‘open_files’
#  176|   		if (spw_unlock () == 0) {
#  177|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
#  178|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
#  179|   			/* continue */
#  180|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def354]
shadow-4.18.0/src/newusers.c:185:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/newusers.c:862:13: enter_function: entry to ‘open_files’
shadow-4.18.0/src/newusers.c:870:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newusers.c:871:17: branch_true: ...to here
shadow-4.18.0/src/newusers.c:874:17: call_function: calling ‘fail_exit’ from ‘open_files’
#  183|   		if (pw_unlock () == 0) {
#  184|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
#  185|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
#  186|   			/* continue */
#  187|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def355]
shadow-4.18.0/src/newusers.c:192:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/newusers.c:862:13: enter_function: entry to ‘open_files’
shadow-4.18.0/src/newusers.c:870:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newusers.c:871:17: branch_true: ...to here
shadow-4.18.0/src/newusers.c:874:17: call_function: calling ‘fail_exit’ from ‘open_files’
#  190|   		if (gr_unlock () == 0) {
#  191|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
#  192|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
#  193|   			/* continue */
#  194|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def356]
shadow-4.18.0/src/newusers.c:200:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/newusers.c:862:13: enter_function: entry to ‘open_files’
shadow-4.18.0/src/newusers.c:870:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newusers.c:871:17: branch_true: ...to here
shadow-4.18.0/src/newusers.c:874:17: call_function: calling ‘fail_exit’ from ‘open_files’
#  198|   		if (sgr_unlock () == 0) {
#  199|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
#  200|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
#  201|   			/* continue */
#  202|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def357]
shadow-4.18.0/src/newusers.c:209:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/newusers.c:862:13: enter_function: entry to ‘open_files’
shadow-4.18.0/src/newusers.c:870:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newusers.c:871:17: branch_true: ...to here
shadow-4.18.0/src/newusers.c:874:17: call_function: calling ‘fail_exit’ from ‘open_files’
#  207|   		if (sub_uid_unlock () == 0) {
#  208|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ());
#  209|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ()));
#  210|   			/* continue */
#  211|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def358]
shadow-4.18.0/src/newusers.c:216:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/newusers.c:862:13: enter_function: entry to ‘open_files’
shadow-4.18.0/src/newusers.c:870:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newusers.c:871:17: branch_true: ...to here
shadow-4.18.0/src/newusers.c:874:17: call_function: calling ‘fail_exit’ from ‘open_files’
#  214|   		if (sub_gid_unlock () == 0) {
#  215|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ());
#  216|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ()));
#  217|   			/* continue */
#  218|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def359]
shadow-4.18.0/src/newusers.c:970:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/newusers.c:968:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newusers.c:969:17: branch_true: ...to here
shadow-4.18.0/src/newusers.c:970:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/newusers.c:970:17: branch_true: ...to here
shadow-4.18.0/src/newusers.c:970:17: acquire_memory: allocated here
shadow-4.18.0/src/newusers.c:970:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/newusers.c:970:17: branch_true: ...to here
shadow-4.18.0/src/newusers.c:970:17: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/newusers.c:970:17: danger: ‘saved_locale’ leaks here; was allocated at [(5)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/4)
#  968|   	if (pw_close () == 0) {
#  969|   		fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, pw_dbname ());
#  970|-> 		SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
#  971|   		fail_exit (EXIT_FAILURE);
#  972|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def360]
shadow-4.18.0/src/newusers.c:975:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/newusers.c:968:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newusers.c:973:13: branch_false: ...to here
shadow-4.18.0/src/newusers.c:973:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newusers.c:974:17: branch_true: ...to here
shadow-4.18.0/src/newusers.c:975:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/newusers.c:975:17: branch_true: ...to here
shadow-4.18.0/src/newusers.c:975:17: acquire_memory: allocated here
shadow-4.18.0/src/newusers.c:975:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/newusers.c:975:17: branch_true: ...to here
shadow-4.18.0/src/newusers.c:975:17: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/newusers.c:975:17: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/6)
#  973|   	if (pw_unlock () == 0) {
#  974|   		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
#  975|-> 		SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
#  976|   		/* continue */
#  977|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def361]
shadow-4.18.0/src/newusers.c:985:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/newusers.c:968:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newusers.c:973:13: branch_false: ...to here
shadow-4.18.0/src/newusers.c:980:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newusers.c:981:21: branch_true: ...to here
shadow-4.18.0/src/newusers.c:981:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newusers.c:982:25: branch_true: ...to here
shadow-4.18.0/src/newusers.c:985:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/newusers.c:985:25: branch_true: ...to here
shadow-4.18.0/src/newusers.c:985:25: acquire_memory: allocated here
shadow-4.18.0/src/newusers.c:985:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/newusers.c:985:25: branch_true: ...to here
shadow-4.18.0/src/newusers.c:985:25: throw: if ‘spw_dbname’ throws an exception...
shadow-4.18.0/src/newusers.c:985:25: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/8)
#  983|   			         _("%s: failure while writing changes to %s\n"),
#  984|   			         Prog, spw_dbname ());
#  985|-> 			SYSLOG ((LOG_ERR, "failure while writing changes to %s", spw_dbname ()));
#  986|   			fail_exit (EXIT_FAILURE);
#  987|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def362]
shadow-4.18.0/src/newusers.c:992:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/newusers.c:968:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newusers.c:973:13: branch_false: ...to here
shadow-4.18.0/src/newusers.c:980:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newusers.c:981:21: branch_true: ...to here
shadow-4.18.0/src/newusers.c:981:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newusers.c:988:21: branch_false: ...to here
shadow-4.18.0/src/newusers.c:988:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newusers.c:989:25: branch_true: ...to here
shadow-4.18.0/src/newusers.c:992:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/newusers.c:992:25: branch_true: ...to here
shadow-4.18.0/src/newusers.c:992:25: acquire_memory: allocated here
shadow-4.18.0/src/newusers.c:992:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/newusers.c:992:25: branch_true: ...to here
shadow-4.18.0/src/newusers.c:992:25: throw: if ‘spw_dbname’ throws an exception...
shadow-4.18.0/src/newusers.c:992:25: danger: ‘saved_locale’ leaks here; was allocated at [(11)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/10)
#  990|   			         _("%s: failed to unlock %s\n"),
#  991|   			         Prog, spw_dbname ());
#  992|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
#  993|   			/* continue */
#  994|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def363]
shadow-4.18.0/src/newusers.c:1002:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/newusers.c:968:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newusers.c:973:13: branch_false: ...to here
shadow-4.18.0/src/newusers.c:998:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newusers.c:999:17: branch_true: ...to here
shadow-4.18.0/src/newusers.c:1002:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/newusers.c:1002:17: branch_true: ...to here
shadow-4.18.0/src/newusers.c:1002:17: acquire_memory: allocated here
shadow-4.18.0/src/newusers.c:1002:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/newusers.c:1002:17: branch_true: ...to here
shadow-4.18.0/src/newusers.c:1002:17: throw: if ‘gr_dbname’ throws an exception...
shadow-4.18.0/src/newusers.c:1002:17: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/6)
# 1000|   		         _("%s: failure while writing changes to %s\n"),
# 1001|   		         Prog, gr_dbname ());
# 1002|-> 		SYSLOG ((LOG_ERR, "failure while writing changes to %s", gr_dbname ()));
# 1003|   		fail_exit (EXIT_FAILURE);
# 1004|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def364]
shadow-4.18.0/src/newusers.c:1009:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/newusers.c:968:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newusers.c:973:13: branch_false: ...to here
shadow-4.18.0/src/newusers.c:998:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newusers.c:1006:13: branch_false: ...to here
shadow-4.18.0/src/newusers.c:1006:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newusers.c:1009:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/newusers.c:1009:17: branch_true: ...to here
shadow-4.18.0/src/newusers.c:1009:17: acquire_memory: allocated here
shadow-4.18.0/src/newusers.c:1009:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/newusers.c:1009:17: branch_true: ...to here
shadow-4.18.0/src/newusers.c:1009:17: throw: if ‘sub_uid_dbname’ throws an exception...
shadow-4.18.0/src/newusers.c:1009:17: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/8)
# 1007|   		fprintf (stderr,
# 1008|   		         _("%s: failure while writing changes to %s\n"), Prog, sub_uid_dbname ());
# 1009|-> 		SYSLOG ((LOG_ERR, "failure while writing changes to %s", sub_uid_dbname ()));
# 1010|   		fail_exit (EXIT_FAILURE);
# 1011|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def365]
shadow-4.18.0/src/newusers.c:1015:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/newusers.c:968:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newusers.c:973:13: branch_false: ...to here
shadow-4.18.0/src/newusers.c:998:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newusers.c:1006:13: branch_false: ...to here
shadow-4.18.0/src/newusers.c:1012:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newusers.c:1015:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/newusers.c:1015:17: branch_true: ...to here
shadow-4.18.0/src/newusers.c:1015:17: acquire_memory: allocated here
shadow-4.18.0/src/newusers.c:1015:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/newusers.c:1015:17: branch_true: ...to here
shadow-4.18.0/src/newusers.c:1015:17: throw: if ‘sub_gid_dbname’ throws an exception...
shadow-4.18.0/src/newusers.c:1015:17: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/8)
# 1013|   		fprintf (stderr,
# 1014|   		         _("%s: failure while writing changes to %s\n"), Prog, sub_gid_dbname ());
# 1015|-> 		SYSLOG ((LOG_ERR, "failure while writing changes to %s", sub_gid_dbname ()));
# 1016|   		fail_exit (EXIT_FAILURE);
# 1017|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def366]
shadow-4.18.0/src/newusers.c:1024:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/newusers.c:968:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newusers.c:973:13: branch_false: ...to here
shadow-4.18.0/src/newusers.c:998:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newusers.c:1006:13: branch_false: ...to here
shadow-4.18.0/src/newusers.c:1020:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newusers.c:1021:17: branch_true: ...to here
shadow-4.18.0/src/newusers.c:1024:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/newusers.c:1024:17: branch_true: ...to here
shadow-4.18.0/src/newusers.c:1024:17: acquire_memory: allocated here
shadow-4.18.0/src/newusers.c:1024:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/newusers.c:1024:17: branch_true: ...to here
shadow-4.18.0/src/newusers.c:1024:17: throw: if ‘gr_dbname’ throws an exception...
shadow-4.18.0/src/newusers.c:1024:17: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/8)
# 1022|   		         _("%s: failed to unlock %s\n"),
# 1023|   		         Prog, gr_dbname ());
# 1024|-> 		SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
# 1025|   		/* continue */
# 1026|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def367]
shadow-4.18.0/src/newusers.c:1035:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/newusers.c:968:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newusers.c:973:13: branch_false: ...to here
shadow-4.18.0/src/newusers.c:998:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newusers.c:1006:13: branch_false: ...to here
shadow-4.18.0/src/newusers.c:1030:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newusers.c:1031:21: branch_true: ...to here
shadow-4.18.0/src/newusers.c:1031:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newusers.c:1032:25: branch_true: ...to here
shadow-4.18.0/src/newusers.c:1035:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/newusers.c:1035:25: branch_true: ...to here
shadow-4.18.0/src/newusers.c:1035:25: acquire_memory: allocated here
shadow-4.18.0/src/newusers.c:1035:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/newusers.c:1035:25: branch_true: ...to here
shadow-4.18.0/src/newusers.c:1035:25: throw: if ‘sgr_dbname’ throws an exception...
shadow-4.18.0/src/newusers.c:1035:25: danger: ‘saved_locale’ leaks here; was allocated at [(11)](sarif:/runs/0/results/28/codeFlows/0/threadFlows/0/locations/10)
# 1033|   			         _("%s: failure while writing changes to %s\n"),
# 1034|   			         Prog, sgr_dbname ());
# 1035|-> 			SYSLOG ((LOG_ERR, "failure while writing changes to %s", sgr_dbname ()));
# 1036|   			fail_exit (EXIT_FAILURE);
# 1037|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def368]
shadow-4.18.0/src/newusers.c:1042:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/newusers.c:968:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newusers.c:973:13: branch_false: ...to here
shadow-4.18.0/src/newusers.c:998:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newusers.c:1006:13: branch_false: ...to here
shadow-4.18.0/src/newusers.c:1030:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newusers.c:1031:21: branch_true: ...to here
shadow-4.18.0/src/newusers.c:1031:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newusers.c:1038:21: branch_false: ...to here
shadow-4.18.0/src/newusers.c:1038:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newusers.c:1039:25: branch_true: ...to here
shadow-4.18.0/src/newusers.c:1042:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/newusers.c:1042:25: branch_true: ...to here
shadow-4.18.0/src/newusers.c:1042:25: acquire_memory: allocated here
shadow-4.18.0/src/newusers.c:1042:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/newusers.c:1042:25: branch_true: ...to here
shadow-4.18.0/src/newusers.c:1042:25: throw: if ‘sgr_dbname’ throws an exception...
shadow-4.18.0/src/newusers.c:1042:25: danger: ‘saved_locale’ leaks here; was allocated at [(13)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/12)
# 1040|   			         _("%s: failed to unlock %s\n"),
# 1041|   			         Prog, sgr_dbname ());
# 1042|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
# 1043|   			/* continue */
# 1044|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def369]
shadow-4.18.0/src/newusers.c:1052:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/newusers.c:968:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newusers.c:973:13: branch_false: ...to here
shadow-4.18.0/src/newusers.c:998:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newusers.c:1006:13: branch_false: ...to here
shadow-4.18.0/src/newusers.c:1006:13: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newusers.c:1012:13: branch_false: ...to here
shadow-4.18.0/src/newusers.c:1049:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newusers.c:1050:21: branch_true: ...to here
shadow-4.18.0/src/newusers.c:1050:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newusers.c:1051:25: branch_true: ...to here
shadow-4.18.0/src/newusers.c:1052:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/newusers.c:1052:25: branch_true: ...to here
shadow-4.18.0/src/newusers.c:1052:25: acquire_memory: allocated here
shadow-4.18.0/src/newusers.c:1052:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/newusers.c:1052:25: branch_true: ...to here
shadow-4.18.0/src/newusers.c:1052:25: throw: if ‘sub_uid_dbname’ throws an exception...
shadow-4.18.0/src/newusers.c:1052:25: danger: ‘saved_locale’ leaks here; was allocated at [(13)](sarif:/runs/0/results/32/codeFlows/0/threadFlows/0/locations/12)
# 1050|   		if (sub_uid_unlock () == 0) {
# 1051|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ());
# 1052|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ()));
# 1053|   			/* continue */
# 1054|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def370]
shadow-4.18.0/src/newusers.c:1060:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/newusers.c:968:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newusers.c:973:13: branch_false: ...to here
shadow-4.18.0/src/newusers.c:998:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newusers.c:1006:13: branch_false: ...to here
shadow-4.18.0/src/newusers.c:1012:13: branch_false: following ‘false’ branch...
shadow-4.18.0/src/newusers.c:1020:13: branch_false: ...to here
shadow-4.18.0/src/newusers.c:1057:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newusers.c:1058:21: branch_true: ...to here
shadow-4.18.0/src/newusers.c:1058:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/newusers.c:1059:25: branch_true: ...to here
shadow-4.18.0/src/newusers.c:1060:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/newusers.c:1060:25: branch_true: ...to here
shadow-4.18.0/src/newusers.c:1060:25: acquire_memory: allocated here
shadow-4.18.0/src/newusers.c:1060:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/newusers.c:1060:25: branch_true: ...to here
shadow-4.18.0/src/newusers.c:1060:25: throw: if ‘sub_gid_dbname’ throws an exception...
shadow-4.18.0/src/newusers.c:1060:25: danger: ‘saved_locale’ leaks here; was allocated at [(13)](sarif:/runs/0/results/34/codeFlows/0/threadFlows/0/locations/12)
# 1058|   		if (sub_gid_unlock () == 0) {
# 1059|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ());
# 1060|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ()));
# 1061|   			/* continue */
# 1062|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def371]
shadow-4.18.0/src/passwd.c:488:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/passwd.c:485:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/passwd.c:486:21: branch_true: ...to here
shadow-4.18.0/src/passwd.c:486:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/passwd.c:487:32: branch_true: ...to here
shadow-4.18.0/src/passwd.c:488:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/passwd.c:488:25: branch_true: ...to here
shadow-4.18.0/src/passwd.c:488:25: acquire_memory: allocated here
shadow-4.18.0/src/passwd.c:488:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/passwd.c:488:25: branch_true: ...to here
shadow-4.18.0/src/passwd.c:488:25: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/passwd.c:488:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/6)
#  486|   		if (pw_unlock () == 0) {
#  487|   			(void) fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
#  488|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
#  489|   			/* continue */
#  490|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def372]
shadow-4.18.0/src/passwd.c:496:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/passwd.c:493:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/passwd.c:494:21: branch_true: ...to here
shadow-4.18.0/src/passwd.c:494:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/passwd.c:495:32: branch_true: ...to here
shadow-4.18.0/src/passwd.c:496:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/passwd.c:496:25: branch_true: ...to here
shadow-4.18.0/src/passwd.c:496:25: acquire_memory: allocated here
shadow-4.18.0/src/passwd.c:496:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/passwd.c:496:25: branch_true: ...to here
shadow-4.18.0/src/passwd.c:496:25: throw: if ‘spw_dbname’ throws an exception...
shadow-4.18.0/src/passwd.c:496:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/6)
#  494|   		if (spw_unlock () == 0) {
#  495|   			(void) fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
#  496|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
#  497|   			/* continue */
#  498|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def373]
shadow-4.18.0/src/passwd.c:532:25: warning[-Wanalyzer-malloc-leak]: leak of ‘cp’
shadow-4.18.0/src/passwd.c:512:14: enter_function: entry to ‘update_crypt_pw’
shadow-4.18.0/src/passwd.c:514:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/passwd.c:516:21: branch_false: ...to here
shadow-4.18.0/src/passwd.c:516:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/passwd.c:517:30: branch_true: ...to here
shadow-4.18.0/src/passwd.c:517:30: call_function: calling ‘xstrdup’ from ‘update_crypt_pw’
shadow-4.18.0/src/passwd.c:517:30: return_function: returning to ‘update_crypt_pw’ from ‘xstrdup’
shadow-4.18.0/src/passwd.c:524:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/passwd.c:524:21: branch_true: ...to here
shadow-4.18.0/src/passwd.c:524:21: call_function: calling ‘strprefix_’ from ‘update_crypt_pw’
shadow-4.18.0/src/passwd.c:524:21: return_function: returning to ‘update_crypt_pw’ from ‘strprefix_’
shadow-4.18.0/src/passwd.c:524:13: branch_true: following ‘true’ branch...
shadow-4.18.0/src/passwd.c:525:21: branch_true: ...to here
shadow-4.18.0/src/passwd.c:525:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/passwd.c:532:25: branch_false: ...to here
shadow-4.18.0/src/passwd.c:536:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/passwd.c:539:25: throw: if ‘xaprintf’ throws an exception...
shadow-4.18.0/src/passwd.c:532:25: danger: ‘cp’ leaks here; was allocated at [(9)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/8)
#  530|   			fail_exit (E_FAILURE);
#  531|   		} else {
#  532|-> 			cp++;
#  533|   		}
#  534|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def374]
shadow-4.18.0/src/passwd.c:539:25: warning[-Wanalyzer-malloc-leak]: leak of ‘cp’
shadow-4.18.0/src/passwd.c:512:14: enter_function: entry to ‘update_crypt_pw’
shadow-4.18.0/src/passwd.c:514:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/passwd.c:516:21: branch_false: ...to here
shadow-4.18.0/src/passwd.c:516:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/passwd.c:517:30: branch_true: ...to here
shadow-4.18.0/src/passwd.c:517:30: call_function: calling ‘xstrdup’ from ‘update_crypt_pw’
shadow-4.18.0/src/passwd.c:517:30: return_function: returning to ‘update_crypt_pw’ from ‘xstrdup’
shadow-4.18.0/src/passwd.c:536:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/passwd.c:539:25: throw: if ‘xaprintf’ throws an exception...
shadow-4.18.0/src/passwd.c:539:25: danger: ‘cp’ leaks here; was allocated at [(9)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/8)
#  537|   		char  *newpw;
#  538|   
#  539|-> 		newpw = xaprintf("!%s", cp);
#  540|   		if (!use_pam)
#  541|   		{

Error: GCC_ANALYZER_WARNING (CWE-401): [#def375]
shadow-4.18.0/src/passwd.c:568:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/passwd.c:557:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/passwd.c:563:9: branch_false: ...to here
shadow-4.18.0/src/passwd.c:564:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/passwd.c:565:24: branch_true: ...to here
shadow-4.18.0/src/passwd.c:568:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/passwd.c:568:17: branch_true: ...to here
shadow-4.18.0/src/passwd.c:568:17: acquire_memory: allocated here
shadow-4.18.0/src/passwd.c:568:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/passwd.c:568:17: branch_true: ...to here
shadow-4.18.0/src/passwd.c:568:17: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/passwd.c:568:17: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/6)
#  566|   		                _("%s: cannot open %s\n"),
#  567|   		                Prog, pw_dbname ());
#  568|-> 		SYSLOG ((LOG_WARN, "cannot open %s", pw_dbname ()));
#  569|   		fail_exit (E_MISSING);
#  570|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def376]
shadow-4.18.0/src/passwd.c:622:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/passwd.c:611:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/passwd.c:617:9: branch_false: ...to here
shadow-4.18.0/src/passwd.c:618:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/passwd.c:619:24: branch_true: ...to here
shadow-4.18.0/src/passwd.c:622:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/passwd.c:622:17: branch_true: ...to here
shadow-4.18.0/src/passwd.c:622:17: acquire_memory: allocated here
shadow-4.18.0/src/passwd.c:622:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/passwd.c:622:17: branch_true: ...to here
shadow-4.18.0/src/passwd.c:622:17: throw: if ‘spw_dbname’ throws an exception...
shadow-4.18.0/src/passwd.c:622:17: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/6)
#  620|   		                _("%s: cannot open %s\n"),
#  621|   		                Prog, spw_dbname ());
#  622|-> 		SYSLOG ((LOG_WARN, "cannot open %s", spw_dbname ()));
#  623|   		fail_exit (E_FAILURE);
#  624|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def377]
shadow-4.18.0/src/passwd.c:911:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/passwd.c:907:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/passwd.c:909:33: branch_true: ...to here
shadow-4.18.0/src/passwd.c:911:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/passwd.c:911:17: branch_true: ...to here
shadow-4.18.0/src/passwd.c:911:17: acquire_memory: allocated here
shadow-4.18.0/src/passwd.c:911:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/passwd.c:911:17: branch_true: ...to here
shadow-4.18.0/src/passwd.c:911:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/passwd.c:911:17: danger: ‘saved_locale’ leaks here; was allocated at [(5)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/4)
#  909|   		                _("%s: Cannot determine your user name.\n"),
#  910|   		                Prog);
#  911|-> 		SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)",
#  912|   		         (unsigned long) getuid ()));
#  913|   		exit (E_NOPERM);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def378]
shadow-4.18.0/src/passwd.c:999:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/passwd.c:907:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/passwd.c:915:27: branch_false: ...to here
shadow-4.18.0/src/passwd.c:929:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/passwd.c:937:13: branch_false: ...to here
shadow-4.18.0/src/passwd.c:937:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/passwd.c:974:13: branch_false: ...to here
shadow-4.18.0/src/passwd.c:989:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/passwd.c:998:13: branch_false: ...to here
shadow-4.18.0/src/passwd.c:998:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/passwd.c:999:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/passwd.c:999:17: branch_true: ...to here
shadow-4.18.0/src/passwd.c:999:17: acquire_memory: allocated here
shadow-4.18.0/src/passwd.c:999:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/passwd.c:999:17: branch_true: ...to here
shadow-4.18.0/src/passwd.c:999:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/passwd.c:999:17: danger: ‘saved_locale’ leaks here; was allocated at [(13)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/12)
#  997|   	   changing a password without entering the old one */
#  998|   	if (amroot && (check_selinux_permit (Prog) != 0)) {
#  999|-> 		SYSLOG ((LOG_ALERT,
# 1000|   		         "root is not authorized by SELinux to change the password of %s",
# 1001|   		         name));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def379]
shadow-4.18.0/src/passwd.c:1017:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/passwd.c:907:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/passwd.c:915:27: branch_false: ...to here
shadow-4.18.0/src/passwd.c:929:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/passwd.c:937:13: branch_false: ...to here
shadow-4.18.0/src/passwd.c:937:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/passwd.c:974:13: branch_false: ...to here
shadow-4.18.0/src/passwd.c:989:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/passwd.c:998:13: branch_false: ...to here
shadow-4.18.0/src/passwd.c:1013:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/passwd.c:1013:25: branch_false: ...to here
shadow-4.18.0/src/passwd.c:1013:13: branch_true: following ‘true’ branch...
shadow-4.18.0/src/passwd.c:1014:17: branch_true: ...to here
shadow-4.18.0/src/passwd.c:1017:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/passwd.c:1017:17: branch_true: ...to here
shadow-4.18.0/src/passwd.c:1017:17: acquire_memory: allocated here
shadow-4.18.0/src/passwd.c:1017:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/passwd.c:1017:17: branch_true: ...to here
shadow-4.18.0/src/passwd.c:1017:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/passwd.c:1017:17: danger: ‘saved_locale’ leaks here; was allocated at [(15)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/14)
# 1015|   		                _("%s: You may not view or modify password information for %s.\n"),
# 1016|   		                Prog, name);
# 1017|-> 		SYSLOG ((LOG_WARN,
# 1018|   		         "can't view or modify password information for %s",
# 1019|   		         name));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def380]
shadow-4.18.0/src/pwck.c:91:33: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/pwck.c:87:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwck.c:88:21: branch_true: ...to here
shadow-4.18.0/src/pwck.c:88:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwck.c:89:25: branch_true: ...to here
shadow-4.18.0/src/pwck.c:90:28: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwck.c:91:33: branch_true: ...to here
shadow-4.18.0/src/pwck.c:91:33: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/pwck.c:91:33: branch_true: ...to here
shadow-4.18.0/src/pwck.c:91:33: acquire_memory: allocated here
shadow-4.18.0/src/pwck.c:91:33: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/pwck.c:91:33: branch_true: ...to here
shadow-4.18.0/src/pwck.c:91:33: throw: if ‘spw_dbname’ throws an exception...
shadow-4.18.0/src/pwck.c:91:33: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/8)
#   89|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
#   90|   			if (use_system_spw_file) {
#   91|-> 				SYSLOG ((LOG_ERR, "failed to unlock %s",
#   92|   				         spw_dbname ()));
#   93|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def381]
shadow-4.18.0/src/pwck.c:102:33: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/pwck.c:98:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwck.c:99:21: branch_true: ...to here
shadow-4.18.0/src/pwck.c:99:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwck.c:100:25: branch_true: ...to here
shadow-4.18.0/src/pwck.c:101:28: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwck.c:102:33: branch_true: ...to here
shadow-4.18.0/src/pwck.c:102:33: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/pwck.c:102:33: branch_true: ...to here
shadow-4.18.0/src/pwck.c:102:33: acquire_memory: allocated here
shadow-4.18.0/src/pwck.c:102:33: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/pwck.c:102:33: branch_true: ...to here
shadow-4.18.0/src/pwck.c:102:33: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/pwck.c:102:33: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/8)
#  100|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
#  101|   			if (use_system_pw_file) {
#  102|-> 				SYSLOG ((LOG_ERR, "failed to unlock %s",
#  103|   				         pw_dbname ()));
#  104|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def382]
shadow-4.18.0/src/pwck.c:280:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/pwck.c:276:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwck.c:277:17: branch_true: ...to here
shadow-4.18.0/src/pwck.c:279:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwck.c:280:25: branch_true: ...to here
shadow-4.18.0/src/pwck.c:280:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/pwck.c:280:25: branch_true: ...to here
shadow-4.18.0/src/pwck.c:280:25: acquire_memory: allocated here
shadow-4.18.0/src/pwck.c:280:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/pwck.c:280:25: branch_true: ...to here
shadow-4.18.0/src/pwck.c:280:25: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/pwck.c:280:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/6)
#  278|   		         Prog, pw_dbname ());
#  279|   		if (use_system_pw_file) {
#  280|-> 			SYSLOG ((LOG_WARN, "cannot open %s", pw_dbname ()));
#  281|   		}
#  282|   		fail_exit (E_CANTOPEN);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def383]
shadow-4.18.0/src/pwck.c:289:33: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/pwck.c:276:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwck.c:284:13: branch_false: ...to here
shadow-4.18.0/src/pwck.c:284:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwck.c:285:41: branch_true: ...to here
shadow-4.18.0/src/pwck.c:285:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwck.c:286:25: branch_true: ...to here
shadow-4.18.0/src/pwck.c:288:28: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwck.c:289:33: branch_true: ...to here
shadow-4.18.0/src/pwck.c:289:33: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/pwck.c:289:33: branch_true: ...to here
shadow-4.18.0/src/pwck.c:289:33: acquire_memory: allocated here
shadow-4.18.0/src/pwck.c:289:33: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/pwck.c:289:33: branch_true: ...to here
shadow-4.18.0/src/pwck.c:289:33: throw: if ‘spw_dbname’ throws an exception...
shadow-4.18.0/src/pwck.c:289:33: danger: ‘saved_locale’ leaks here; was allocated at [(11)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/10)
#  287|   			         Prog, spw_dbname ());
#  288|   			if (use_system_spw_file) {
#  289|-> 				SYSLOG ((LOG_WARN, "cannot open %s",
#  290|   				         spw_dbname ()));
#  291|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def384]
shadow-4.18.0/src/pwck.c:317:33: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/pwck.c:311:12: branch_true: following ‘true’ branch (when ‘changed != 0’)...
shadow-4.18.0/src/pwck.c:312:21: branch_true: ...to here
shadow-4.18.0/src/pwck.c:312:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwck.c:313:25: branch_true: ...to here
shadow-4.18.0/src/pwck.c:316:28: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwck.c:317:33: branch_true: ...to here
shadow-4.18.0/src/pwck.c:317:33: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/pwck.c:317:33: branch_true: ...to here
shadow-4.18.0/src/pwck.c:317:33: acquire_memory: allocated here
shadow-4.18.0/src/pwck.c:317:33: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/pwck.c:317:33: branch_true: ...to here
shadow-4.18.0/src/pwck.c:317:33: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/pwck.c:317:33: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/8)
#  315|   			         Prog, pw_dbname ());
#  316|   			if (use_system_pw_file) {
#  317|-> 				SYSLOG ((LOG_ERR,
#  318|   				         "failure while writing changes to %s",
#  319|   				         pw_dbname ()));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def385]
shadow-4.18.0/src/pwck.c:328:33: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/pwck.c:311:12: branch_true: following ‘true’ branch (when ‘changed != 0’)...
shadow-4.18.0/src/pwck.c:312:21: branch_true: ...to here
shadow-4.18.0/src/pwck.c:312:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwck.c:323:21: branch_false: ...to here
shadow-4.18.0/src/pwck.c:323:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwck.c:327:28: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwck.c:328:33: branch_true: ...to here
shadow-4.18.0/src/pwck.c:328:33: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/pwck.c:328:33: branch_true: ...to here
shadow-4.18.0/src/pwck.c:328:33: acquire_memory: allocated here
shadow-4.18.0/src/pwck.c:328:33: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/pwck.c:328:33: branch_true: ...to here
shadow-4.18.0/src/pwck.c:328:33: throw: if ‘spw_dbname’ throws an exception...
shadow-4.18.0/src/pwck.c:328:33: danger: ‘saved_locale’ leaks here; was allocated at [(11)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/10)
#  326|   			         Prog, spw_dbname ());
#  327|   			if (use_system_spw_file) {
#  328|-> 				SYSLOG ((LOG_ERR,
#  329|   				         "failure while writing changes to %s",
#  330|   				         spw_dbname ()));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def386]
shadow-4.18.0/src/pwck.c:346:33: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/pwck.c:340:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwck.c:341:21: branch_true: ...to here
shadow-4.18.0/src/pwck.c:341:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwck.c:342:25: branch_true: ...to here
shadow-4.18.0/src/pwck.c:345:28: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwck.c:346:33: branch_true: ...to here
shadow-4.18.0/src/pwck.c:346:33: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/pwck.c:346:33: branch_true: ...to here
shadow-4.18.0/src/pwck.c:346:33: acquire_memory: allocated here
shadow-4.18.0/src/pwck.c:346:33: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/pwck.c:346:33: branch_true: ...to here
shadow-4.18.0/src/pwck.c:346:33: throw: if ‘spw_dbname’ throws an exception...
shadow-4.18.0/src/pwck.c:346:33: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/8)
#  344|   			         Prog, spw_dbname ());
#  345|   			if (use_system_spw_file) {
#  346|-> 				SYSLOG ((LOG_ERR, "failed to unlock %s",
#  347|   				         spw_dbname ()));
#  348|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def387]
shadow-4.18.0/src/pwck.c:359:33: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/pwck.c:353:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwck.c:354:21: branch_true: ...to here
shadow-4.18.0/src/pwck.c:354:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwck.c:355:25: branch_true: ...to here
shadow-4.18.0/src/pwck.c:358:28: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwck.c:359:33: branch_true: ...to here
shadow-4.18.0/src/pwck.c:359:33: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/pwck.c:359:33: branch_true: ...to here
shadow-4.18.0/src/pwck.c:359:33: acquire_memory: allocated here
shadow-4.18.0/src/pwck.c:359:33: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/pwck.c:359:33: branch_true: ...to here
shadow-4.18.0/src/pwck.c:359:33: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/pwck.c:359:33: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/8)
#  357|   			         Prog, pw_dbname ());
#  358|   			if (use_system_pw_file) {
#  359|-> 				SYSLOG ((LOG_ERR, "failed to unlock %s",
#  360|   				         pw_dbname ()));
#  361|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def388]
shadow-4.18.0/src/pwck.c:420:33: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/pwck.c:382:38: branch_true: following ‘true’ branch (when ‘pfe’ is non-NULL)...
shadow-4.18.0/src/pwck.c:387:21: branch_true: ...to here
shadow-4.18.0/src/pwck.c:387:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwck.c:396:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwck.c:401:31: branch_true: ...to here
shadow-4.18.0/src/pwck.c:419:28: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwck.c:420:33: branch_true: ...to here
shadow-4.18.0/src/pwck.c:420:33: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/pwck.c:420:33: branch_true: ...to here
shadow-4.18.0/src/pwck.c:420:33: acquire_memory: allocated here
shadow-4.18.0/src/pwck.c:420:33: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/pwck.c:420:33: branch_true: ...to here
shadow-4.18.0/src/pwck.c:420:33: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/pwck.c:420:33: danger: ‘saved_locale’ leaks here; was allocated at [(11)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/10)
#  418|   		      delete_pw:
#  419|   			if (use_system_pw_file) {
#  420|-> 				SYSLOG ((LOG_INFO, "delete passwd line '%s'",
#  421|   				         pfe->line));
#  422|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def389]
shadow-4.18.0/src/pwck.c:745:33: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/pwck.c:699:39: branch_true: following ‘true’ branch (when ‘spe’ is non-NULL)...
shadow-4.18.0/src/pwck.c:704:29: branch_true: ...to here
shadow-4.18.0/src/pwck.c:712:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwck.c:721:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwck.c:726:31: branch_true: ...to here
shadow-4.18.0/src/pwck.c:744:28: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwck.c:745:33: branch_true: ...to here
shadow-4.18.0/src/pwck.c:745:33: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/pwck.c:745:33: branch_true: ...to here
shadow-4.18.0/src/pwck.c:745:33: acquire_memory: allocated here
shadow-4.18.0/src/pwck.c:745:33: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/pwck.c:745:33: branch_true: ...to here
shadow-4.18.0/src/pwck.c:745:33: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/pwck.c:745:33: danger: ‘saved_locale’ leaks here; was allocated at [(11)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/10)
#  743|   		      delete_spw:
#  744|   			if (use_system_spw_file) {
#  745|-> 				SYSLOG ((LOG_INFO, "delete shadow line '%s'",
#  746|   				         spe->line));
#  747|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def390]
shadow-4.18.0/src/pwconv.c:88:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/pwconv.c:85:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwconv.c:86:21: branch_true: ...to here
shadow-4.18.0/src/pwconv.c:86:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwconv.c:87:25: branch_true: ...to here
shadow-4.18.0/src/pwconv.c:88:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/pwconv.c:88:25: branch_true: ...to here
shadow-4.18.0/src/pwconv.c:88:25: acquire_memory: allocated here
shadow-4.18.0/src/pwconv.c:88:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/pwconv.c:88:25: branch_true: ...to here
shadow-4.18.0/src/pwconv.c:88:25: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/pwconv.c:88:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6)
#   86|   		if (pw_unlock () == 0) {
#   87|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
#   88|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
#   89|   			/* continue */
#   90|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def391]
shadow-4.18.0/src/pwconv.c:96:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/pwconv.c:93:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwconv.c:94:21: branch_true: ...to here
shadow-4.18.0/src/pwconv.c:94:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwconv.c:95:25: branch_true: ...to here
shadow-4.18.0/src/pwconv.c:96:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/pwconv.c:96:25: branch_true: ...to here
shadow-4.18.0/src/pwconv.c:96:25: acquire_memory: allocated here
shadow-4.18.0/src/pwconv.c:96:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/pwconv.c:96:25: branch_true: ...to here
shadow-4.18.0/src/pwconv.c:96:25: throw: if ‘spw_dbname’ throws an exception...
shadow-4.18.0/src/pwconv.c:96:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/6)
#   94|   		if (spw_unlock () == 0) {
#   95|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
#   96|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
#   97|   			/* continue */
#   98|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def392]
shadow-4.18.0/src/pwconv.c:281:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/pwconv.c:153:5: enter_function: entry to ‘main’
shadow-4.18.0/src/pwconv.c:171:9: call_function: calling ‘process_flags’ from ‘main’
shadow-4.18.0/src/pwconv.c:171:9: return_function: returning to ‘main’ from ‘process_flags’
shadow-4.18.0/src/pwconv.c:180:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwconv.c:186:9: branch_false: ...to here
shadow-4.18.0/src/pwconv.c:187:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwconv.c:193:13: branch_false: ...to here
shadow-4.18.0/src/pwconv.c:193:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwconv.c:199:9: branch_false: ...to here
shadow-4.18.0/src/pwconv.c:200:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwconv.c:209:16: branch_false: ...to here
shadow-4.18.0/src/pwconv.c:277:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwconv.c:278:17: branch_true: ...to here
shadow-4.18.0/src/pwconv.c:281:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/pwconv.c:281:17: branch_true: ...to here
shadow-4.18.0/src/pwconv.c:281:17: acquire_memory: allocated here
shadow-4.18.0/src/pwconv.c:281:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/pwconv.c:281:17: branch_true: ...to here
shadow-4.18.0/src/pwconv.c:281:17: throw: if ‘spw_dbname’ throws an exception...
shadow-4.18.0/src/pwconv.c:281:17: danger: ‘saved_locale’ leaks here; was allocated at [(19)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/18)
#  279|   		         _("%s: failure while writing changes to %s\n"),
#  280|   		         Prog, spw_dbname ());
#  281|-> 		SYSLOG ((LOG_ERR, "failure while writing changes to %s", spw_dbname ()));
#  282|   		fail_exit (E_FAILURE);
#  283|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def393]
shadow-4.18.0/src/pwconv.c:288:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/pwconv.c:153:5: enter_function: entry to ‘main’
shadow-4.18.0/src/pwconv.c:171:9: call_function: calling ‘process_flags’ from ‘main’
shadow-4.18.0/src/pwconv.c:171:9: return_function: returning to ‘main’ from ‘process_flags’
shadow-4.18.0/src/pwconv.c:180:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwconv.c:186:9: branch_false: ...to here
shadow-4.18.0/src/pwconv.c:187:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwconv.c:193:13: branch_false: ...to here
shadow-4.18.0/src/pwconv.c:193:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwconv.c:199:9: branch_false: ...to here
shadow-4.18.0/src/pwconv.c:200:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwconv.c:209:16: branch_false: ...to here
shadow-4.18.0/src/pwconv.c:277:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwconv.c:284:13: branch_false: ...to here
shadow-4.18.0/src/pwconv.c:284:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwconv.c:285:17: branch_true: ...to here
shadow-4.18.0/src/pwconv.c:288:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/pwconv.c:288:17: branch_true: ...to here
shadow-4.18.0/src/pwconv.c:288:17: acquire_memory: allocated here
shadow-4.18.0/src/pwconv.c:288:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/pwconv.c:288:17: branch_true: ...to here
shadow-4.18.0/src/pwconv.c:288:17: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/pwconv.c:288:17: danger: ‘saved_locale’ leaks here; was allocated at [(21)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/20)
#  286|   		         _("%s: failure while writing changes to %s\n"),
#  287|   		         Prog, pw_dbname ());
#  288|-> 		SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
#  289|   		fail_exit (E_FAILURE);
#  290|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def394]
shadow-4.18.0/src/pwconv.c:298:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/pwconv.c:153:5: enter_function: entry to ‘main’
shadow-4.18.0/src/pwconv.c:171:9: call_function: calling ‘process_flags’ from ‘main’
shadow-4.18.0/src/pwconv.c:171:9: return_function: returning to ‘main’ from ‘process_flags’
shadow-4.18.0/src/pwconv.c:180:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwconv.c:186:9: branch_false: ...to here
shadow-4.18.0/src/pwconv.c:187:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwconv.c:193:13: branch_false: ...to here
shadow-4.18.0/src/pwconv.c:193:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwconv.c:199:9: branch_false: ...to here
shadow-4.18.0/src/pwconv.c:200:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwconv.c:209:16: branch_false: ...to here
shadow-4.18.0/src/pwconv.c:277:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwconv.c:284:13: branch_false: ...to here
shadow-4.18.0/src/pwconv.c:284:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwconv.c:293:9: branch_false: ...to here
shadow-4.18.0/src/pwconv.c:294:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwconv.c:298:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/pwconv.c:298:17: branch_true: ...to here
shadow-4.18.0/src/pwconv.c:298:17: acquire_memory: allocated here
shadow-4.18.0/src/pwconv.c:298:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/pwconv.c:298:17: branch_true: ...to here
shadow-4.18.0/src/pwconv.c:298:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/pwconv.c:298:17: danger: ‘saved_locale’ leaks here; was allocated at [(23)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/22)
#  296|   		         _("%s: failed to change the mode of %s to 0600\n"),
#  297|   		         Prog, PASSWD_FILE "-");
#  298|-> 		SYSLOG ((LOG_ERR, "failed to change the mode of %s to 0600", PASSWD_FILE "-"));
#  299|   		/* continue */
#  300|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def395]
shadow-4.18.0/src/pwconv.c:304:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/pwconv.c:153:5: enter_function: entry to ‘main’
shadow-4.18.0/src/pwconv.c:171:9: call_function: calling ‘process_flags’ from ‘main’
shadow-4.18.0/src/pwconv.c:171:9: return_function: returning to ‘main’ from ‘process_flags’
shadow-4.18.0/src/pwconv.c:180:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwconv.c:186:9: branch_false: ...to here
shadow-4.18.0/src/pwconv.c:187:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwconv.c:193:13: branch_false: ...to here
shadow-4.18.0/src/pwconv.c:193:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwconv.c:199:9: branch_false: ...to here
shadow-4.18.0/src/pwconv.c:200:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwconv.c:209:16: branch_false: ...to here
shadow-4.18.0/src/pwconv.c:277:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwconv.c:284:13: branch_false: ...to here
shadow-4.18.0/src/pwconv.c:284:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwconv.c:293:9: branch_false: ...to here
shadow-4.18.0/src/pwconv.c:302:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwconv.c:303:17: branch_true: ...to here
shadow-4.18.0/src/pwconv.c:304:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/pwconv.c:304:17: branch_true: ...to here
shadow-4.18.0/src/pwconv.c:304:17: acquire_memory: allocated here
shadow-4.18.0/src/pwconv.c:304:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/pwconv.c:304:17: branch_true: ...to here
shadow-4.18.0/src/pwconv.c:304:17: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/pwconv.c:304:17: danger: ‘saved_locale’ leaks here; was allocated at [(23)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/22)
#  302|   	if (pw_unlock () == 0) {
#  303|   		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
#  304|-> 		SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
#  305|   		/* continue */
#  306|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def396]
shadow-4.18.0/src/pwconv.c:310:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/pwconv.c:153:5: enter_function: entry to ‘main’
shadow-4.18.0/src/pwconv.c:171:9: call_function: calling ‘process_flags’ from ‘main’
shadow-4.18.0/src/pwconv.c:171:9: return_function: returning to ‘main’ from ‘process_flags’
shadow-4.18.0/src/pwconv.c:180:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwconv.c:186:9: branch_false: ...to here
shadow-4.18.0/src/pwconv.c:187:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwconv.c:193:13: branch_false: ...to here
shadow-4.18.0/src/pwconv.c:193:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwconv.c:199:9: branch_false: ...to here
shadow-4.18.0/src/pwconv.c:200:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwconv.c:209:16: branch_false: ...to here
shadow-4.18.0/src/pwconv.c:277:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwconv.c:284:13: branch_false: ...to here
shadow-4.18.0/src/pwconv.c:284:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwconv.c:293:9: branch_false: ...to here
shadow-4.18.0/src/pwconv.c:308:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwconv.c:309:17: branch_true: ...to here
shadow-4.18.0/src/pwconv.c:310:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/pwconv.c:310:17: branch_true: ...to here
shadow-4.18.0/src/pwconv.c:310:17: acquire_memory: allocated here
shadow-4.18.0/src/pwconv.c:310:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/pwconv.c:310:17: branch_true: ...to here
shadow-4.18.0/src/pwconv.c:310:17: throw: if ‘spw_dbname’ throws an exception...
shadow-4.18.0/src/pwconv.c:310:17: danger: ‘saved_locale’ leaks here; was allocated at [(23)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/22)
#  308|   	if (spw_unlock () == 0) {
#  309|   		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
#  310|-> 		SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
#  311|   		/* continue */
#  312|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def397]
shadow-4.18.0/src/pwunconv.c:52:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/pwunconv.c:49:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwunconv.c:50:21: branch_true: ...to here
shadow-4.18.0/src/pwunconv.c:50:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwunconv.c:51:25: branch_true: ...to here
shadow-4.18.0/src/pwunconv.c:52:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/pwunconv.c:52:25: branch_true: ...to here
shadow-4.18.0/src/pwunconv.c:52:25: acquire_memory: allocated here
shadow-4.18.0/src/pwunconv.c:52:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/pwunconv.c:52:25: branch_true: ...to here
shadow-4.18.0/src/pwunconv.c:52:25: throw: if ‘spw_dbname’ throws an exception...
shadow-4.18.0/src/pwunconv.c:52:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6)
#   50|   		if (spw_unlock () == 0) {
#   51|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
#   52|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
#   53|   			/* continue */
#   54|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def398]
shadow-4.18.0/src/pwunconv.c:59:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/pwunconv.c:56:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwunconv.c:57:21: branch_true: ...to here
shadow-4.18.0/src/pwunconv.c:57:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwunconv.c:58:25: branch_true: ...to here
shadow-4.18.0/src/pwunconv.c:59:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/pwunconv.c:59:25: branch_true: ...to here
shadow-4.18.0/src/pwunconv.c:59:25: acquire_memory: allocated here
shadow-4.18.0/src/pwunconv.c:59:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/pwunconv.c:59:25: branch_true: ...to here
shadow-4.18.0/src/pwunconv.c:59:25: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/pwunconv.c:59:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/6)
#   57|   		if (pw_unlock () == 0) {
#   58|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
#   59|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
#   60|   			/* continue */
#   61|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def399]
shadow-4.18.0/src/pwunconv.c:214:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/pwunconv.c:115:5: enter_function: entry to ‘main’
shadow-4.18.0/src/pwunconv.c:132:9: call_function: calling ‘process_flags’ from ‘main’
shadow-4.18.0/src/pwunconv.c:132:9: return_function: returning to ‘main’ from ‘process_flags’
shadow-4.18.0/src/pwunconv.c:141:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwunconv.c:146:13: branch_true: ...to here
shadow-4.18.0/src/pwunconv.c:146:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwunconv.c:152:9: branch_false: ...to here
shadow-4.18.0/src/pwunconv.c:153:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwunconv.c:160:13: branch_false: ...to here
shadow-4.18.0/src/pwunconv.c:160:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwunconv.c:166:9: branch_false: ...to here
shadow-4.18.0/src/pwunconv.c:167:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwunconv.c:174:16: branch_false: ...to here
shadow-4.18.0/src/pwunconv.c:210:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwunconv.c:211:17: branch_true: ...to here
shadow-4.18.0/src/pwunconv.c:214:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/pwunconv.c:214:17: branch_true: ...to here
shadow-4.18.0/src/pwunconv.c:214:17: acquire_memory: allocated here
shadow-4.18.0/src/pwunconv.c:214:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/pwunconv.c:214:17: branch_true: ...to here
shadow-4.18.0/src/pwunconv.c:214:17: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/pwunconv.c:214:17: danger: ‘saved_locale’ leaks here; was allocated at [(21)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/20)
#  212|   		         _("%s: failure while writing changes to %s\n"),
#  213|   		         Prog, pw_dbname ());
#  214|-> 		SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
#  215|   		fail_exit (3);
#  216|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def400]
shadow-4.18.0/src/pwunconv.c:221:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/pwunconv.c:115:5: enter_function: entry to ‘main’
shadow-4.18.0/src/pwunconv.c:132:9: call_function: calling ‘process_flags’ from ‘main’
shadow-4.18.0/src/pwunconv.c:132:9: return_function: returning to ‘main’ from ‘process_flags’
shadow-4.18.0/src/pwunconv.c:141:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwunconv.c:146:13: branch_true: ...to here
shadow-4.18.0/src/pwunconv.c:146:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwunconv.c:152:9: branch_false: ...to here
shadow-4.18.0/src/pwunconv.c:153:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwunconv.c:160:13: branch_false: ...to here
shadow-4.18.0/src/pwunconv.c:160:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwunconv.c:166:9: branch_false: ...to here
shadow-4.18.0/src/pwunconv.c:167:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwunconv.c:174:16: branch_false: ...to here
shadow-4.18.0/src/pwunconv.c:210:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwunconv.c:218:13: branch_false: ...to here
shadow-4.18.0/src/pwunconv.c:218:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwunconv.c:220:26: branch_true: ...to here
shadow-4.18.0/src/pwunconv.c:221:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/pwunconv.c:221:17: branch_true: ...to here
shadow-4.18.0/src/pwunconv.c:221:17: acquire_memory: allocated here
shadow-4.18.0/src/pwunconv.c:221:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/pwunconv.c:221:17: branch_true: ...to here
shadow-4.18.0/src/pwunconv.c:221:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/pwunconv.c:221:17: danger: ‘saved_locale’ leaks here; was allocated at [(23)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/22)
#  219|   		fprintf (stderr,
#  220|   			 _("%s: cannot delete %s\n"), Prog, SHADOW);
#  221|-> 		SYSLOG ((LOG_ERR, "cannot delete %s", SHADOW));
#  222|   		fail_exit (3);
#  223|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def401]
shadow-4.18.0/src/pwunconv.c:227:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/pwunconv.c:115:5: enter_function: entry to ‘main’
shadow-4.18.0/src/pwunconv.c:132:9: call_function: calling ‘process_flags’ from ‘main’
shadow-4.18.0/src/pwunconv.c:132:9: return_function: returning to ‘main’ from ‘process_flags’
shadow-4.18.0/src/pwunconv.c:141:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwunconv.c:146:13: branch_true: ...to here
shadow-4.18.0/src/pwunconv.c:146:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwunconv.c:152:9: branch_false: ...to here
shadow-4.18.0/src/pwunconv.c:153:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwunconv.c:160:13: branch_false: ...to here
shadow-4.18.0/src/pwunconv.c:160:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwunconv.c:166:9: branch_false: ...to here
shadow-4.18.0/src/pwunconv.c:167:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwunconv.c:174:16: branch_false: ...to here
shadow-4.18.0/src/pwunconv.c:210:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwunconv.c:218:13: branch_false: ...to here
shadow-4.18.0/src/pwunconv.c:218:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwunconv.c:225:13: branch_false: ...to here
shadow-4.18.0/src/pwunconv.c:225:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwunconv.c:226:17: branch_true: ...to here
shadow-4.18.0/src/pwunconv.c:227:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/pwunconv.c:227:17: branch_true: ...to here
shadow-4.18.0/src/pwunconv.c:227:17: acquire_memory: allocated here
shadow-4.18.0/src/pwunconv.c:227:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/pwunconv.c:227:17: branch_true: ...to here
shadow-4.18.0/src/pwunconv.c:227:17: throw: if ‘spw_dbname’ throws an exception...
shadow-4.18.0/src/pwunconv.c:227:17: danger: ‘saved_locale’ leaks here; was allocated at [(25)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/24)
#  225|   	if (spw_unlock () == 0) {
#  226|   		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
#  227|-> 		SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
#  228|   		/* continue */
#  229|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def402]
shadow-4.18.0/src/pwunconv.c:232:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/pwunconv.c:115:5: enter_function: entry to ‘main’
shadow-4.18.0/src/pwunconv.c:132:9: call_function: calling ‘process_flags’ from ‘main’
shadow-4.18.0/src/pwunconv.c:132:9: return_function: returning to ‘main’ from ‘process_flags’
shadow-4.18.0/src/pwunconv.c:141:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwunconv.c:146:13: branch_true: ...to here
shadow-4.18.0/src/pwunconv.c:146:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwunconv.c:152:9: branch_false: ...to here
shadow-4.18.0/src/pwunconv.c:153:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwunconv.c:160:13: branch_false: ...to here
shadow-4.18.0/src/pwunconv.c:160:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwunconv.c:166:9: branch_false: ...to here
shadow-4.18.0/src/pwunconv.c:167:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwunconv.c:174:16: branch_false: ...to here
shadow-4.18.0/src/pwunconv.c:210:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwunconv.c:218:13: branch_false: ...to here
shadow-4.18.0/src/pwunconv.c:218:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/pwunconv.c:225:13: branch_false: ...to here
shadow-4.18.0/src/pwunconv.c:230:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/pwunconv.c:231:17: branch_true: ...to here
shadow-4.18.0/src/pwunconv.c:232:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/pwunconv.c:232:17: branch_true: ...to here
shadow-4.18.0/src/pwunconv.c:232:17: acquire_memory: allocated here
shadow-4.18.0/src/pwunconv.c:232:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/pwunconv.c:232:17: branch_true: ...to here
shadow-4.18.0/src/pwunconv.c:232:17: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/pwunconv.c:232:17: danger: ‘saved_locale’ leaks here; was allocated at [(25)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/24)
#  230|   	if (pw_unlock () == 0) {
#  231|   		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
#  232|-> 		SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
#  233|   		/* continue */
#  234|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def403]
shadow-4.18.0/src/su.c:206:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/su.c:650:34: enter_function: entry to ‘do_check_perms’
shadow-4.18.0/src/su.c:662:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/su.c:664:33: branch_true: ...to here
shadow-4.18.0/src/su.c:665:17: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/su.c:666:17: branch_false: ...to here
shadow-4.18.0/src/su.c:666:17: call_function: calling ‘su_failure’ from ‘do_check_perms’
#  204|   	sulog (tty, false, caller_name, name);	/* log failed attempt */
#  205|   	if (getdef_bool ("SYSLOG_SU_ENAB")) {
#  206|-> 		SYSLOG ((su_to_root ? LOG_NOTICE : LOG_INFO,
#  207|   		         "- %s %s:%s", tty,
#  208|   		         ('\0' != caller_name[0]) ? caller_name : "???",

Error: COMPILER_WARNING (CWE-252): [#def404]
shadow-4.18.0/src/su.c: scope_hint: In function ‘su_failure’
shadow-4.18.0/src/su.c:215:9: warning[-Wunused-result]: ignoring return value of ‘audit_log_acct_message’ declared with attribute ‘warn_unused_result’
#  215 |         audit_log_acct_message (audit_fd,
#      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  216 |                                 AUDIT_USER_ROLE_CHANGE,
#      |                                 ~~~~~~~~~~~~~~~~~~~~~~~
#  217 |                                 NULL,    /* Prog. name */
#      |                                 ~~~~~~~~~~~~~~~~~~~~~~~~~
#  218 |                                 "su",
#      |                                 ~~~~~
#  219 |                                 ('\0' != caller_name[0]) ? caller_name : "???",
#      |                                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  220 |                                 AUDIT_NO_ID,
#      |                                 ~~~~~~~~~~~~
#  221 |                                 "localhost",
#      |                                 ~~~~~~~~~~~~
#  222 |                                 NULL,    /* addr */
#      |                                 ~~~~~~~~~~~~~~~~~~~
#  223 |                                 tty,
#      |                                 ~~~~
#  224 |                                 0);      /* result */
#      |                                 ~~
#  213|   #ifdef WITH_AUDIT
#  214|   	audit_fd = audit_open ();
#  215|-> 	audit_log_acct_message (audit_fd,
#  216|   				AUDIT_USER_ROLE_CHANGE,
#  217|   				NULL,    /* Prog. name */

Error: GCC_ANALYZER_WARNING (CWE-476): [#def405]
shadow-4.18.0/src/su.c:254:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘xreallocarray(0, n_args + 3, 8)’
shadow-4.18.0/src/su.c:235:13: enter_function: entry to ‘execve_shell’
shadow-4.18.0/src/su.c:243:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/su.c:243:12: branch_true: ...to here
shadow-4.18.0/src/su.c:253:25: call_function: inlined call to ‘xmallocarray’ from ‘execve_shell’
shadow-4.18.0/src/su.c:254:17: danger: ‘xreallocarray(0, n_args + 3, 8)’ could be NULL: unchecked value from [(5)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/4)
#  252|   		}
#  253|   		targs = XMALLOC(n_args + 3, char *);
#  254|-> 		targs[0] = "sh";
#  255|   		targs[1] = "-";
#  256|   		targs[2] = xstrdup (shellname);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def406]
shadow-4.18.0/src/su.c:297:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/su.c:293:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/su.c:297:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/su.c:297:17: branch_true: ...to here
shadow-4.18.0/src/su.c:297:17: acquire_memory: allocated here
shadow-4.18.0/src/su.c:297:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/su.c:297:17: branch_true: ...to here
shadow-4.18.0/src/su.c:297:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/su.c:297:17: danger: ‘saved_locale’ leaks here; was allocated at [(5)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/4)
#  295|   		         _("%s: signal masking malfunction\n"),
#  296|   		         Prog);
#  297|-> 		SYSLOG ((LOG_WARN, "Will not execute %s", shellstr));
#  298|   		closelog ();
#  299|   		exit (1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def407]
shadow-4.18.0/src/su.c:310:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/su.c:304:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/su.c:306:19: branch_false: ...to here
shadow-4.18.0/src/su.c:306:19: branch_true: following ‘true’ branch...
shadow-4.18.0/src/su.c:308:33: branch_true: ...to here
shadow-4.18.0/src/su.c:310:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/su.c:310:17: branch_true: ...to here
shadow-4.18.0/src/su.c:310:17: acquire_memory: allocated here
shadow-4.18.0/src/su.c:310:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/su.c:310:17: branch_true: ...to here
shadow-4.18.0/src/su.c:310:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/su.c:310:17: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/6)
#  308|   		                _("%s: Cannot fork user shell\n"),
#  309|   		                Prog);
#  310|-> 		SYSLOG ((LOG_WARN, "Cannot execute %s", shellstr));
#  311|   		closelog ();
#  312|   		exit (1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def408]
shadow-4.18.0/src/su.c:428:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/su.c:304:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/su.c:306:19: branch_false: ...to here
shadow-4.18.0/src/su.c:306:19: branch_false: following ‘false’ branch...
shadow-4.18.0/src/su.c:317:9: branch_false: ...to here
shadow-4.18.0/src/su.c:427:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/su.c:428:17: branch_true: ...to here
shadow-4.18.0/src/su.c:428:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/su.c:428:17: branch_true: ...to here
shadow-4.18.0/src/su.c:428:17: acquire_memory: allocated here
shadow-4.18.0/src/su.c:428:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/su.c:428:17: branch_true: ...to here
shadow-4.18.0/src/su.c:428:17: throw: if ‘pam_strerror’ throws an exception...
shadow-4.18.0/src/su.c:428:17: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/8)
#  426|   	ret = pam_close_session (pamh, 0);
#  427|   	if (PAM_SUCCESS != ret) {
#  428|-> 		SYSLOG ((LOG_ERR, "pam_close_session: %s",
#  429|   		         pam_strerror (pamh, ret)));
#  430|   		fprintf (stderr, _("%s: %s\n"), Prog, pam_strerror (pamh, ret));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def409]
shadow-4.18.0/src/su.c:470:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/su.c:469:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/su.c:470:17: branch_true: ...to here
shadow-4.18.0/src/su.c:470:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/su.c:470:17: branch_true: ...to here
shadow-4.18.0/src/su.c:470:17: acquire_memory: allocated here
shadow-4.18.0/src/su.c:470:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/su.c:470:17: branch_true: ...to here
shadow-4.18.0/src/su.c:470:17: throw: if ‘pam_strerror’ throws an exception...
shadow-4.18.0/src/su.c:470:17: danger: ‘saved_locale’ leaks here; was allocated at [(5)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/4)
#  468|   	ret = pam_authenticate (pamh, 0);
#  469|   	if (PAM_SUCCESS != ret) {
#  470|-> 		SYSLOG (((pw->pw_uid != 0)? LOG_NOTICE : LOG_WARN, "pam_authenticate: %s",
#  471|   		         pam_strerror (pamh, ret)));
#  472|   		fprintf (stderr, _("%s: %s\n"), Prog, pam_strerror (pamh, ret));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def410]
shadow-4.18.0/src/su.c:486:33: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/su.c:469:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/su.c:477:15: branch_false: ...to here
shadow-4.18.0/src/su.c:478:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/su.c:479:21: branch_true: ...to here
shadow-4.18.0/src/su.c:479:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/su.c:483:27: branch_false: ...to here
shadow-4.18.0/src/su.c:483:27: branch_true: following ‘true’ branch...
shadow-4.18.0/src/su.c:484:31: branch_true: ...to here
shadow-4.18.0/src/su.c:485:28: branch_true: following ‘true’ branch...
shadow-4.18.0/src/su.c:486:33: branch_true: ...to here
shadow-4.18.0/src/su.c:486:33: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/su.c:486:33: branch_true: ...to here
shadow-4.18.0/src/su.c:486:33: acquire_memory: allocated here
shadow-4.18.0/src/su.c:486:33: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/su.c:486:33: branch_true: ...to here
shadow-4.18.0/src/su.c:486:33: throw: if ‘pam_strerror’ throws an exception...
shadow-4.18.0/src/su.c:486:33: danger: ‘saved_locale’ leaks here; was allocated at [(13)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/12)
#  484|   			ret = pam_chauthtok (pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
#  485|   			if (PAM_SUCCESS != ret) {
#  486|-> 				SYSLOG ((LOG_ERR, "pam_chauthtok: %s",
#  487|   				         pam_strerror (pamh, ret)));
#  488|   				fprintf (stderr,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def411]
shadow-4.18.0/src/su.c:495:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/su.c:469:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/su.c:477:15: branch_false: ...to here
shadow-4.18.0/src/su.c:478:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/su.c:479:21: branch_true: ...to here
shadow-4.18.0/src/su.c:479:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/su.c:483:27: branch_false: ...to here
shadow-4.18.0/src/su.c:483:27: branch_false: following ‘false’ branch...
shadow-4.18.0/src/su.c:495:25: branch_false: ...to here
shadow-4.18.0/src/su.c:495:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/su.c:495:25: branch_true: ...to here
shadow-4.18.0/src/su.c:495:25: acquire_memory: allocated here
shadow-4.18.0/src/su.c:495:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/su.c:495:25: branch_true: ...to here
shadow-4.18.0/src/su.c:495:25: throw: if ‘pam_strerror’ throws an exception...
shadow-4.18.0/src/su.c:495:25: danger: ‘saved_locale’ leaks here; was allocated at [(11)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/10)
#  493|   			}
#  494|   		} else {
#  495|-> 			SYSLOG ((LOG_ERR, "pam_acct_mgmt: %s",
#  496|   			         pam_strerror (pamh, ret)));
#  497|   			fprintf (stderr,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def412]
shadow-4.18.0/src/su.c:665:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/su.c:662:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/su.c:664:33: branch_true: ...to here
shadow-4.18.0/src/su.c:665:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/su.c:665:17: branch_true: ...to here
shadow-4.18.0/src/su.c:665:17: acquire_memory: allocated here
shadow-4.18.0/src/su.c:665:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/su.c:665:17: branch_true: ...to here
shadow-4.18.0/src/su.c:665:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/su.c:665:17: danger: ‘saved_locale’ leaks here; was allocated at [(5)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/4)
#  663|   		(void) fprintf (stderr,
#  664|   		                _("No passwd entry for user '%s'\n"), name);
#  665|-> 		SYSLOG ((LOG_NOTICE, "No passwd entry for user '%s'", name));
#  666|   		su_failure (caller_tty, true);
#  667|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def413]
shadow-4.18.0/src/su.c:784:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/su.c:758:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/su.c:758:34: branch_true: ...to here
shadow-4.18.0/src/su.c:780:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/su.c:782:26: branch_true: ...to here
shadow-4.18.0/src/su.c:784:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/su.c:784:17: branch_true: ...to here
shadow-4.18.0/src/su.c:784:17: acquire_memory: allocated here
shadow-4.18.0/src/su.c:784:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/su.c:784:17: branch_true: ...to here
shadow-4.18.0/src/su.c:784:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/su.c:784:17: danger: ‘saved_locale’ leaks here; was allocated at [(8)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/7)
#  782|   		         _("%s: Cannot determine your user name.\n"),
#  783|   		         Prog);
#  784|-> 		SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)",
#  785|   		         (unsigned long) caller_uid));
#  786|   		su_failure (caller_tty, true); /* unknown target UID*/

Error: GCC_ANALYZER_WARNING (CWE-401): [#def414]
shadow-4.18.0/src/su.c:873:33: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/su.c:866:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/su.c:867:42: branch_true: ...to here
shadow-4.18.0/src/su.c:872:28: branch_true: following ‘true’ branch...
shadow-4.18.0/src/su.c:873:33: branch_true: ...to here
shadow-4.18.0/src/su.c:873:33: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/su.c:873:33: branch_true: ...to here
shadow-4.18.0/src/su.c:873:33: acquire_memory: allocated here
shadow-4.18.0/src/su.c:873:33: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/su.c:873:33: branch_true: ...to here
shadow-4.18.0/src/su.c:873:33: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/su.c:873:33: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/6)
#  871|   			root_pw = getpwuid (0);
#  872|   			if (NULL == root_pw) {
#  873|-> 				SYSLOG ((LOG_CRIT, "There is no UID 0 user."));
#  874|   				su_failure (caller_tty, true);
#  875|   			}

Error: COMPILER_WARNING (CWE-252): [#def415]
shadow-4.18.0/src/su.c: scope_hint: In function ‘main’
shadow-4.18.0/src/su.c:1143:9: warning[-Wunused-result]: ignoring return value of ‘audit_log_acct_message’ declared with attribute ‘warn_unused_result’
# 1143 |         audit_log_acct_message (audit_fd,
#      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 1144 |                                 AUDIT_USER_ROLE_CHANGE,
#      |                                 ~~~~~~~~~~~~~~~~~~~~~~~
# 1145 |                                 NULL,    /* Prog. name */
#      |                                 ~~~~~~~~~~~~~~~~~~~~~~~~~
# 1146 |                                 "su",
#      |                                 ~~~~~
# 1147 |                                 (!streq(caller_name, "")) ? caller_name : "???",
#      |                                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 1148 |                                 AUDIT_NO_ID,
#      |                                 ~~~~~~~~~~~~
# 1149 |                                 "localhost",
#      |                                 ~~~~~~~~~~~~
# 1150 |                                 NULL,    /* addr */
#      |                                 ~~~~~~~~~~~~~~~~~~~
# 1151 |                                 caller_tty,
#      |                                 ~~~~~~~~~~~
# 1152 |                                 1);      /* result */
#      |                                 ~~
# 1141|   #ifdef WITH_AUDIT
# 1142|   	audit_fd = audit_open ();
# 1143|-> 	audit_log_acct_message (audit_fd,
# 1144|   				AUDIT_USER_ROLE_CHANGE,
# 1145|   				NULL,    /* Prog. name */

Error: GCC_ANALYZER_WARNING (CWE-775): [#def416]
shadow-4.18.0/src/sulogin.c:89:20: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(argv[1], 2)’
shadow-4.18.0/src/sulogin.c:84:12: branch_true: following ‘true’ branch (when ‘argc > 1’)...
shadow-4.18.0/src/sulogin.c:85:17: branch_true: ...to here
shadow-4.18.0/src/sulogin.c:89:21: acquire_resource: opened here
shadow-4.18.0/src/sulogin.c:89:20: danger: ‘open(argv[1], 2)’ leaks here; was opened at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#   87|   		close(2);
#   88|   
#   89|-> 		if (open(argv[1], O_RDWR) == -1)
#   90|   			exit(1);
#   91|   		dup(0);

Error: GCC_ANALYZER_WARNING (CWE-910): [#def417]
shadow-4.18.0/src/sulogin.c:91:17: warning[-Wanalyzer-fd-use-after-close]: ‘dup’ on closed file descriptor ‘0’
shadow-4.18.0/src/sulogin.c:84:12: branch_true: following ‘true’ branch (when ‘argc > 1’)...
shadow-4.18.0/src/sulogin.c:85:17: branch_true: ...to here
shadow-4.18.0/src/sulogin.c:85:17: release_resource: closed here
shadow-4.18.0/src/sulogin.c:89:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/sulogin.c:91:17: branch_false: ...to here
shadow-4.18.0/src/sulogin.c:91:17: danger: ‘dup’ on closed file descriptor ‘0’; ‘close’ was at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#   89|   		if (open(argv[1], O_RDWR) == -1)
#   90|   			exit(1);
#   91|-> 		dup(0);
#   92|   		dup(0);
#   93|   	}

Error: COMPILER_WARNING (CWE-252): [#def418]
shadow-4.18.0/src/sulogin.c: scope_hint: In function ‘main’
shadow-4.18.0/src/sulogin.c:91:17: warning[-Wunused-result]: ignoring return value of ‘dup’ declared with attribute ‘warn_unused_result’
#   91 |                 dup(0);
#      |                 ^~~~~~
#   89|   		if (open(argv[1], O_RDWR) == -1)
#   90|   			exit(1);
#   91|-> 		dup(0);
#   92|   		dup(0);
#   93|   	}

Error: GCC_ANALYZER_WARNING (CWE-910): [#def419]
shadow-4.18.0/src/sulogin.c:92:17: warning[-Wanalyzer-fd-use-after-close]: ‘dup’ on closed file descriptor ‘0’
shadow-4.18.0/src/sulogin.c:84:12: branch_true: following ‘true’ branch (when ‘argc > 1’)...
shadow-4.18.0/src/sulogin.c:85:17: branch_true: ...to here
shadow-4.18.0/src/sulogin.c:85:17: release_resource: closed here
shadow-4.18.0/src/sulogin.c:89:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/sulogin.c:91:17: branch_false: ...to here
shadow-4.18.0/src/sulogin.c:92:17: danger: ‘dup’ on closed file descriptor ‘0’; ‘close’ was at [(3)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/2)
#   90|   			exit(1);
#   91|   		dup(0);
#   92|-> 		dup(0);
#   93|   	}
#   94|   	if (access (PASSWD_FILE, F_OK) == -1) {	/* must be a password file! */

Error: COMPILER_WARNING (CWE-252): [#def420]
shadow-4.18.0/src/sulogin.c:92:17: warning[-Wunused-result]: ignoring return value of ‘dup’ declared with attribute ‘warn_unused_result’
#   92 |                 dup(0);
#      |                 ^~~~~~
#   90|   			exit(1);
#   91|   		dup(0);
#   92|-> 		dup(0);
#   93|   	}
#   94|   	if (access (PASSWD_FILE, F_OK) == -1) {	/* must be a password file! */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def421]
shadow-4.18.0/src/sulogin.c:200:25: warning[-Wanalyzer-malloc-leak]: leak of ‘xreallocarray(0, strlen(str) + 1, 1)’
shadow-4.18.0/src/sulogin.c:190:1: enter_function: entry to ‘pw_entry’
shadow-4.18.0/src/sulogin.c:195:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/sulogin.c:198:14: branch_false: ...to here
shadow-4.18.0/src/sulogin.c:199:26: call_function: calling ‘xstrdup’ from ‘pw_entry’
shadow-4.18.0/src/sulogin.c:199:26: return_function: returning to ‘pw_entry’ from ‘xstrdup’
shadow-4.18.0/src/sulogin.c:203:27: call_function: calling ‘xstrdup’ from ‘pw_entry’
#  198|   	free(pwent->pw_name);
#  199|   	pwent->pw_name = xstrdup(passwd->pw_name);
#  200|-> 	pwent->pw_uid = passwd->pw_uid;
#  201|   	pwent->pw_gid = passwd->pw_gid;
#  202|   	free(pwent->pw_gecos);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def422]
shadow-4.18.0/src/sulogin.c:204:14: warning[-Wanalyzer-malloc-leak]: leak of ‘xreallocarray(0, strlen(str) + 1, 1)’
shadow-4.18.0/src/sulogin.c:190:1: enter_function: entry to ‘pw_entry’
shadow-4.18.0/src/sulogin.c:195:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/sulogin.c:198:14: branch_false: ...to here
shadow-4.18.0/src/sulogin.c:199:26: call_function: calling ‘xstrdup’ from ‘pw_entry’
shadow-4.18.0/src/sulogin.c:199:26: return_function: returning to ‘pw_entry’ from ‘xstrdup’
shadow-4.18.0/src/sulogin.c:203:27: call_function: calling ‘xstrdup’ from ‘pw_entry’
shadow-4.18.0/src/sulogin.c:203:27: return_function: returning to ‘pw_entry’ from ‘xstrdup’
shadow-4.18.0/src/sulogin.c:205:25: call_function: calling ‘xstrdup’ from ‘pw_entry’
#  202|   	free(pwent->pw_gecos);
#  203|   	pwent->pw_gecos = xstrdup(passwd->pw_gecos);
#  204|-> 	free(pwent->pw_dir);
#  205|   	pwent->pw_dir = xstrdup(passwd->pw_dir);
#  206|   	free(pwent->pw_shell);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def423]
shadow-4.18.0/src/sulogin.c:206:14: warning[-Wanalyzer-malloc-leak]: leak of ‘xreallocarray(0, strlen(str) + 1, 1)’
shadow-4.18.0/src/sulogin.c:190:1: enter_function: entry to ‘pw_entry’
shadow-4.18.0/src/sulogin.c:195:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/sulogin.c:198:14: branch_false: ...to here
shadow-4.18.0/src/sulogin.c:199:26: call_function: calling ‘xstrdup’ from ‘pw_entry’
shadow-4.18.0/src/sulogin.c:199:26: return_function: returning to ‘pw_entry’ from ‘xstrdup’
shadow-4.18.0/src/sulogin.c:203:27: call_function: calling ‘xstrdup’ from ‘pw_entry’
shadow-4.18.0/src/sulogin.c:203:27: return_function: returning to ‘pw_entry’ from ‘xstrdup’
shadow-4.18.0/src/sulogin.c:205:25: call_function: calling ‘xstrdup’ from ‘pw_entry’
shadow-4.18.0/src/sulogin.c:205:25: return_function: returning to ‘pw_entry’ from ‘xstrdup’
shadow-4.18.0/src/sulogin.c:207:27: call_function: calling ‘xstrdup’ from ‘pw_entry’
#  204|   	free(pwent->pw_dir);
#  205|   	pwent->pw_dir = xstrdup(passwd->pw_dir);
#  206|-> 	free(pwent->pw_shell);
#  207|   	pwent->pw_shell = xstrdup(passwd->pw_shell);
#  208|   #if !defined(AUTOSHADOW)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def424]
shadow-4.18.0/src/sulogin.c:210:21: warning[-Wanalyzer-malloc-leak]: leak of ‘pwent.pw_shell’
shadow-4.18.0/src/sulogin.c:59:1: enter_function: entry to ‘main’
shadow-4.18.0/src/sulogin.c:84:12: branch_false: following ‘false’ branch (when ‘argc <= 1’)...
shadow-4.18.0/src/sulogin.c:94:13: branch_false: ...to here
shadow-4.18.0/src/sulogin.c:94:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/sulogin.c:103:14: branch_false: ...to here
shadow-4.18.0/src/sulogin.c:103:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/sulogin.c:103:35: branch_false: ...to here
shadow-4.18.0/src/sulogin.c:103:13: branch_false: following ‘false’ branch...
shadow-4.18.0/src/sulogin.c:103:56: branch_false: ...to here
shadow-4.18.0/src/sulogin.c:103:13: branch_false: following ‘false’ branch...
shadow-4.18.0/src/sulogin.c:107:13: branch_false: ...to here
shadow-4.18.0/src/sulogin.c:134:21: call_function: calling ‘pw_entry’ from ‘main’
#  208|   #if !defined(AUTOSHADOW)
#  209|   	/* local, no need for xgetspnam */
#  210|-> 	if ((spwd = getspnam(name))) {
#  211|   		free(pwent->pw_passwd);
#  212|   		pwent->pw_passwd = xstrdup(spwd->sp_pwdp);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def425]
shadow-4.18.0/src/sulogin.c:211:22: warning[-Wanalyzer-malloc-leak]: leak of ‘xreallocarray(0, strlen(str) + 1, 1)’
shadow-4.18.0/src/sulogin.c:59:1: enter_function: entry to ‘main’
shadow-4.18.0/src/sulogin.c:84:12: branch_false: following ‘false’ branch (when ‘argc <= 1’)...
shadow-4.18.0/src/sulogin.c:94:13: branch_false: ...to here
shadow-4.18.0/src/sulogin.c:94:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/sulogin.c:103:14: branch_false: ...to here
shadow-4.18.0/src/sulogin.c:103:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/sulogin.c:103:35: branch_false: ...to here
shadow-4.18.0/src/sulogin.c:103:13: branch_false: following ‘false’ branch...
shadow-4.18.0/src/sulogin.c:103:56: branch_false: ...to here
shadow-4.18.0/src/sulogin.c:103:13: branch_false: following ‘false’ branch...
shadow-4.18.0/src/sulogin.c:107:13: branch_false: ...to here
shadow-4.18.0/src/sulogin.c:134:21: call_function: calling ‘pw_entry’ from ‘main’
#  209|   	/* local, no need for xgetspnam */
#  210|   	if ((spwd = getspnam(name))) {
#  211|-> 		free(pwent->pw_passwd);
#  212|   		pwent->pw_passwd = xstrdup(spwd->sp_pwdp);
#  213|   		return 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def426]
shadow-4.18.0/src/sulogin.c:216:14: warning[-Wanalyzer-malloc-leak]: leak of ‘xreallocarray(0, strlen(str) + 1, 1)’
shadow-4.18.0/src/sulogin.c:59:1: enter_function: entry to ‘main’
shadow-4.18.0/src/sulogin.c:84:12: branch_false: following ‘false’ branch (when ‘argc <= 1’)...
shadow-4.18.0/src/sulogin.c:94:13: branch_false: ...to here
shadow-4.18.0/src/sulogin.c:94:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/sulogin.c:103:14: branch_false: ...to here
shadow-4.18.0/src/sulogin.c:103:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/sulogin.c:103:35: branch_false: ...to here
shadow-4.18.0/src/sulogin.c:103:13: branch_false: following ‘false’ branch...
shadow-4.18.0/src/sulogin.c:103:56: branch_false: ...to here
shadow-4.18.0/src/sulogin.c:103:13: branch_false: following ‘false’ branch...
shadow-4.18.0/src/sulogin.c:107:13: branch_false: ...to here
shadow-4.18.0/src/sulogin.c:134:21: call_function: calling ‘pw_entry’ from ‘main’
#  214|   	}
#  215|   #endif
#  216|-> 	free(pwent->pw_passwd);
#  217|   	pwent->pw_passwd = xstrdup(passwd->pw_passwd);
#  218|   	return 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def427]
shadow-4.18.0/src/useradd.c:265:17: warning[-Wanalyzer-malloc-leak]: leak of ‘bhome’
shadow-4.18.0/src/useradd.c:2177:13: enter_function: entry to ‘create_home’
shadow-4.18.0/src/useradd.c:2183:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2186:9: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2187:17: acquire_memory: allocated here
shadow-4.18.0/src/useradd.c:2188:12: branch_false: following ‘false’ branch (when ‘bhome’ is non-NULL)...
shadow-4.18.0/src/useradd.c:2196:13: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2196:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2197:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2200:17: call_function: calling ‘fail_exit’ from ‘create_home’
#  263|   		        _("%s: %s was created, but could not be removed\n"),
#  264|   		        Prog, prefix_user_home);
#  265|-> 		SYSLOG((LOG_ERR, "failed to remove %s", prefix_user_home));
#  266|   	}
#  267|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def428]
shadow-4.18.0/src/useradd.c:265:17: warning[-Wanalyzer-malloc-leak]: leak of ‘btrfs_check’
shadow-4.18.0/src/useradd.c:2177:13: enter_function: entry to ‘create_home’
shadow-4.18.0/src/useradd.c:2183:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2186:9: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2188:12: branch_false: following ‘false’ branch (when ‘bhome’ is non-NULL)...
shadow-4.18.0/src/useradd.c:2196:13: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2196:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2208:19: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2208:39: branch_true: following ‘true’ branch (when ‘cp’ is non-NULL)...
shadow-4.18.0/src/useradd.c:2210:21: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2210:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2210:47: call_function: inlined call to ‘streq’ from ‘create_home’
shadow-4.18.0/src/useradd.c:2214:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2223:21: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2223:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2224:45: acquire_memory: allocated here
shadow-4.18.0/src/useradd.c:2226:28: branch_false: following ‘false’ branch (when ‘btrfs_check’ is non-NULL)...
shadow-4.18.0/src/useradd.c:2232:45: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2233:28: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2235:41: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2237:33: call_function: calling ‘fail_exit’ from ‘create_home’
#  263|   		        _("%s: %s was created, but could not be removed\n"),
#  264|   		        Prog, prefix_user_home);
#  265|-> 		SYSLOG((LOG_ERR, "failed to remove %s", prefix_user_home));
#  266|   	}
#  267|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def429]
shadow-4.18.0/src/useradd.c:265:17: warning[-Wanalyzer-malloc-leak]: leak of ‘file’
shadow-4.18.0/src/useradd.c:2298:13: enter_function: entry to ‘create_mail’
shadow-4.18.0/src/useradd.c:2307:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2310:17: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2319:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2320:24: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2320:24: acquire_memory: allocated here
shadow-4.18.0/src/useradd.c:2325:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2327:25: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2329:17: call_function: calling ‘fail_exit’ from ‘create_mail’
#  263|   		        _("%s: %s was created, but could not be removed\n"),
#  264|   		        Prog, prefix_user_home);
#  265|-> 		SYSLOG((LOG_ERR, "failed to remove %s", prefix_user_home));
#  266|   	}
#  267|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def430]
shadow-4.18.0/src/useradd.c:265:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/useradd.c:1662:13: enter_function: entry to ‘close_group_files’
shadow-4.18.0/src/useradd.c:1667:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:1668:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:1671:17: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/useradd.c:1672:17: branch_false: ...to here
shadow-4.18.0/src/useradd.c:1672:17: call_function: calling ‘fail_exit’ from ‘close_group_files’
#  263|   		        _("%s: %s was created, but could not be removed\n"),
#  264|   		        Prog, prefix_user_home);
#  265|-> 		SYSLOG((LOG_ERR, "failed to remove %s", prefix_user_home));
#  266|   	}
#  267|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def431]
shadow-4.18.0/src/useradd.c:268:27: warning[-Wanalyzer-malloc-leak]: leak of ‘bhome’
shadow-4.18.0/src/useradd.c:2177:13: enter_function: entry to ‘create_home’
shadow-4.18.0/src/useradd.c:2183:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2186:9: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2187:17: acquire_memory: allocated here
shadow-4.18.0/src/useradd.c:2188:12: branch_false: following ‘false’ branch (when ‘bhome’ is non-NULL)...
shadow-4.18.0/src/useradd.c:2196:13: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2196:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2197:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2200:17: call_function: calling ‘fail_exit’ from ‘create_home’
#  266|   	}
#  267|   
#  268|-> 	if (spw_locked && spw_unlock() == 0) {
#  269|   		fprintf(stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname());
#  270|   		SYSLOG((LOG_ERR, "failed to unlock %s", spw_dbname()));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def432]
shadow-4.18.0/src/useradd.c:268:27: warning[-Wanalyzer-malloc-leak]: leak of ‘btrfs_check’
shadow-4.18.0/src/useradd.c:2177:13: enter_function: entry to ‘create_home’
shadow-4.18.0/src/useradd.c:2183:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2186:9: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2188:12: branch_false: following ‘false’ branch (when ‘bhome’ is non-NULL)...
shadow-4.18.0/src/useradd.c:2196:13: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2196:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2208:19: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2208:39: branch_true: following ‘true’ branch (when ‘cp’ is non-NULL)...
shadow-4.18.0/src/useradd.c:2210:21: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2210:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2210:47: call_function: inlined call to ‘streq’ from ‘create_home’
shadow-4.18.0/src/useradd.c:2214:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2223:21: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2223:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2224:45: acquire_memory: allocated here
shadow-4.18.0/src/useradd.c:2226:28: branch_false: following ‘false’ branch (when ‘btrfs_check’ is non-NULL)...
shadow-4.18.0/src/useradd.c:2232:45: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2233:28: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2235:41: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2237:33: call_function: calling ‘fail_exit’ from ‘create_home’
#  266|   	}
#  267|   
#  268|-> 	if (spw_locked && spw_unlock() == 0) {
#  269|   		fprintf(stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname());
#  270|   		SYSLOG((LOG_ERR, "failed to unlock %s", spw_dbname()));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def433]
shadow-4.18.0/src/useradd.c:268:27: warning[-Wanalyzer-malloc-leak]: leak of ‘file’
shadow-4.18.0/src/useradd.c:2298:13: enter_function: entry to ‘create_mail’
shadow-4.18.0/src/useradd.c:2307:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2310:17: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2319:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2320:24: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2320:24: acquire_memory: allocated here
shadow-4.18.0/src/useradd.c:2325:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2327:25: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2329:17: call_function: calling ‘fail_exit’ from ‘create_mail’
#  266|   	}
#  267|   
#  268|-> 	if (spw_locked && spw_unlock() == 0) {
#  269|   		fprintf(stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname());
#  270|   		SYSLOG((LOG_ERR, "failed to unlock %s", spw_dbname()));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def434]
shadow-4.18.0/src/useradd.c:269:17: warning[-Wanalyzer-malloc-leak]: leak of ‘bhome’
shadow-4.18.0/src/useradd.c:2177:13: enter_function: entry to ‘create_home’
shadow-4.18.0/src/useradd.c:2183:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2186:9: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2187:17: acquire_memory: allocated here
shadow-4.18.0/src/useradd.c:2188:12: branch_false: following ‘false’ branch (when ‘bhome’ is non-NULL)...
shadow-4.18.0/src/useradd.c:2196:13: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2196:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2197:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2200:17: call_function: calling ‘fail_exit’ from ‘create_home’
#  267|   
#  268|   	if (spw_locked && spw_unlock() == 0) {
#  269|-> 		fprintf(stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname());
#  270|   		SYSLOG((LOG_ERR, "failed to unlock %s", spw_dbname()));
#  271|   		/* continue */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def435]
shadow-4.18.0/src/useradd.c:269:17: warning[-Wanalyzer-malloc-leak]: leak of ‘btrfs_check’
shadow-4.18.0/src/useradd.c:2177:13: enter_function: entry to ‘create_home’
shadow-4.18.0/src/useradd.c:2183:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2186:9: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2188:12: branch_false: following ‘false’ branch (when ‘bhome’ is non-NULL)...
shadow-4.18.0/src/useradd.c:2196:13: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2196:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2208:19: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2208:39: branch_true: following ‘true’ branch (when ‘cp’ is non-NULL)...
shadow-4.18.0/src/useradd.c:2210:21: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2210:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2210:47: call_function: inlined call to ‘streq’ from ‘create_home’
shadow-4.18.0/src/useradd.c:2214:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2223:21: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2223:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2224:45: acquire_memory: allocated here
shadow-4.18.0/src/useradd.c:2226:28: branch_false: following ‘false’ branch (when ‘btrfs_check’ is non-NULL)...
shadow-4.18.0/src/useradd.c:2232:45: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2233:28: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2235:41: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2237:33: call_function: calling ‘fail_exit’ from ‘create_home’
#  267|   
#  268|   	if (spw_locked && spw_unlock() == 0) {
#  269|-> 		fprintf(stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname());
#  270|   		SYSLOG((LOG_ERR, "failed to unlock %s", spw_dbname()));
#  271|   		/* continue */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def436]
shadow-4.18.0/src/useradd.c:269:17: warning[-Wanalyzer-malloc-leak]: leak of ‘file’
shadow-4.18.0/src/useradd.c:2298:13: enter_function: entry to ‘create_mail’
shadow-4.18.0/src/useradd.c:2307:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2310:17: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2319:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2320:24: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2320:24: acquire_memory: allocated here
shadow-4.18.0/src/useradd.c:2325:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2327:25: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2329:17: call_function: calling ‘fail_exit’ from ‘create_mail’
#  267|   
#  268|   	if (spw_locked && spw_unlock() == 0) {
#  269|-> 		fprintf(stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname());
#  270|   		SYSLOG((LOG_ERR, "failed to unlock %s", spw_dbname()));
#  271|   		/* continue */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def437]
shadow-4.18.0/src/useradd.c:270:17: warning[-Wanalyzer-malloc-leak]: leak of ‘bhome’
shadow-4.18.0/src/useradd.c:2177:13: enter_function: entry to ‘create_home’
shadow-4.18.0/src/useradd.c:2183:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2186:9: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2187:17: acquire_memory: allocated here
shadow-4.18.0/src/useradd.c:2188:12: branch_false: following ‘false’ branch (when ‘bhome’ is non-NULL)...
shadow-4.18.0/src/useradd.c:2196:13: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2196:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2197:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2200:17: call_function: calling ‘fail_exit’ from ‘create_home’
#  268|   	if (spw_locked && spw_unlock() == 0) {
#  269|   		fprintf(stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname());
#  270|-> 		SYSLOG((LOG_ERR, "failed to unlock %s", spw_dbname()));
#  271|   		/* continue */
#  272|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def438]
shadow-4.18.0/src/useradd.c:270:17: warning[-Wanalyzer-malloc-leak]: leak of ‘btrfs_check’
shadow-4.18.0/src/useradd.c:2177:13: enter_function: entry to ‘create_home’
shadow-4.18.0/src/useradd.c:2183:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2186:9: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2188:12: branch_false: following ‘false’ branch (when ‘bhome’ is non-NULL)...
shadow-4.18.0/src/useradd.c:2196:13: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2196:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2208:19: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2208:39: branch_true: following ‘true’ branch (when ‘cp’ is non-NULL)...
shadow-4.18.0/src/useradd.c:2210:21: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2210:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2210:47: call_function: inlined call to ‘streq’ from ‘create_home’
shadow-4.18.0/src/useradd.c:2214:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2223:21: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2223:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2224:45: acquire_memory: allocated here
shadow-4.18.0/src/useradd.c:2226:28: branch_false: following ‘false’ branch (when ‘btrfs_check’ is non-NULL)...
shadow-4.18.0/src/useradd.c:2232:45: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2233:28: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2235:41: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2237:33: call_function: calling ‘fail_exit’ from ‘create_home’
#  268|   	if (spw_locked && spw_unlock() == 0) {
#  269|   		fprintf(stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname());
#  270|-> 		SYSLOG((LOG_ERR, "failed to unlock %s", spw_dbname()));
#  271|   		/* continue */
#  272|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def439]
shadow-4.18.0/src/useradd.c:270:17: warning[-Wanalyzer-malloc-leak]: leak of ‘file’
shadow-4.18.0/src/useradd.c:2298:13: enter_function: entry to ‘create_mail’
shadow-4.18.0/src/useradd.c:2307:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2310:17: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2319:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2320:24: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2320:24: acquire_memory: allocated here
shadow-4.18.0/src/useradd.c:2325:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2327:25: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2329:17: call_function: calling ‘fail_exit’ from ‘create_mail’
#  268|   	if (spw_locked && spw_unlock() == 0) {
#  269|   		fprintf(stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname());
#  270|-> 		SYSLOG((LOG_ERR, "failed to unlock %s", spw_dbname()));
#  271|   		/* continue */
#  272|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def440]
shadow-4.18.0/src/useradd.c:270:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/useradd.c:1662:13: enter_function: entry to ‘close_group_files’
shadow-4.18.0/src/useradd.c:1667:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:1668:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:1671:17: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/useradd.c:1672:17: branch_false: ...to here
shadow-4.18.0/src/useradd.c:1672:17: call_function: calling ‘fail_exit’ from ‘close_group_files’
#  268|   	if (spw_locked && spw_unlock() == 0) {
#  269|   		fprintf(stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname());
#  270|-> 		SYSLOG((LOG_ERR, "failed to unlock %s", spw_dbname()));
#  271|   		/* continue */
#  272|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def441]
shadow-4.18.0/src/useradd.c:275:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/useradd.c:1662:13: enter_function: entry to ‘close_group_files’
shadow-4.18.0/src/useradd.c:1667:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:1668:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:1671:17: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/useradd.c:1672:17: branch_false: ...to here
shadow-4.18.0/src/useradd.c:1672:17: call_function: calling ‘fail_exit’ from ‘close_group_files’
#  273|   	if (pw_locked && pw_unlock() == 0) {
#  274|   		fprintf(stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname());
#  275|-> 		SYSLOG((LOG_ERR, "failed to unlock %s", pw_dbname()));
#  276|   		/* continue */
#  277|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def442]
shadow-4.18.0/src/useradd.c:280:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/useradd.c:1662:13: enter_function: entry to ‘close_group_files’
shadow-4.18.0/src/useradd.c:1667:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:1668:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:1671:17: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/useradd.c:1672:17: branch_false: ...to here
shadow-4.18.0/src/useradd.c:1672:17: call_function: calling ‘fail_exit’ from ‘close_group_files’
#  278|   	if (gr_locked && gr_unlock() == 0) {
#  279|   		fprintf(stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname());
#  280|-> 		SYSLOG((LOG_ERR, "failed to unlock %s", gr_dbname()));
#  281|   		/* continue */
#  282|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def443]
shadow-4.18.0/src/useradd.c:286:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/useradd.c:1662:13: enter_function: entry to ‘close_group_files’
shadow-4.18.0/src/useradd.c:1667:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:1668:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:1671:17: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/useradd.c:1672:17: branch_false: ...to here
shadow-4.18.0/src/useradd.c:1672:17: call_function: calling ‘fail_exit’ from ‘close_group_files’
#  284|   	if (sgr_locked && sgr_unlock() == 0) {
#  285|   		fprintf(stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname());
#  286|-> 		SYSLOG((LOG_ERR, "failed to unlock %s", sgr_dbname()));
#  287|   		/* continue */
#  288|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def444]
shadow-4.18.0/src/useradd.c:293:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/useradd.c:1662:13: enter_function: entry to ‘close_group_files’
shadow-4.18.0/src/useradd.c:1667:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:1668:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:1671:17: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/useradd.c:1672:17: branch_false: ...to here
shadow-4.18.0/src/useradd.c:1672:17: call_function: calling ‘fail_exit’ from ‘close_group_files’
#  291|   	if (sub_uid_locked && sub_uid_unlock() == 0) {
#  292|   		fprintf(stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname());
#  293|-> 		SYSLOG((LOG_ERR, "failed to unlock %s", sub_uid_dbname()));
#  294|   		/* continue */
#  295|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def445]
shadow-4.18.0/src/useradd.c:298:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/useradd.c:1662:13: enter_function: entry to ‘close_group_files’
shadow-4.18.0/src/useradd.c:1667:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:1668:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:1671:17: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/useradd.c:1672:17: branch_false: ...to here
shadow-4.18.0/src/useradd.c:1672:17: call_function: calling ‘fail_exit’ from ‘close_group_files’
#  296|   	if (sub_gid_locked && sub_gid_unlock() == 0) {
#  297|   		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname());
#  298|-> 		SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname()));
#  299|   		/* continue */
#  300|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def446]
shadow-4.18.0/src/useradd.c:313:9: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/useradd.c:1662:13: enter_function: entry to ‘close_group_files’
shadow-4.18.0/src/useradd.c:1667:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:1668:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:1671:17: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/useradd.c:1672:17: branch_false: ...to here
shadow-4.18.0/src/useradd.c:1672:17: call_function: calling ‘fail_exit’ from ‘close_group_files’
#  311|   	             user_name, AUDIT_NO_ID, SHADOW_AUDIT_FAILURE);
#  312|   #endif
#  313|-> 	SYSLOG((LOG_INFO, "failed adding user '%s', exit code: %d", user_name, code));
#  314|   	exit(code);
#  315|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def447]
shadow-4.18.0/src/useradd.c:345:17: warning[-Wanalyzer-malloc-leak]: leak of ‘default_file’
shadow-4.18.0/src/useradd.c:2397:5: enter_function: entry to ‘main’
shadow-4.18.0/src/useradd.c:2442:9: call_function: calling ‘get_defaults’ from ‘main’
#  343|   	fp = fopen (default_file, "r");
#  344|   	if (NULL == fp) {
#  345|-> 		goto getdef_err;
#  346|   	}
#  347|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def448]
shadow-4.18.0/src/useradd.c:352:16: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
shadow-4.18.0/src/useradd.c:2397:5: enter_function: entry to ‘main’
shadow-4.18.0/src/useradd.c:2442:9: call_function: calling ‘get_defaults’ from ‘main’
#  350|   	 * values are used, everything else can be ignored.
#  351|   	 */
#  352|-> 	while (fgets (buf, sizeof buf, fp) == buf) {
#  353|   		stpsep(buf, "\n");
#  354|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def449]
shadow-4.18.0/src/useradd.c:363:51: warning[-Wanalyzer-malloc-leak]: leak of ‘default_file’
shadow-4.18.0/src/useradd.c:2397:5: enter_function: entry to ‘main’
shadow-4.18.0/src/useradd.c:2442:9: call_function: calling ‘get_defaults’ from ‘main’
#  361|   		 */
#  362|   		if (streq(buf, DGROUP)) {
#  363|-> 			const struct group *grp = prefix_getgr_nam_gid (cp);
#  364|   			if (NULL == grp) {
#  365|   				fprintf (stderr,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def450]
shadow-4.18.0/src/useradd.c:434:48: warning[-Wanalyzer-malloc-leak]: leak of ‘default_file’
shadow-4.18.0/src/useradd.c:2397:5: enter_function: entry to ‘main’
shadow-4.18.0/src/useradd.c:2442:9: call_function: calling ‘get_defaults’ from ‘main’
#  432|   
#  433|   			if (prefix[0])
#  434|-> 				def_template = xaprintf("%s/%s", prefix, ccp);
#  435|   			else
#  436|   				def_template = xstrdup(ccp);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def451]
shadow-4.18.0/src/useradd.c:447:51: warning[-Wanalyzer-malloc-leak]: leak of ‘default_file’
shadow-4.18.0/src/useradd.c:2397:5: enter_function: entry to ‘main’
shadow-4.18.0/src/useradd.c:2442:9: call_function: calling ‘get_defaults’ from ‘main’
#  445|   
#  446|   			if (prefix[0]) {
#  447|-> 				def_usrtemplate = xaprintf("%s/%s", prefix, ccp);
#  448|   			} else {
#  449|   				def_usrtemplate = xstrdup(ccp);

Error: GCC_ANALYZER_WARNING (CWE-590): [#def452]
shadow-4.18.0/src/useradd.c:475:17: warning[-Wanalyzer-free-of-non-heap]: ‘free’ of ‘default_file’ which points to memory not on the heap
shadow-4.18.0/src/useradd.c:2397:5: enter_function: entry to ‘main’
shadow-4.18.0/src/useradd.c:2442:9: call_function: calling ‘get_defaults’ from ‘main’
#  473|        getdef_err:
#  474|   	if (prefix[0]) {
#  475|-> 		free(default_file);
#  476|   	}
#  477|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def453]
shadow-4.18.0/src/useradd.c:477:1: warning[-Wanalyzer-malloc-leak]: leak of ‘default_file’
shadow-4.18.0/src/useradd.c:2397:5: enter_function: entry to ‘main’
shadow-4.18.0/src/useradd.c:2442:9: call_function: calling ‘get_defaults’ from ‘main’
#  475|   		free(default_file);
#  476|   	}
#  477|-> }
#  478|   
#  479|   /*

Error: COMPILER_WARNING (CWE-563): [#def454]
shadow-4.18.0/src/useradd.c: scope_hint: In function ‘set_defaults’
shadow-4.18.0/src/useradd.c:524:16: warning[-Wunused-variable]: unused variable ‘cp’
#  524 |         char  *cp;
#      |                ^~
#  522|   	char  *new_file_dup = NULL;
#  523|   	char  *default_file = USER_DEFAULTS_FILE;
#  524|-> 	char  *cp;
#  525|   	FILE  *ifp;
#  526|   	FILE  *ofp;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def455]
shadow-4.18.0/src/useradd.c:1024:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/useradd.c:2077:13: enter_function: entry to ‘usr_update’
shadow-4.18.0/src/useradd.c:2095:9: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/useradd.c:2108:13: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2118:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2128:13: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2165:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2166:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2166:17: call_function: calling ‘grp_update’ from ‘usr_update’
# 1022|   			         _("%s: Out of memory. Cannot update %s.\n"),
# 1023|   			         Prog, gr_dbname ());
# 1024|-> 			SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", gr_dbname (), user_name));
# 1025|   			fail_exit (E_GRP_UPDATE);	/* XXX */
# 1026|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def456]
shadow-4.18.0/src/useradd.c:1037:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/useradd.c:2077:13: enter_function: entry to ‘usr_update’
shadow-4.18.0/src/useradd.c:2095:9: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/useradd.c:2108:13: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2118:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2128:13: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2165:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2166:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2166:17: call_function: calling ‘grp_update’ from ‘usr_update’
# 1035|   			         _("%s: failed to prepare the new %s entry '%s'\n"),
# 1036|   			         Prog, gr_dbname (), ngrp->gr_name);
# 1037|-> 			SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", gr_dbname (), user_name));
# 1038|   			fail_exit (E_GRP_UPDATE);
# 1039|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def457]
shadow-4.18.0/src/useradd.c:1046:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/useradd.c:2077:13: enter_function: entry to ‘usr_update’
shadow-4.18.0/src/useradd.c:2095:9: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/useradd.c:2108:13: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2118:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2128:13: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2165:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2166:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2166:17: call_function: calling ‘grp_update’ from ‘usr_update’
# 1044|   		              SHADOW_AUDIT_SUCCESS);
# 1045|   #endif
# 1046|-> 		SYSLOG ((LOG_INFO,
# 1047|   		         "add '%s' to group '%s'",
# 1048|   		         user_name, ngrp->gr_name));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def458]
shadow-4.18.0/src/useradd.c:1087:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/useradd.c:2077:13: enter_function: entry to ‘usr_update’
shadow-4.18.0/src/useradd.c:2095:9: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/useradd.c:2108:13: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2118:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2128:13: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2165:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2166:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2166:17: call_function: calling ‘grp_update’ from ‘usr_update’
# 1085|   			         _("%s: Out of memory. Cannot update %s.\n"),
# 1086|   			         Prog, sgr_dbname ());
# 1087|-> 			SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", sgr_dbname (), user_name));
# 1088|   			fail_exit (E_GRP_UPDATE);	/* XXX */
# 1089|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def459]
shadow-4.18.0/src/useradd.c:1100:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/useradd.c:2077:13: enter_function: entry to ‘usr_update’
shadow-4.18.0/src/useradd.c:2095:9: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/useradd.c:2108:13: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2118:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2128:13: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2165:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2166:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2166:17: call_function: calling ‘grp_update’ from ‘usr_update’
# 1098|   			         _("%s: failed to prepare the new %s entry '%s'\n"),
# 1099|   			         Prog, sgr_dbname (), nsgrp->sg_namp);
# 1100|-> 			SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", sgr_dbname (), user_name));
# 1101|   
# 1102|   			fail_exit (E_GRP_UPDATE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def460]
shadow-4.18.0/src/useradd.c:1110:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/useradd.c:2077:13: enter_function: entry to ‘usr_update’
shadow-4.18.0/src/useradd.c:2095:9: branch_false: following ‘false’ branch (when ‘saved_locale’ is NULL)...
shadow-4.18.0/src/useradd.c:2108:13: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2118:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2128:13: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2165:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2166:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2166:17: call_function: calling ‘grp_update’ from ‘usr_update’
# 1108|   		              SHADOW_AUDIT_SUCCESS);
# 1109|   #endif
# 1110|-> 		SYSLOG ((LOG_INFO,
# 1111|   		         "add '%s' to shadow group '%s'",
# 1112|   		         user_name, nsgrp->sg_namp));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def461]
shadow-4.18.0/src/useradd.c:1671:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/useradd.c:1667:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:1668:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:1671:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/useradd.c:1671:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:1671:17: acquire_memory: allocated here
shadow-4.18.0/src/useradd.c:1671:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/useradd.c:1671:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:1671:17: throw: if ‘gr_dbname’ throws an exception...
shadow-4.18.0/src/useradd.c:1671:17: danger: ‘saved_locale’ leaks here; was allocated at [(5)](sarif:/runs/0/results/73/codeFlows/0/threadFlows/0/locations/4)
# 1669|   		        _("%s: failure while writing changes to %s\n"),
# 1670|   		        Prog, gr_dbname());
# 1671|-> 		SYSLOG((LOG_ERR, "failure while writing changes to %s", gr_dbname()));
# 1672|   		fail_exit(E_GRP_UPDATE);
# 1673|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def462]
shadow-4.18.0/src/useradd.c:1679:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/useradd.c:1667:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:1675:13: branch_false: ...to here
shadow-4.18.0/src/useradd.c:1675:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:1679:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/useradd.c:1679:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:1679:17: acquire_memory: allocated here
shadow-4.18.0/src/useradd.c:1679:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/useradd.c:1679:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:1679:17: throw: if ‘sgr_dbname’ throws an exception...
shadow-4.18.0/src/useradd.c:1679:17: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/75/codeFlows/0/threadFlows/0/locations/6)
# 1677|   		        _("%s: failure while writing changes to %s\n"),
# 1678|   		        Prog, sgr_dbname());
# 1679|-> 		SYSLOG((LOG_ERR, "failure while writing changes to %s", sgr_dbname()));
# 1680|   		fail_exit(E_GRP_UPDATE);
# 1681|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def463]
shadow-4.18.0/src/useradd.c:1959:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/useradd.c:1941:13: enter_function: entry to ‘faillog_reset’
shadow-4.18.0/src/useradd.c:1948:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:1955:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:1958:63: branch_true: ...to here
shadow-4.18.0/src/useradd.c:1959:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/useradd.c:1959:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:1959:17: acquire_memory: allocated here
shadow-4.18.0/src/useradd.c:1959:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/useradd.c:1959:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:1959:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/useradd.c:1959:17: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/77/codeFlows/0/threadFlows/0/locations/8)
# 1957|   		         _("%s: failed to open the faillog file for UID %lu: %s\n"),
# 1958|   		         Prog, (unsigned long) uid, strerror (errno));
# 1959|-> 		SYSLOG ((LOG_WARN, "failed to open the faillog file for UID %lu", (unsigned long) uid));
# 1960|   		return;
# 1961|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def464]
shadow-4.18.0/src/useradd.c:1968:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/useradd.c:1941:13: enter_function: entry to ‘faillog_reset’
shadow-4.18.0/src/useradd.c:1948:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:1955:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:1962:17: branch_false: ...to here
shadow-4.18.0/src/useradd.c:1968:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/useradd.c:1968:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:1968:17: acquire_memory: allocated here
shadow-4.18.0/src/useradd.c:1968:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/useradd.c:1968:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:1968:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/useradd.c:1968:17: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/78/codeFlows/0/threadFlows/0/locations/8)
# 1966|   		         _("%s: failed to reset the faillog entry of UID %lu: %s\n"),
# 1967|   		         Prog, (unsigned long) uid, strerror (errno));
# 1968|-> 		SYSLOG ((LOG_WARN, "failed to reset the faillog entry of UID %lu", (unsigned long) uid));
# 1969|   	}
# 1970|   	if (close (fd) != 0 && errno != EINTR) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def465]
shadow-4.18.0/src/useradd.c:1974:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/useradd.c:1941:13: enter_function: entry to ‘faillog_reset’
shadow-4.18.0/src/useradd.c:1948:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:1955:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:1962:17: branch_false: ...to here
shadow-4.18.0/src/useradd.c:1970:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:1974:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/useradd.c:1974:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:1974:17: acquire_memory: allocated here
shadow-4.18.0/src/useradd.c:1974:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/useradd.c:1974:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:1974:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/useradd.c:1974:17: danger: ‘saved_locale’ leaks here; was allocated at [(11)](sarif:/runs/0/results/79/codeFlows/0/threadFlows/0/locations/10)
# 1972|   		         _("%s: failed to close the faillog file for UID %lu: %s\n"),
# 1973|   		         Prog, (unsigned long) uid, strerror (errno));
# 1974|-> 		SYSLOG ((LOG_WARN, "failed to close the faillog file for UID %lu", (unsigned long) uid));
# 1975|   	}
# 1976|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def466]
shadow-4.18.0/src/useradd.c:2065:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/useradd.c:2034:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2038:9: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2065:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/useradd.c:2065:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2065:17: acquire_memory: allocated here
shadow-4.18.0/src/useradd.c:2065:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/useradd.c:2065:17: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2065:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/useradd.c:2065:17: danger: ‘saved_locale’ leaks here; was allocated at [(5)](sarif:/runs/0/results/80/codeFlows/0/threadFlows/0/locations/4)
# 2063|   		         _("%s: failed to reset the tallylog entry of user \"%s\"\n"),
# 2064|   		         Prog, user_name);
# 2065|-> 		SYSLOG ((LOG_WARN, "failed to reset the tallylog entry of user \"%s\"", user_name));
# 2066|   	}
# 2067|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def467]
shadow-4.18.0/src/useradd.c:2095:9: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/useradd.c:2095:9: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/useradd.c:2095:9: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2095:9: acquire_memory: allocated here
shadow-4.18.0/src/useradd.c:2095:9: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/useradd.c:2095:9: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2095:9: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/useradd.c:2095:9: danger: ‘saved_locale’ leaks here; was allocated at [(3)](sarif:/runs/0/results/81/codeFlows/0/threadFlows/0/locations/2)
# 2093|   	 */
# 2094|   	tty=ttyname (STDIN_FILENO);
# 2095|-> 	SYSLOG ((LOG_INFO,
# 2096|   	         "new user: name=%s, UID=%u, GID=%u, home=%s, shell=%s, from=%s",
# 2097|   	         user_name, (unsigned int) user_id,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def468]
shadow-4.18.0/src/useradd.c:2196:13: warning[-Wanalyzer-malloc-leak]: leak of ‘bhome’
shadow-4.18.0/src/useradd.c:2183:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2186:9: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2187:17: acquire_memory: allocated here
shadow-4.18.0/src/useradd.c:2188:12: branch_false: following ‘false’ branch (when ‘bhome’ is non-NULL)...
shadow-4.18.0/src/useradd.c:2196:13: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2196:13: throw: if ‘set_selinux_file_context’ throws an exception...
shadow-4.18.0/src/useradd.c:2196:13: danger: ‘bhome’ leaks here; was allocated at [(3)](sarif:/runs/0/results/82/codeFlows/0/threadFlows/0/locations/2)
# 2194|   
# 2195|   #ifdef WITH_SELINUX
# 2196|-> 	if (set_selinux_file_context(prefix_user_home, S_IFDIR) != 0) {
# 2197|   		fprintf(stderr,
# 2198|   			_("%s: cannot set SELinux context for home directory %s\n"),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def469]
shadow-4.18.0/src/useradd.c:2233:29: warning[-Wanalyzer-malloc-leak]: leak of ‘bhome’
shadow-4.18.0/src/useradd.c:2177:13: enter_function: entry to ‘create_home’
shadow-4.18.0/src/useradd.c:2183:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2186:9: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2187:17: acquire_memory: allocated here
shadow-4.18.0/src/useradd.c:2188:12: branch_false: following ‘false’ branch (when ‘bhome’ is non-NULL)...
shadow-4.18.0/src/useradd.c:2196:13: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2196:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2208:19: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2208:39: branch_true: following ‘true’ branch (when ‘cp’ is non-NULL)...
shadow-4.18.0/src/useradd.c:2210:21: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2210:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2210:47: call_function: inlined call to ‘streq’ from ‘create_home’
shadow-4.18.0/src/useradd.c:2214:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2223:21: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2223:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2226:28: branch_false: following ‘false’ branch (when ‘btrfs_check’ is non-NULL)...
shadow-4.18.0/src/useradd.c:2232:45: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2233:29: throw: if ‘is_btrfs’ throws an exception...
shadow-4.18.0/src/useradd.c:2233:29: danger: ‘bhome’ leaks here; was allocated at [(4)](sarif:/runs/0/results/83/codeFlows/0/threadFlows/0/locations/3)
# 2231|   			}
# 2232|   			stpcpy(&btrfs_check[strlen(path) - strlen(cp) - 1], "");
# 2233|-> 			if (is_btrfs(btrfs_check) <= 0) {
# 2234|   				fprintf(stderr,
# 2235|   					_("%s: home directory \"%s\" must be mounted on BTRFS\n"),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def470]
shadow-4.18.0/src/useradd.c:2233:29: warning[-Wanalyzer-malloc-leak]: leak of ‘btrfs_check’
shadow-4.18.0/src/useradd.c:2177:13: enter_function: entry to ‘create_home’
shadow-4.18.0/src/useradd.c:2183:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2186:9: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2188:12: branch_false: following ‘false’ branch (when ‘bhome’ is non-NULL)...
shadow-4.18.0/src/useradd.c:2196:13: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2196:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2208:19: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2208:39: branch_true: following ‘true’ branch (when ‘cp’ is non-NULL)...
shadow-4.18.0/src/useradd.c:2210:21: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2210:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2210:47: call_function: inlined call to ‘streq’ from ‘create_home’
shadow-4.18.0/src/useradd.c:2214:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2223:21: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2223:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2224:45: acquire_memory: allocated here
shadow-4.18.0/src/useradd.c:2226:28: branch_false: following ‘false’ branch (when ‘btrfs_check’ is non-NULL)...
shadow-4.18.0/src/useradd.c:2232:45: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2233:29: throw: if ‘is_btrfs’ throws an exception...
shadow-4.18.0/src/useradd.c:2233:29: danger: ‘btrfs_check’ leaks here; was allocated at [(18)](sarif:/runs/0/results/84/codeFlows/0/threadFlows/0/locations/17)
# 2231|   			}
# 2232|   			stpcpy(&btrfs_check[strlen(path) - strlen(cp) - 1], "");
# 2233|-> 			if (is_btrfs(btrfs_check) <= 0) {
# 2234|   				fprintf(stderr,
# 2235|   					_("%s: home directory \"%s\" must be mounted on BTRFS\n"),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def471]
shadow-4.18.0/src/useradd.c:2241:29: warning[-Wanalyzer-malloc-leak]: leak of ‘bhome’
shadow-4.18.0/src/useradd.c:2177:13: enter_function: entry to ‘create_home’
shadow-4.18.0/src/useradd.c:2183:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2186:9: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2187:17: acquire_memory: allocated here
shadow-4.18.0/src/useradd.c:2188:12: branch_false: following ‘false’ branch (when ‘bhome’ is non-NULL)...
shadow-4.18.0/src/useradd.c:2196:13: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2196:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2208:19: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2208:39: branch_true: following ‘true’ branch (when ‘cp’ is non-NULL)...
shadow-4.18.0/src/useradd.c:2210:21: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2210:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2210:47: call_function: inlined call to ‘streq’ from ‘create_home’
shadow-4.18.0/src/useradd.c:2214:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2223:21: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2223:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2226:28: branch_false: following ‘false’ branch (when ‘btrfs_check’ is non-NULL)...
shadow-4.18.0/src/useradd.c:2232:45: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2233:28: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2239:25: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2241:29: throw: if ‘btrfs_create_subvolume’ throws an exception...
shadow-4.18.0/src/useradd.c:2241:29: danger: ‘bhome’ leaks here; was allocated at [(4)](sarif:/runs/0/results/85/codeFlows/0/threadFlows/0/locations/3)
# 2239|   			free(btrfs_check);
# 2240|   			// make subvolume to mount for user instead of directory
# 2241|-> 			if (btrfs_create_subvolume(path)) {
# 2242|   				fprintf(stderr,
# 2243|   					_("%s: failed to create BTRFS subvolume: %s\n"),

Error: COMPILER_WARNING (CWE-252): [#def472]
shadow-4.18.0/src/useradd.c: scope_hint: In function ‘create_home’
shadow-4.18.0/src/useradd.c:2268:16: warning[-Wunused-result]: ignoring return value of ‘chown’ declared with attribute ‘warn_unused_result’
# 2268 |         (void) chown(prefix_user_home, user_id, user_gid);
#      |                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 2266|   	free(bhome);
# 2267|   
# 2268|-> 	(void) chown(prefix_user_home, user_id, user_gid);
# 2269|   	mode = getdef_num("HOME_MODE",
# 2270|   			  0777 & ~getdef_num("UMASK", GETDEF_DEFAULT_UMASK));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def473]
shadow-4.18.0/src/useradd.c:2325:13: warning[-Wanalyzer-malloc-leak]: leak of ‘file’
shadow-4.18.0/src/useradd.c:2307:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2310:17: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2319:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2320:24: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2320:24: acquire_memory: allocated here
shadow-4.18.0/src/useradd.c:2325:13: throw: if ‘set_selinux_file_context’ throws an exception...
shadow-4.18.0/src/useradd.c:2325:13: danger: ‘file’ leaks here; was allocated at [(5)](sarif:/runs/0/results/86/codeFlows/0/threadFlows/0/locations/4)
# 2323|   
# 2324|   #ifdef WITH_SELINUX
# 2325|-> 	if (set_selinux_file_context(file, S_IFREG) != 0) {
# 2326|   		fprintf(stderr,
# 2327|   		        _("%s: cannot set SELinux context for mailbox file %s\n"),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def474]
shadow-4.18.0/src/useradd.c:2333:14: warning[-Wanalyzer-malloc-leak]: leak of ‘file’
shadow-4.18.0/src/useradd.c:2307:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2310:17: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2319:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2320:24: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2320:24: acquire_memory: allocated here
shadow-4.18.0/src/useradd.c:2325:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2333:14: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2333:14: throw: if ‘open’ throws an exception...
shadow-4.18.0/src/useradd.c:2333:14: danger: ‘file’ leaks here; was allocated at [(5)](sarif:/runs/0/results/88/codeFlows/0/threadFlows/0/locations/4)
# 2331|   #endif
# 2332|   
# 2333|-> 	fd = open(file, O_CREAT | O_WRONLY | O_TRUNC | O_EXCL, 0);
# 2334|   	free(file);
# 2335|   

Error: GCC_ANALYZER_WARNING (CWE-688): [#def475]
shadow-4.18.0/src/useradd.c:2333:14: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘file’ where non-null expected
shadow-4.18.0/src/useradd.c:2307:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2310:17: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2319:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/useradd.c:2320:24: branch_true: ...to here
shadow-4.18.0/src/useradd.c:2320:24: acquire_memory: this call could return NULL
shadow-4.18.0/src/useradd.c:2325:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/useradd.c:2333:14: branch_false: ...to here
shadow-4.18.0/src/useradd.c:2333:14: danger: argument 1 (‘file’) from [(5)](sarif:/runs/0/results/87/codeFlows/0/threadFlows/0/locations/4) could be NULL where non-null expected
# 2331|   #endif
# 2332|   
# 2333|-> 	fd = open(file, O_CREAT | O_WRONLY | O_TRUNC | O_EXCL, 0);
# 2334|   	free(file);
# 2335|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def476]
shadow-4.18.0/src/useradd.c:2434:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘user_groups’
shadow-4.18.0/src/useradd.c:2397:5: enter_function: entry to ‘main’
shadow-4.18.0/src/useradd.c:2430:23: call_function: inlined call to ‘xmallocarray’ from ‘main’
shadow-4.18.0/src/useradd.c:2434:9: danger: ‘xreallocarray(0, (long unsigned int)(sysconf(3) + 1), 8)’ could be NULL: unchecked value from [(3)](sarif:/runs/0/results/89/codeFlows/0/threadFlows/0/locations/2)
# 2432|   	 * Initialize the list to be empty
# 2433|   	 */
# 2434|-> 	user_groups[0] = NULL;
# 2435|   
# 2436|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def477]
shadow-4.18.0/src/userdel.c:395:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/userdel.c:393:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:394:17: branch_true: ...to here
shadow-4.18.0/src/userdel.c:395:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/userdel.c:395:17: branch_true: ...to here
shadow-4.18.0/src/userdel.c:395:17: acquire_memory: allocated here
shadow-4.18.0/src/userdel.c:395:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/userdel.c:395:17: branch_true: ...to here
shadow-4.18.0/src/userdel.c:395:17: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/userdel.c:395:17: danger: ‘saved_locale’ leaks here; was allocated at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
#  393|   	if (pw_close () == 0) {
#  394|   		fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, pw_dbname ());
#  395|-> 		SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
#  396|   		fail_exit (E_PW_UPDATE);
#  397|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def478]
shadow-4.18.0/src/userdel.c:400:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/userdel.c:393:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/userdel.c:398:13: branch_false: ...to here
shadow-4.18.0/src/userdel.c:398:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:399:17: branch_true: ...to here
shadow-4.18.0/src/userdel.c:400:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/userdel.c:400:17: branch_true: ...to here
shadow-4.18.0/src/userdel.c:400:17: acquire_memory: allocated here
shadow-4.18.0/src/userdel.c:400:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/userdel.c:400:17: branch_true: ...to here
shadow-4.18.0/src/userdel.c:400:17: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/userdel.c:400:17: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/6)
#  398|   	if (pw_unlock () == 0) {
#  399|   		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
#  400|-> 		SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
#  401|   		/* continue */
#  402|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def479]
shadow-4.18.0/src/userdel.c:409:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/userdel.c:393:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/userdel.c:398:13: branch_false: ...to here
shadow-4.18.0/src/userdel.c:405:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:406:21: branch_true: ...to here
shadow-4.18.0/src/userdel.c:406:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:407:25: branch_true: ...to here
shadow-4.18.0/src/userdel.c:409:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/userdel.c:409:25: branch_true: ...to here
shadow-4.18.0/src/userdel.c:409:25: acquire_memory: allocated here
shadow-4.18.0/src/userdel.c:409:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/userdel.c:409:25: branch_true: ...to here
shadow-4.18.0/src/userdel.c:409:25: throw: if ‘spw_dbname’ throws an exception...
shadow-4.18.0/src/userdel.c:409:25: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/8)
#  407|   			fprintf (stderr,
#  408|   			         _("%s: failure while writing changes to %s\n"), Prog, spw_dbname ());
#  409|-> 			SYSLOG ((LOG_ERR, "failure while writing changes to %s", spw_dbname ()));
#  410|   			fail_exit (E_PW_UPDATE);
#  411|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def480]
shadow-4.18.0/src/userdel.c:489:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/userdel.c:486:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:487:21: branch_true: ...to here
shadow-4.18.0/src/userdel.c:487:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:488:25: branch_true: ...to here
shadow-4.18.0/src/userdel.c:489:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/userdel.c:489:25: branch_true: ...to here
shadow-4.18.0/src/userdel.c:489:25: acquire_memory: allocated here
shadow-4.18.0/src/userdel.c:489:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/userdel.c:489:25: branch_true: ...to here
shadow-4.18.0/src/userdel.c:489:25: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/userdel.c:489:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/6)
#  487|   		if (pw_unlock () == 0) {
#  488|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
#  489|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
#  490|   			/* continue */
#  491|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def481]
shadow-4.18.0/src/userdel.c:496:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/userdel.c:493:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:494:21: branch_true: ...to here
shadow-4.18.0/src/userdel.c:494:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:495:25: branch_true: ...to here
shadow-4.18.0/src/userdel.c:496:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/userdel.c:496:25: branch_true: ...to here
shadow-4.18.0/src/userdel.c:496:25: acquire_memory: allocated here
shadow-4.18.0/src/userdel.c:496:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/userdel.c:496:25: branch_true: ...to here
shadow-4.18.0/src/userdel.c:496:25: throw: if ‘gr_dbname’ throws an exception...
shadow-4.18.0/src/userdel.c:496:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/6)
#  494|   		if (gr_unlock () == 0) {
#  495|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
#  496|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
#  497|   			/* continue */
#  498|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def482]
shadow-4.18.0/src/userdel.c:503:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/userdel.c:500:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:501:21: branch_true: ...to here
shadow-4.18.0/src/userdel.c:501:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:502:25: branch_true: ...to here
shadow-4.18.0/src/userdel.c:503:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/userdel.c:503:25: branch_true: ...to here
shadow-4.18.0/src/userdel.c:503:25: acquire_memory: allocated here
shadow-4.18.0/src/userdel.c:503:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/userdel.c:503:25: branch_true: ...to here
shadow-4.18.0/src/userdel.c:503:25: throw: if ‘spw_dbname’ throws an exception...
shadow-4.18.0/src/userdel.c:503:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/6)
#  501|   		if (spw_unlock () == 0) {
#  502|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
#  503|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
#  504|   			/* continue */
#  505|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def483]
shadow-4.18.0/src/userdel.c:511:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/userdel.c:508:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:509:21: branch_true: ...to here
shadow-4.18.0/src/userdel.c:509:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:510:25: branch_true: ...to here
shadow-4.18.0/src/userdel.c:511:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/userdel.c:511:25: branch_true: ...to here
shadow-4.18.0/src/userdel.c:511:25: acquire_memory: allocated here
shadow-4.18.0/src/userdel.c:511:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/userdel.c:511:25: branch_true: ...to here
shadow-4.18.0/src/userdel.c:511:25: throw: if ‘sgr_dbname’ throws an exception...
shadow-4.18.0/src/userdel.c:511:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/6)
#  509|   		if (sgr_unlock () == 0) {
#  510|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
#  511|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
#  512|   			/* continue */
#  513|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def484]
shadow-4.18.0/src/userdel.c:520:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/userdel.c:517:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:518:21: branch_true: ...to here
shadow-4.18.0/src/userdel.c:518:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:519:25: branch_true: ...to here
shadow-4.18.0/src/userdel.c:520:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/userdel.c:520:25: branch_true: ...to here
shadow-4.18.0/src/userdel.c:520:25: acquire_memory: allocated here
shadow-4.18.0/src/userdel.c:520:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/userdel.c:520:25: branch_true: ...to here
shadow-4.18.0/src/userdel.c:520:25: throw: if ‘sub_uid_dbname’ throws an exception...
shadow-4.18.0/src/userdel.c:520:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/6)
#  518|   		if (sub_uid_unlock () == 0) {
#  519|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ());
#  520|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ()));
#  521|   			/* continue */
#  522|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def485]
shadow-4.18.0/src/userdel.c:527:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/userdel.c:524:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:525:21: branch_true: ...to here
shadow-4.18.0/src/userdel.c:525:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:526:25: branch_true: ...to here
shadow-4.18.0/src/userdel.c:527:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/userdel.c:527:25: branch_true: ...to here
shadow-4.18.0/src/userdel.c:527:25: acquire_memory: allocated here
shadow-4.18.0/src/userdel.c:527:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/userdel.c:527:25: branch_true: ...to here
shadow-4.18.0/src/userdel.c:527:25: throw: if ‘sub_gid_dbname’ throws an exception...
shadow-4.18.0/src/userdel.c:527:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/6)
#  525|   		if (sub_gid_unlock () == 0) {
#  526|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ());
#  527|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ()));
#  528|   			/* continue */
#  529|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def486]
shadow-4.18.0/src/userdel.c:677:9: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/userdel.c:644:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/userdel.c:650:16: branch_false: ...to here
shadow-4.18.0/src/userdel.c:677:9: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/userdel.c:677:9: branch_true: ...to here
shadow-4.18.0/src/userdel.c:677:9: acquire_memory: allocated here
shadow-4.18.0/src/userdel.c:677:9: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/userdel.c:677:9: branch_true: ...to here
shadow-4.18.0/src/userdel.c:677:9: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/userdel.c:677:9: danger: ‘saved_locale’ leaks here; was allocated at [(5)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/4)
#  675|   	              user_name, user_id, SHADOW_AUDIT_SUCCESS);
#  676|   #endif				/* WITH_AUDIT */
#  677|-> 	SYSLOG ((LOG_INFO, "delete user '%s'\n", user_name));
#  678|   }
#  679|   

Error: GCC_ANALYZER_WARNING (CWE-688): [#def487]
shadow-4.18.0/src/userdel.c:759:13: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘mailfile’ where non-null expected
shadow-4.18.0/src/userdel.c:753:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:754:28: branch_true: ...to here
shadow-4.18.0/src/userdel.c:754:28: acquire_memory: this call could return NULL
shadow-4.18.0/src/userdel.c:759:13: danger: argument 1 (‘mailfile’) from [(3)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/2) could be NULL where non-null expected
#  757|   	}
#  758|   
#  759|-> 	if (access (mailfile, F_OK) != 0) {
#  760|   		if (ENOENT == errno) {
#  761|   			fprintf (stderr,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def488]
shadow-4.18.0/src/userdel.c:770:25: warning[-Wanalyzer-malloc-leak]: leak of ‘mailfile’
shadow-4.18.0/src/userdel.c:753:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:754:28: branch_true: ...to here
shadow-4.18.0/src/userdel.c:754:28: acquire_memory: allocated here
shadow-4.18.0/src/userdel.c:759:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:760:31: branch_true: ...to here
shadow-4.18.0/src/userdel.c:760:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/userdel.c:767:25: branch_false: ...to here
shadow-4.18.0/src/userdel.c:770:25: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/userdel.c:770:25: danger: ‘mailfile’ leaks here; was allocated at [(3)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/2)
#  768|   			         _("%s: warning: can't remove %s: %s\n"),
#  769|   			         Prog, mailfile, strerror (errno));
#  770|-> 			SYSLOG ((LOG_ERR, "Cannot remove %s: %s", mailfile, strerror (errno)));
#  771|   #ifdef WITH_AUDIT
#  772|   			audit_logger (AUDIT_DEL_USER, Prog,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def489]
shadow-4.18.0/src/userdel.c:770:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/userdel.c:753:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:754:28: branch_true: ...to here
shadow-4.18.0/src/userdel.c:759:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:760:31: branch_true: ...to here
shadow-4.18.0/src/userdel.c:760:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/userdel.c:767:25: branch_false: ...to here
shadow-4.18.0/src/userdel.c:770:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/userdel.c:770:25: branch_true: ...to here
shadow-4.18.0/src/userdel.c:770:25: acquire_memory: allocated here
shadow-4.18.0/src/userdel.c:770:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/userdel.c:770:25: branch_true: ...to here
shadow-4.18.0/src/userdel.c:770:25: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/userdel.c:770:25: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/8)
#  768|   			         _("%s: warning: can't remove %s: %s\n"),
#  769|   			         Prog, mailfile, strerror (errno));
#  770|-> 			SYSLOG ((LOG_ERR, "Cannot remove %s: %s", mailfile, strerror (errno)));
#  771|   #ifdef WITH_AUDIT
#  772|   			audit_logger (AUDIT_DEL_USER, Prog,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def490]
shadow-4.18.0/src/userdel.c:786:25: warning[-Wanalyzer-malloc-leak]: leak of ‘mailfile’
shadow-4.18.0/src/userdel.c:753:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:754:28: branch_true: ...to here
shadow-4.18.0/src/userdel.c:754:28: acquire_memory: allocated here
shadow-4.18.0/src/userdel.c:759:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/userdel.c:781:13: branch_false: ...to here
shadow-4.18.0/src/userdel.c:781:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:782:21: branch_true: ...to here
shadow-4.18.0/src/userdel.c:782:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:785:60: branch_true: ...to here
shadow-4.18.0/src/userdel.c:786:25: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/userdel.c:786:25: danger: ‘mailfile’ leaks here; was allocated at [(3)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/2)
#  784|   			         _("%s: warning: can't remove %s: %s\n"),
#  785|   			         Prog, mailfile, strerror (errno));
#  786|-> 			SYSLOG ((LOG_ERR, "Cannot remove %s: %s", mailfile, strerror (errno)));
#  787|   #ifdef WITH_AUDIT
#  788|   			audit_logger (AUDIT_DEL_USER, Prog,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def491]
shadow-4.18.0/src/userdel.c:786:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/userdel.c:753:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:754:28: branch_true: ...to here
shadow-4.18.0/src/userdel.c:759:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/userdel.c:781:13: branch_false: ...to here
shadow-4.18.0/src/userdel.c:781:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:782:21: branch_true: ...to here
shadow-4.18.0/src/userdel.c:782:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:785:60: branch_true: ...to here
shadow-4.18.0/src/userdel.c:786:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/userdel.c:786:25: branch_true: ...to here
shadow-4.18.0/src/userdel.c:786:25: acquire_memory: allocated here
shadow-4.18.0/src/userdel.c:786:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/userdel.c:786:25: branch_true: ...to here
shadow-4.18.0/src/userdel.c:786:25: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/userdel.c:786:25: danger: ‘saved_locale’ leaks here; was allocated at [(11)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/10)
#  784|   			         _("%s: warning: can't remove %s: %s\n"),
#  785|   			         Prog, mailfile, strerror (errno));
#  786|-> 			SYSLOG ((LOG_ERR, "Cannot remove %s: %s", mailfile, strerror (errno)));
#  787|   #ifdef WITH_AUDIT
#  788|   			audit_logger (AUDIT_DEL_USER, Prog,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def492]
shadow-4.18.0/src/userdel.c:798:25: warning[-Wanalyzer-malloc-leak]: leak of ‘mailfile’
shadow-4.18.0/src/userdel.c:753:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:754:28: branch_true: ...to here
shadow-4.18.0/src/userdel.c:754:28: acquire_memory: allocated here
shadow-4.18.0/src/userdel.c:759:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/userdel.c:781:13: branch_false: ...to here
shadow-4.18.0/src/userdel.c:781:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:782:21: branch_true: ...to here
shadow-4.18.0/src/userdel.c:782:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/userdel.c:798:25: branch_false: ...to here
shadow-4.18.0/src/userdel.c:798:25: throw: if ‘audit_logger’ throws an exception...
shadow-4.18.0/src/userdel.c:798:25: danger: ‘mailfile’ leaks here; was allocated at [(3)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/2)
#  796|   		else
#  797|   		{
#  798|-> 			audit_logger (AUDIT_USER_MGMT, Prog,
#  799|   			              "delete-mail-file",
#  800|   			              user_name, user_id, SHADOW_AUDIT_SUCCESS);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def493]
shadow-4.18.0/src/userdel.c:811:17: warning[-Wanalyzer-malloc-leak]: leak of ‘mailfile’
shadow-4.18.0/src/userdel.c:753:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:754:28: branch_true: ...to here
shadow-4.18.0/src/userdel.c:754:28: acquire_memory: allocated here
shadow-4.18.0/src/userdel.c:759:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/userdel.c:781:13: branch_false: ...to here
shadow-4.18.0/src/userdel.c:781:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/userdel.c:806:13: branch_false: ...to here
shadow-4.18.0/src/userdel.c:807:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:808:17: branch_true: ...to here
shadow-4.18.0/src/userdel.c:811:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/userdel.c:811:17: danger: ‘mailfile’ leaks here; was allocated at [(3)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/2)
#  809|   		         _("%s: %s not owned by %s, not removing\n"),
#  810|   		         Prog, mailfile, user_name);
#  811|-> 		SYSLOG ((LOG_ERR,
#  812|   		         "%s not owned by %s, not removed",
#  813|   		         mailfile, strerror (errno)));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def494]
shadow-4.18.0/src/userdel.c:811:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/userdel.c:753:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:754:28: branch_true: ...to here
shadow-4.18.0/src/userdel.c:759:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/userdel.c:781:13: branch_false: ...to here
shadow-4.18.0/src/userdel.c:781:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/userdel.c:806:13: branch_false: ...to here
shadow-4.18.0/src/userdel.c:807:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:808:17: branch_true: ...to here
shadow-4.18.0/src/userdel.c:811:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/userdel.c:811:17: branch_true: ...to here
shadow-4.18.0/src/userdel.c:811:17: acquire_memory: allocated here
shadow-4.18.0/src/userdel.c:811:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/userdel.c:811:17: branch_true: ...to here
shadow-4.18.0/src/userdel.c:811:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/userdel.c:811:17: danger: ‘saved_locale’ leaks here; was allocated at [(11)](sarif:/runs/0/results/27/codeFlows/0/threadFlows/0/locations/10)
#  809|   		         _("%s: %s not owned by %s, not removing\n"),
#  810|   		         Prog, mailfile, user_name);
#  811|-> 		SYSLOG ((LOG_ERR,
#  812|   		         "%s not owned by %s, not removed",
#  813|   		         mailfile, strerror (errno)));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def495]
shadow-4.18.0/src/userdel.c:829:17: warning[-Wanalyzer-malloc-leak]: leak of ‘mailfile’
shadow-4.18.0/src/userdel.c:753:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:754:28: branch_true: ...to here
shadow-4.18.0/src/userdel.c:754:28: acquire_memory: allocated here
shadow-4.18.0/src/userdel.c:759:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/userdel.c:781:13: branch_false: ...to here
shadow-4.18.0/src/userdel.c:781:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/userdel.c:806:13: branch_false: ...to here
shadow-4.18.0/src/userdel.c:807:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/userdel.c:821:19: branch_false: ...to here
shadow-4.18.0/src/userdel.c:821:19: branch_false: following ‘false’ branch...
shadow-4.18.0/src/userdel.c:825:13: branch_false: ...to here
shadow-4.18.0/src/userdel.c:825:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:828:52: branch_true: ...to here
shadow-4.18.0/src/userdel.c:829:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/userdel.c:829:17: danger: ‘mailfile’ leaks here; was allocated at [(3)](sarif:/runs/0/results/28/codeFlows/0/threadFlows/0/locations/2)
#  827|   		         _("%s: warning: can't remove %s: %s\n"),
#  828|   		         Prog, mailfile, strerror (errno));
#  829|-> 		SYSLOG ((LOG_ERR, "Cannot remove %s: %s", mailfile, strerror (errno)));
#  830|   #ifdef WITH_AUDIT
#  831|   		audit_logger (AUDIT_DEL_USER, Prog,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def496]
shadow-4.18.0/src/userdel.c:829:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/userdel.c:753:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:754:28: branch_true: ...to here
shadow-4.18.0/src/userdel.c:759:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/userdel.c:781:13: branch_false: ...to here
shadow-4.18.0/src/userdel.c:781:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/userdel.c:806:13: branch_false: ...to here
shadow-4.18.0/src/userdel.c:807:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/userdel.c:821:19: branch_false: ...to here
shadow-4.18.0/src/userdel.c:821:19: branch_false: following ‘false’ branch...
shadow-4.18.0/src/userdel.c:825:13: branch_false: ...to here
shadow-4.18.0/src/userdel.c:825:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:828:52: branch_true: ...to here
shadow-4.18.0/src/userdel.c:829:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/userdel.c:829:17: branch_true: ...to here
shadow-4.18.0/src/userdel.c:829:17: acquire_memory: allocated here
shadow-4.18.0/src/userdel.c:829:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/userdel.c:829:17: branch_true: ...to here
shadow-4.18.0/src/userdel.c:829:17: throw: if ‘syslog’ throws an exception...
shadow-4.18.0/src/userdel.c:829:17: danger: ‘saved_locale’ leaks here; was allocated at [(15)](sarif:/runs/0/results/29/codeFlows/0/threadFlows/0/locations/14)
#  827|   		         _("%s: warning: can't remove %s: %s\n"),
#  828|   		         Prog, mailfile, strerror (errno));
#  829|-> 		SYSLOG ((LOG_ERR, "Cannot remove %s: %s", mailfile, strerror (errno)));
#  830|   #ifdef WITH_AUDIT
#  831|   		audit_logger (AUDIT_DEL_USER, Prog,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def497]
shadow-4.18.0/src/userdel.c:841:17: warning[-Wanalyzer-malloc-leak]: leak of ‘mailfile’
shadow-4.18.0/src/userdel.c:753:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/userdel.c:754:28: branch_true: ...to here
shadow-4.18.0/src/userdel.c:754:28: acquire_memory: allocated here
shadow-4.18.0/src/userdel.c:759:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/userdel.c:781:13: branch_false: ...to here
shadow-4.18.0/src/userdel.c:781:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/userdel.c:806:13: branch_false: ...to here
shadow-4.18.0/src/userdel.c:807:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/userdel.c:821:19: branch_false: ...to here
shadow-4.18.0/src/userdel.c:821:19: branch_false: following ‘false’ branch...
shadow-4.18.0/src/userdel.c:825:13: branch_false: ...to here
shadow-4.18.0/src/userdel.c:825:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/userdel.c:841:17: branch_false: ...to here
shadow-4.18.0/src/userdel.c:841:17: throw: if ‘audit_logger’ throws an exception...
shadow-4.18.0/src/userdel.c:841:17: danger: ‘mailfile’ leaks here; was allocated at [(3)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/2)
#  839|   	else
#  840|   	{
#  841|-> 		audit_logger (AUDIT_USER_MGMT, Prog,
#  842|   		              "delete-mail-file",
#  843|   		              user_name, user_id, SHADOW_AUDIT_SUCCESS);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def498]
shadow-4.18.0/src/usermod.c:284:17: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
shadow-4.18.0/src/usermod.c:2155:5: enter_function: entry to ‘main’
shadow-4.18.0/src/usermod.c:2192:9: call_function: calling ‘process_flags’ from ‘main’
#  282|   		 */
#  283|   		user_groups[ngroups++] = xstrdup (grp->gr_name);
#  284|-> 		gr_free (grp);
#  285|   	}
#  286|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def499]
shadow-4.18.0/src/usermod.c:435:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/usermod.c:1710:13: enter_function: entry to ‘usr_update’
shadow-4.18.0/src/usermod.c:1722:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:1728:9: branch_false: ...to here
shadow-4.18.0/src/usermod.c:1729:9: call_function: calling ‘new_pwent’ from ‘usr_update’
#  433|   		              "updating-passwd", user_newname, user_newid, 1);
#  434|   #endif
#  435|-> 		SYSLOG ((LOG_INFO, "lock user '%s' password", user_newname));
#  436|   		pw_pass = xaprintf("!%s", pw_pass);
#  437|   	} else if (Uflg && strprefix(pw_pass, "!")) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def500]
shadow-4.18.0/src/usermod.c:450:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/usermod.c:1710:13: enter_function: entry to ‘usr_update’
shadow-4.18.0/src/usermod.c:1722:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:1728:9: branch_false: ...to here
shadow-4.18.0/src/usermod.c:1729:9: call_function: calling ‘new_pwent’ from ‘usr_update’
#  448|   		              "updating-password", user_newname, user_newid, 1);
#  449|   #endif
#  450|-> 		SYSLOG ((LOG_INFO, "unlock user '%s' password", user_newname));
#  451|   		memmove(pw_pass, pw_pass + 1, strlen(pw_pass));
#  452|   	} else if (pflg) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def501]
shadow-4.18.0/src/usermod.c:457:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/usermod.c:1710:13: enter_function: entry to ‘usr_update’
shadow-4.18.0/src/usermod.c:1722:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:1728:9: branch_false: ...to here
shadow-4.18.0/src/usermod.c:1729:9: call_function: calling ‘new_pwent’ from ‘usr_update’
#  455|   		              "updating-password", user_newname, user_newid, 1);
#  456|   #endif
#  457|-> 		SYSLOG ((LOG_INFO, "change user '%s' password", user_newname));
#  458|   		pw_pass = xstrdup (user_pass);
#  459|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def502]
shadow-4.18.0/src/usermod.c:486:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/usermod.c:1710:13: enter_function: entry to ‘usr_update’
shadow-4.18.0/src/usermod.c:1722:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:1728:9: branch_false: ...to here
shadow-4.18.0/src/usermod.c:1729:9: call_function: calling ‘new_pwent’ from ‘usr_update’
#  484|   		              "changing-name", user_newname, user_newid, 1);
#  485|   #endif
#  486|-> 		SYSLOG ((LOG_INFO,
#  487|   		         "change user name '%s' to '%s'",
#  488|   		         pwent->pw_name, user_newname));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def503]
shadow-4.18.0/src/usermod.c:506:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/usermod.c:1710:13: enter_function: entry to ‘usr_update’
shadow-4.18.0/src/usermod.c:1722:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:1728:9: branch_false: ...to here
shadow-4.18.0/src/usermod.c:1729:9: call_function: calling ‘new_pwent’ from ‘usr_update’
#  504|   		              "changing-uid", user_newname, user_newid, 1);
#  505|   #endif
#  506|-> 		SYSLOG ((LOG_INFO,
#  507|   		         "change user '%s' UID from '%d' to '%d'",
#  508|   		         pwent->pw_name, pwent->pw_uid, user_newid));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def504]
shadow-4.18.0/src/usermod.c:517:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/usermod.c:1710:13: enter_function: entry to ‘usr_update’
shadow-4.18.0/src/usermod.c:1722:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:1728:9: branch_false: ...to here
shadow-4.18.0/src/usermod.c:1729:9: call_function: calling ‘new_pwent’ from ‘usr_update’
#  515|   		              user_newname, user_newid, 1);
#  516|   #endif
#  517|-> 		SYSLOG ((LOG_INFO,
#  518|   		         "change user '%s' GID from '%d' to '%d'",
#  519|   		         pwent->pw_name, pwent->pw_gid, user_newgid));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def505]
shadow-4.18.0/src/usermod.c:536:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/usermod.c:1710:13: enter_function: entry to ‘usr_update’
shadow-4.18.0/src/usermod.c:1722:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:1728:9: branch_false: ...to here
shadow-4.18.0/src/usermod.c:1729:9: call_function: calling ‘new_pwent’ from ‘usr_update’
#  534|   		              user_newname, user_newid, 1);
#  535|   #endif
#  536|-> 		SYSLOG ((LOG_INFO,
#  537|   		         "change user '%s' home from '%s' to '%s'",
#  538|   		         pwent->pw_name, pwent->pw_dir, user_newhome));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def506]
shadow-4.18.0/src/usermod.c:553:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/usermod.c:1710:13: enter_function: entry to ‘usr_update’
shadow-4.18.0/src/usermod.c:1722:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:1728:9: branch_false: ...to here
shadow-4.18.0/src/usermod.c:1729:9: call_function: calling ‘new_pwent’ from ‘usr_update’
#  551|   		              user_newname, user_newid, 1);
#  552|   #endif
#  553|-> 		SYSLOG ((LOG_INFO,
#  554|   		         "change user '%s' shell from '%s' to '%s'",
#  555|   		         pwent->pw_name, pwent->pw_shell, user_newshell));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def507]
shadow-4.18.0/src/usermod.c:637:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/usermod.c:1607:13: enter_function: entry to ‘open_files’
shadow-4.18.0/src/usermod.c:1609:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:1610:17: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1613:17: call_function: calling ‘fail_exit’ from ‘open_files’
#  635|   		if (gr_unlock () == 0) {
#  636|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
#  637|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
#  638|   			/* continue */
#  639|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def508]
shadow-4.18.0/src/usermod.c:645:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/usermod.c:1607:13: enter_function: entry to ‘open_files’
shadow-4.18.0/src/usermod.c:1609:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:1610:17: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1613:17: call_function: calling ‘fail_exit’ from ‘open_files’
#  643|   		if (sgr_unlock () == 0) {
#  644|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
#  645|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
#  646|   			/* continue */
#  647|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def509]
shadow-4.18.0/src/usermod.c:653:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/usermod.c:1607:13: enter_function: entry to ‘open_files’
shadow-4.18.0/src/usermod.c:1609:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:1610:17: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1613:17: call_function: calling ‘fail_exit’ from ‘open_files’
#  651|   		if (spw_unlock () == 0) {
#  652|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
#  653|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
#  654|   			/* continue */
#  655|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def510]
shadow-4.18.0/src/usermod.c:660:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/usermod.c:1607:13: enter_function: entry to ‘open_files’
shadow-4.18.0/src/usermod.c:1609:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:1610:17: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1613:17: call_function: calling ‘fail_exit’ from ‘open_files’
#  658|   		if (pw_unlock () == 0) {
#  659|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
#  660|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
#  661|   			/* continue */
#  662|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def511]
shadow-4.18.0/src/usermod.c:668:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/usermod.c:1607:13: enter_function: entry to ‘open_files’
shadow-4.18.0/src/usermod.c:1609:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:1610:17: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1613:17: call_function: calling ‘fail_exit’ from ‘open_files’
#  666|   		if (sub_uid_unlock () == 0) {
#  667|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ());
#  668|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ()));
#  669|   			/* continue */
#  670|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def512]
shadow-4.18.0/src/usermod.c:675:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/usermod.c:1607:13: enter_function: entry to ‘open_files’
shadow-4.18.0/src/usermod.c:1609:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:1610:17: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1613:17: call_function: calling ‘fail_exit’ from ‘open_files’
#  673|   		if (sub_gid_unlock () == 0) {
#  674|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ());
#  675|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ()));
#  676|   			/* continue */
#  677|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def513]
shadow-4.18.0/src/usermod.c:1288:38: warning[-Wanalyzer-malloc-leak]: leak of ‘xreallocarray(0, strlen(str) + 1, 1)’
shadow-4.18.0/src/usermod.c:2155:5: enter_function: entry to ‘main’
shadow-4.18.0/src/usermod.c:2192:9: call_function: calling ‘process_flags’ from ‘main’
# 1286|   		user_gid = pwd->pw_gid;
# 1287|   		user_comment = xstrdup (pwd->pw_gecos);
# 1288|-> 		user_home = xstrdup (pwd->pw_dir);
# 1289|   		user_shell = xstrdup (pwd->pw_shell);
# 1290|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def514]
shadow-4.18.0/src/usermod.c:1289:39: warning[-Wanalyzer-malloc-leak]: leak of ‘xreallocarray(0, strlen(str) + 1, 1)’
shadow-4.18.0/src/usermod.c:2155:5: enter_function: entry to ‘main’
shadow-4.18.0/src/usermod.c:2192:9: call_function: calling ‘process_flags’ from ‘main’
# 1287|   		user_comment = xstrdup (pwd->pw_gecos);
# 1288|   		user_home = xstrdup (pwd->pw_dir);
# 1289|-> 		user_shell = xstrdup (pwd->pw_shell);
# 1290|   	}
# 1291|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def515]
shadow-4.18.0/src/usermod.c:1476:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/usermod.c:1472:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:1473:17: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1476:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/usermod.c:1476:17: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1476:17: acquire_memory: allocated here
shadow-4.18.0/src/usermod.c:1476:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/usermod.c:1476:17: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1476:17: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/usermod.c:1476:17: danger: ‘saved_locale’ leaks here; was allocated at [(5)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/4)
# 1474|   		         _("%s: failure while writing changes to %s\n"),
# 1475|   		         Prog, pw_dbname ());
# 1476|-> 		SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
# 1477|   		fail_exit (E_PW_UPDATE);
# 1478|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def516]
shadow-4.18.0/src/usermod.c:1483:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/usermod.c:1472:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:1479:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:1479:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:1483:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/usermod.c:1483:17: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1483:17: acquire_memory: allocated here
shadow-4.18.0/src/usermod.c:1483:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/usermod.c:1483:17: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1483:17: throw: if ‘spw_dbname’ throws an exception...
shadow-4.18.0/src/usermod.c:1483:17: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/6)
# 1481|   		         _("%s: failure while writing changes to %s\n"),
# 1482|   		         Prog, spw_dbname ());
# 1483|-> 		SYSLOG ((LOG_ERR,
# 1484|   		         "failure while writing changes to %s",
# 1485|   		         spw_dbname ()));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def517]
shadow-4.18.0/src/usermod.c:1494:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/usermod.c:1472:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:1479:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:1490:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:1491:25: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1494:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/usermod.c:1494:25: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1494:25: acquire_memory: allocated here
shadow-4.18.0/src/usermod.c:1494:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/usermod.c:1494:25: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1494:25: throw: if ‘gr_dbname’ throws an exception...
shadow-4.18.0/src/usermod.c:1494:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/28/codeFlows/0/threadFlows/0/locations/6)
# 1492|   			         _("%s: failure while writing changes to %s\n"),
# 1493|   			         Prog, gr_dbname ());
# 1494|-> 			SYSLOG ((LOG_ERR,
# 1495|   			         "failure while writing changes to %s",
# 1496|   			         gr_dbname ()));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def518]
shadow-4.18.0/src/usermod.c:1505:33: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/usermod.c:1472:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:1479:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:1490:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:1500:21: branch_false: ...to here
shadow-4.18.0/src/usermod.c:1500:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:1501:29: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1501:28: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:1502:33: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1505:33: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/usermod.c:1505:33: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1505:33: acquire_memory: allocated here
shadow-4.18.0/src/usermod.c:1505:33: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/usermod.c:1505:33: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1505:33: throw: if ‘sgr_dbname’ throws an exception...
shadow-4.18.0/src/usermod.c:1505:33: danger: ‘saved_locale’ leaks here; was allocated at [(11)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/10)
# 1503|   				         _("%s: failure while writing changes to %s\n"),
# 1504|   				         Prog, sgr_dbname ());
# 1505|-> 				SYSLOG ((LOG_ERR,
# 1506|   				         "failure while writing changes to %s",
# 1507|   				         sgr_dbname ()));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def519]
shadow-4.18.0/src/usermod.c:1518:33: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/usermod.c:1472:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:1479:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:1490:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:1500:21: branch_false: ...to here
shadow-4.18.0/src/usermod.c:1501:28: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:1513:21: branch_false: ...to here
shadow-4.18.0/src/usermod.c:1513:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:1514:29: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1514:28: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:1515:33: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1518:33: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/usermod.c:1518:33: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1518:33: acquire_memory: allocated here
shadow-4.18.0/src/usermod.c:1518:33: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/usermod.c:1518:33: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1518:33: throw: if ‘sgr_dbname’ throws an exception...
shadow-4.18.0/src/usermod.c:1518:33: danger: ‘saved_locale’ leaks here; was allocated at [(13)](sarif:/runs/0/results/32/codeFlows/0/threadFlows/0/locations/12)
# 1516|   				         _("%s: failed to unlock %s\n"),
# 1517|   				         Prog, sgr_dbname ());
# 1518|-> 				SYSLOG ((LOG_ERR,
# 1519|   				         "failed to unlock %s",
# 1520|   				         sgr_dbname ()));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def520]
shadow-4.18.0/src/usermod.c:1529:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/usermod.c:1472:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:1479:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:1490:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:1500:21: branch_false: ...to here
shadow-4.18.0/src/usermod.c:1525:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:1526:25: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1529:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/usermod.c:1529:25: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1529:25: acquire_memory: allocated here
shadow-4.18.0/src/usermod.c:1529:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/usermod.c:1529:25: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1529:25: throw: if ‘gr_dbname’ throws an exception...
shadow-4.18.0/src/usermod.c:1529:25: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/34/codeFlows/0/threadFlows/0/locations/8)
# 1527|   			         _("%s: failed to unlock %s\n"),
# 1528|   			         Prog, gr_dbname ());
# 1529|-> 			SYSLOG ((LOG_ERR,
# 1530|   			         "failed to unlock %s",
# 1531|   			         gr_dbname ()));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def521]
shadow-4.18.0/src/usermod.c:1541:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/usermod.c:1472:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:1479:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:1479:13: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:1489:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:1536:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:1537:21: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1537:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:1538:25: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1541:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/usermod.c:1541:25: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1541:25: acquire_memory: allocated here
shadow-4.18.0/src/usermod.c:1541:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/usermod.c:1541:25: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1541:25: throw: if ‘spw_dbname’ throws an exception...
shadow-4.18.0/src/usermod.c:1541:25: danger: ‘saved_locale’ leaks here; was allocated at [(11)](sarif:/runs/0/results/36/codeFlows/0/threadFlows/0/locations/10)
# 1539|   			         _("%s: failed to unlock %s\n"),
# 1540|   			         Prog, spw_dbname ());
# 1541|-> 			SYSLOG ((LOG_ERR,
# 1542|   			         "failed to unlock %s",
# 1543|   			         spw_dbname ()));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def522]
shadow-4.18.0/src/usermod.c:1551:17: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/usermod.c:1472:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:1479:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:1547:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:1548:17: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1551:17: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/usermod.c:1551:17: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1551:17: acquire_memory: allocated here
shadow-4.18.0/src/usermod.c:1551:17: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/usermod.c:1551:17: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1551:17: throw: if ‘pw_dbname’ throws an exception...
shadow-4.18.0/src/usermod.c:1551:17: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/38/codeFlows/0/threadFlows/0/locations/6)
# 1549|   		         _("%s: failed to unlock %s\n"),
# 1550|   		         Prog, pw_dbname ());
# 1551|-> 		SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
# 1552|   		/* continue */
# 1553|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def523]
shadow-4.18.0/src/usermod.c:1566:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/usermod.c:1472:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:1479:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:1564:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:1565:25: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1566:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/usermod.c:1566:25: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1566:25: acquire_memory: allocated here
shadow-4.18.0/src/usermod.c:1566:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/usermod.c:1566:25: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1566:25: throw: if ‘sub_uid_dbname’ throws an exception...
shadow-4.18.0/src/usermod.c:1566:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/40/codeFlows/0/threadFlows/0/locations/6)
# 1564|   		if (sub_uid_close () == 0) {
# 1565|   			fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, sub_uid_dbname ());
# 1566|-> 			SYSLOG ((LOG_ERR, "failure while writing changes to %s", sub_uid_dbname ()));
# 1567|   			fail_exit (E_SUB_UID_UPDATE);
# 1568|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def524]
shadow-4.18.0/src/usermod.c:1571:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/usermod.c:1472:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:1479:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:1564:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:1569:21: branch_false: ...to here
shadow-4.18.0/src/usermod.c:1569:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:1570:25: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1571:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/usermod.c:1571:25: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1571:25: acquire_memory: allocated here
shadow-4.18.0/src/usermod.c:1571:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/usermod.c:1571:25: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1571:25: throw: if ‘sub_uid_dbname’ throws an exception...
shadow-4.18.0/src/usermod.c:1571:25: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/42/codeFlows/0/threadFlows/0/locations/8)
# 1569|   		if (sub_uid_unlock () == 0) {
# 1570|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ());
# 1571|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ()));
# 1572|   			/* continue */
# 1573|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def525]
shadow-4.18.0/src/usermod.c:1579:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/usermod.c:1472:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:1479:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:1577:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:1578:25: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1579:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/usermod.c:1579:25: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1579:25: acquire_memory: allocated here
shadow-4.18.0/src/usermod.c:1579:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/usermod.c:1579:25: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1579:25: throw: if ‘sub_gid_dbname’ throws an exception...
shadow-4.18.0/src/usermod.c:1579:25: danger: ‘saved_locale’ leaks here; was allocated at [(7)](sarif:/runs/0/results/44/codeFlows/0/threadFlows/0/locations/6)
# 1577|   		if (sub_gid_close () == 0) {
# 1578|   			fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, sub_gid_dbname ());
# 1579|-> 			SYSLOG ((LOG_ERR, "failure while writing changes to %s", sub_gid_dbname ()));
# 1580|   			fail_exit (E_SUB_GID_UPDATE);
# 1581|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def526]
shadow-4.18.0/src/usermod.c:1584:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/usermod.c:1472:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:1479:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:1577:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:1582:21: branch_false: ...to here
shadow-4.18.0/src/usermod.c:1582:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:1583:25: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1584:25: branch_true: following ‘true’ branch (when ‘old_locale’ is non-NULL)...
shadow-4.18.0/src/usermod.c:1584:25: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1584:25: acquire_memory: allocated here
shadow-4.18.0/src/usermod.c:1584:25: branch_true: following ‘true’ branch (when ‘saved_locale’ is non-NULL)...
shadow-4.18.0/src/usermod.c:1584:25: branch_true: ...to here
shadow-4.18.0/src/usermod.c:1584:25: throw: if ‘sub_gid_dbname’ throws an exception...
shadow-4.18.0/src/usermod.c:1584:25: danger: ‘saved_locale’ leaks here; was allocated at [(9)](sarif:/runs/0/results/46/codeFlows/0/threadFlows/0/locations/8)
# 1582|   		if (sub_gid_unlock () == 0) {
# 1583|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ());
# 1584|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ()));
# 1585|   			/* continue */
# 1586|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def527]
shadow-4.18.0/src/usermod.c:2086:14: warning[-Wanalyzer-malloc-leak]: leak of ‘mailfile’
shadow-4.18.0/src/usermod.c:2080:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2081:28: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2081:28: acquire_memory: allocated here
shadow-4.18.0/src/usermod.c:2086:14: throw: if ‘open’ throws an exception...
shadow-4.18.0/src/usermod.c:2086:14: danger: ‘mailfile’ leaks here; was allocated at [(3)](sarif:/runs/0/results/49/codeFlows/0/threadFlows/0/locations/2)
# 2084|   	}
# 2085|   
# 2086|-> 	fd = open (mailfile, O_RDONLY | O_NONBLOCK, 0);
# 2087|   	if (fd < 0) {
# 2088|   		/* no need for warnings if the mailbox doesn't exist */

Error: GCC_ANALYZER_WARNING (CWE-688): [#def528]
shadow-4.18.0/src/usermod.c:2086:14: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘mailfile’ where non-null expected
shadow-4.18.0/src/usermod.c:2080:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2081:28: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2081:28: acquire_memory: this call could return NULL
shadow-4.18.0/src/usermod.c:2086:14: danger: argument 1 (‘mailfile’) from [(3)](sarif:/runs/0/results/48/codeFlows/0/threadFlows/0/locations/2) could be NULL where non-null expected
# 2084|   	}
# 2085|   
# 2086|-> 	fd = open (mailfile, O_RDONLY | O_NONBLOCK, 0);
# 2087|   	if (fd < 0) {
# 2088|   		/* no need for warnings if the mailbox doesn't exist */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def529]
shadow-4.18.0/src/usermod.c:2090:25: warning[-Wanalyzer-malloc-leak]: leak of ‘mailfile’
shadow-4.18.0/src/usermod.c:2080:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2081:28: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2081:28: acquire_memory: allocated here
shadow-4.18.0/src/usermod.c:2087:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2089:21: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2089:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2090:25: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2090:25: throw: if ‘perror’ throws an exception...
shadow-4.18.0/src/usermod.c:2090:25: danger: ‘mailfile’ leaks here; was allocated at [(3)](sarif:/runs/0/results/50/codeFlows/0/threadFlows/0/locations/2)
# 2088|   		/* no need for warnings if the mailbox doesn't exist */
# 2089|   		if (errno != ENOENT) {
# 2090|-> 			perror (mailfile);
# 2091|   		}
# 2092|   		free(mailfile);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def530]
shadow-4.18.0/src/usermod.c:2096:17: warning[-Wanalyzer-malloc-leak]: leak of ‘mailfile’
shadow-4.18.0/src/usermod.c:2080:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2081:28: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2081:28: acquire_memory: allocated here
shadow-4.18.0/src/usermod.c:2087:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2095:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2095:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2096:17: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2096:17: throw: if ‘perror’ throws an exception...
shadow-4.18.0/src/usermod.c:2096:17: danger: ‘mailfile’ leaks here; was allocated at [(3)](sarif:/runs/0/results/51/codeFlows/0/threadFlows/0/locations/2)
# 2094|   	}
# 2095|   	if (fstat (fd, &st) < 0) {
# 2096|-> 		perror ("fstat");
# 2097|   		(void) close (fd);
# 2098|   		free(mailfile);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def531]
shadow-4.18.0/src/usermod.c:2097:24: warning[-Wanalyzer-malloc-leak]: leak of ‘mailfile’
shadow-4.18.0/src/usermod.c:2080:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2081:28: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2081:28: acquire_memory: allocated here
shadow-4.18.0/src/usermod.c:2087:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2095:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2095:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2096:17: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2097:24: throw: if ‘close’ throws an exception...
shadow-4.18.0/src/usermod.c:2097:24: danger: ‘mailfile’ leaks here; was allocated at [(3)](sarif:/runs/0/results/52/codeFlows/0/threadFlows/0/locations/2)
# 2095|   	if (fstat (fd, &st) < 0) {
# 2096|   		perror ("fstat");
# 2097|-> 		(void) close (fd);
# 2098|   		free(mailfile);
# 2099|   		return;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def532]
shadow-4.18.0/src/usermod.c:2105:24: warning[-Wanalyzer-malloc-leak]: leak of ‘mailfile’
shadow-4.18.0/src/usermod.c:2080:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2081:28: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2081:28: acquire_memory: allocated here
shadow-4.18.0/src/usermod.c:2087:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2095:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2095:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2101:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2101:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2103:17: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2105:24: throw: if ‘close’ throws an exception...
shadow-4.18.0/src/usermod.c:2105:24: danger: ‘mailfile’ leaks here; was allocated at [(3)](sarif:/runs/0/results/53/codeFlows/0/threadFlows/0/locations/2)
# 2103|   		fprintf (stderr, _("%s: warning: %s not owned by %s\n"),
# 2104|   		         Prog, mailfile, user_name);
# 2105|-> 		(void) close (fd);
# 2106|   		free(mailfile);
# 2107|   		return;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def533]
shadow-4.18.0/src/usermod.c:2111:25: warning[-Wanalyzer-malloc-leak]: leak of ‘mailfile’
shadow-4.18.0/src/usermod.c:2080:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2081:28: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2081:28: acquire_memory: allocated here
shadow-4.18.0/src/usermod.c:2087:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2095:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2095:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2101:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2101:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2109:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2109:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2110:21: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2110:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2111:33: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2111:25: throw: if ‘perror’ throws an exception...
shadow-4.18.0/src/usermod.c:2111:25: danger: ‘mailfile’ leaks here; was allocated at [(3)](sarif:/runs/0/results/54/codeFlows/0/threadFlows/0/locations/2)
# 2109|   	if (uflg) {
# 2110|   		if (fchown (fd, user_newid, (gid_t) -1) < 0) {
# 2111|-> 			perror (_("failed to change mailbox owner"));
# 2112|   		}
# 2113|   #ifdef WITH_AUDIT

Error: GCC_ANALYZER_WARNING (CWE-401): [#def534]
shadow-4.18.0/src/usermod.c:2115:25: warning[-Wanalyzer-malloc-leak]: leak of ‘mailfile’
shadow-4.18.0/src/usermod.c:2080:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2081:28: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2081:28: acquire_memory: allocated here
shadow-4.18.0/src/usermod.c:2087:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2095:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2095:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2101:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2101:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2109:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2109:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2110:21: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2110:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2115:25: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2115:25: throw: if ‘audit_logger’ throws an exception...
shadow-4.18.0/src/usermod.c:2115:25: danger: ‘mailfile’ leaks here; was allocated at [(3)](sarif:/runs/0/results/55/codeFlows/0/threadFlows/0/locations/2)
# 2113|   #ifdef WITH_AUDIT
# 2114|   		else {
# 2115|-> 			audit_logger (AUDIT_USER_MGMT, Prog,
# 2116|   			              "updating-mail-file-owner",
# 2117|   			              user_newname, user_newid, 1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def535]
shadow-4.18.0/src/usermod.c:2122:16: warning[-Wanalyzer-malloc-leak]: leak of ‘mailfile’
shadow-4.18.0/src/usermod.c:2080:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2081:28: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2081:28: acquire_memory: allocated here
shadow-4.18.0/src/usermod.c:2087:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2095:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2095:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2101:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2101:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2109:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2122:16: throw: if ‘close’ throws an exception...
shadow-4.18.0/src/usermod.c:2122:16: danger: ‘mailfile’ leaks here; was allocated at [(3)](sarif:/runs/0/results/56/codeFlows/0/threadFlows/0/locations/2)
# 2120|   	}
# 2121|   
# 2122|-> 	(void) close (fd);
# 2123|   
# 2124|   	if (lflg) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def536]
shadow-4.18.0/src/usermod.c:2128:39: warning[-Wanalyzer-malloc-leak]: leak of ‘mailfile’
shadow-4.18.0/src/usermod.c:2080:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2081:28: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2081:28: acquire_memory: allocated here
shadow-4.18.0/src/usermod.c:2087:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2095:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2095:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2101:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2101:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2109:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2124:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2127:21: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2127:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2128:39: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2128:39: throw: if ‘xaprintf’ throws an exception...
shadow-4.18.0/src/usermod.c:2128:39: danger: ‘mailfile’ leaks here; was allocated at [(3)](sarif:/runs/0/results/57/codeFlows/0/threadFlows/0/locations/2)
# 2126|   
# 2127|   		if (prefix[0]) {
# 2128|-> 			newmailfile = xaprintf("%s/%s/%s",
# 2129|   			                       prefix, maildir, user_newname);
# 2130|   		} else {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def537]
shadow-4.18.0/src/usermod.c:2131:39: warning[-Wanalyzer-malloc-leak]: leak of ‘mailfile’
shadow-4.18.0/src/usermod.c:2080:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2083:28: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2083:28: acquire_memory: allocated here
shadow-4.18.0/src/usermod.c:2087:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2095:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2095:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2101:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2101:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2109:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2124:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2127:21: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2127:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2131:39: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2131:39: throw: if ‘xaprintf’ throws an exception...
shadow-4.18.0/src/usermod.c:2131:39: danger: ‘mailfile’ leaks here; was allocated at [(3)](sarif:/runs/0/results/58/codeFlows/0/threadFlows/0/locations/2)
# 2129|   			                       prefix, maildir, user_newname);
# 2130|   		} else {
# 2131|-> 			newmailfile = xaprintf("%s/%s", maildir, user_newname);
# 2132|   		}
# 2133|   		if (   (link (mailfile, newmailfile) != 0)

Error: GCC_ANALYZER_WARNING (CWE-688): [#def538]
shadow-4.18.0/src/usermod.c:2133:25: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘newmailfile’ where non-null expected
shadow-4.18.0/src/usermod.c:2080:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2081:28: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2087:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2095:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2095:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2101:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2101:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2109:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2124:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2127:21: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2127:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2128:39: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2128:39: acquire_memory: this call could return NULL
shadow-4.18.0/src/usermod.c:2133:25: danger: argument 2 (‘newmailfile’) from [(13)](sarif:/runs/0/results/59/codeFlows/0/threadFlows/0/locations/12) could be NULL where non-null expected
# 2131|   			newmailfile = xaprintf("%s/%s", maildir, user_newname);
# 2132|   		}
# 2133|-> 		if (   (link (mailfile, newmailfile) != 0)
# 2134|   		    || (unlink (mailfile) != 0)) {
# 2135|   			perror (_("failed to rename mailbox"));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def539]
shadow-4.18.0/src/usermod.c:2135:25: warning[-Wanalyzer-malloc-leak]: leak of ‘mailfile’
shadow-4.18.0/src/usermod.c:2080:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2081:28: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2081:28: acquire_memory: allocated here
shadow-4.18.0/src/usermod.c:2087:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2095:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2095:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2101:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2101:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2109:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2124:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2127:21: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2127:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2128:39: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2135:25: throw: if ‘perror’ throws an exception...
shadow-4.18.0/src/usermod.c:2135:25: danger: ‘mailfile’ leaks here; was allocated at [(3)](sarif:/runs/0/results/60/codeFlows/0/threadFlows/0/locations/2)
# 2133|   		if (   (link (mailfile, newmailfile) != 0)
# 2134|   		    || (unlink (mailfile) != 0)) {
# 2135|-> 			perror (_("failed to rename mailbox"));
# 2136|   		}
# 2137|   #ifdef WITH_AUDIT

Error: GCC_ANALYZER_WARNING (CWE-401): [#def540]
shadow-4.18.0/src/usermod.c:2135:25: warning[-Wanalyzer-malloc-leak]: leak of ‘newmailfile’
shadow-4.18.0/src/usermod.c:2080:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2081:28: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2087:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2095:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2095:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2101:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2101:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2109:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2124:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2127:21: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2127:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2128:39: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2128:39: acquire_memory: allocated here
shadow-4.18.0/src/usermod.c:2135:25: throw: if ‘perror’ throws an exception...
shadow-4.18.0/src/usermod.c:2135:25: danger: ‘newmailfile’ leaks here; was allocated at [(13)](sarif:/runs/0/results/61/codeFlows/0/threadFlows/0/locations/12)
# 2133|   		if (   (link (mailfile, newmailfile) != 0)
# 2134|   		    || (unlink (mailfile) != 0)) {
# 2135|-> 			perror (_("failed to rename mailbox"));
# 2136|   		}
# 2137|   #ifdef WITH_AUDIT

Error: GCC_ANALYZER_WARNING (CWE-401): [#def541]
shadow-4.18.0/src/usermod.c:2139:25: warning[-Wanalyzer-malloc-leak]: leak of ‘mailfile’
shadow-4.18.0/src/usermod.c:2080:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2081:28: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2081:28: acquire_memory: allocated here
shadow-4.18.0/src/usermod.c:2087:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2095:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2095:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2101:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2101:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2109:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2124:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2127:21: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2127:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2128:39: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2133:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2134:25: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2133:24: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2139:25: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2139:25: throw: if ‘audit_logger’ throws an exception...
shadow-4.18.0/src/usermod.c:2139:25: danger: ‘mailfile’ leaks here; was allocated at [(3)](sarif:/runs/0/results/62/codeFlows/0/threadFlows/0/locations/2)
# 2137|   #ifdef WITH_AUDIT
# 2138|   		else {
# 2139|-> 			audit_logger (AUDIT_USER_MGMT, Prog,
# 2140|   			              "updating-mail-file-name",
# 2141|   			              user_newname, user_newid, 1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def542]
shadow-4.18.0/src/usermod.c:2139:25: warning[-Wanalyzer-malloc-leak]: leak of ‘newmailfile’
shadow-4.18.0/src/usermod.c:2080:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2081:28: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2087:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2095:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2095:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2101:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2101:12: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2109:13: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2124:12: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2127:21: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2127:20: branch_true: following ‘true’ branch...
shadow-4.18.0/src/usermod.c:2128:39: branch_true: ...to here
shadow-4.18.0/src/usermod.c:2128:39: acquire_memory: allocated here
shadow-4.18.0/src/usermod.c:2133:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2134:25: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2133:24: branch_false: following ‘false’ branch...
shadow-4.18.0/src/usermod.c:2139:25: branch_false: ...to here
shadow-4.18.0/src/usermod.c:2139:25: throw: if ‘audit_logger’ throws an exception...
shadow-4.18.0/src/usermod.c:2139:25: danger: ‘newmailfile’ leaks here; was allocated at [(13)](sarif:/runs/0/results/63/codeFlows/0/threadFlows/0/locations/12)
# 2137|   #ifdef WITH_AUDIT
# 2138|   		else {
# 2139|-> 			audit_logger (AUDIT_USER_MGMT, Prog,
# 2140|   			              "updating-mail-file-name",
# 2141|   			              user_newname, user_newid, 1);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def543]
shadow-4.18.0/src/usermod.c:2181:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘user_groups’
shadow-4.18.0/src/usermod.c:2155:5: enter_function: entry to ‘main’
shadow-4.18.0/src/usermod.c:2180:23: call_function: inlined call to ‘xmallocarray’ from ‘main’
shadow-4.18.0/src/usermod.c:2181:9: danger: ‘xreallocarray(0, (long unsigned int)(sysconf(3) + 1), 8)’ could be NULL: unchecked value from [(3)](sarif:/runs/0/results/64/codeFlows/0/threadFlows/0/locations/2)
# 2179|   	sys_ngroups = sysconf (_SC_NGROUPS_MAX);
# 2180|   	user_groups = XMALLOC(sys_ngroups + 1, char *);
# 2181|-> 	user_groups[0] = NULL;
# 2182|   
# 2183|   	is_shadow_pwd = spw_file_present ();

Error: GCC_ANALYZER_WARNING (CWE-775): [#def544]
shadow-4.18.0/src/vipw.c:121:13: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(backup, "w")’
shadow-4.18.0/src/vipw.c:478:5: enter_function: entry to ‘main’
shadow-4.18.0/src/vipw.c:549:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/vipw.c:554:12: branch_false: ...to here
shadow-4.18.0/src/vipw.c:554:12: branch_true: following ‘true’ branch (when ‘do_vigr != 0’)...
shadow-4.18.0/src/vipw.c:556:20: branch_true: ...to here
shadow-4.18.0/src/vipw.c:556:20: branch_false: following ‘false’ branch (when ‘editshadow == 0’)...
shadow-4.18.0/src/vipw.c:564:25: branch_false: ...to here
shadow-4.18.0/src/vipw.c:564:25: call_function: calling ‘vipwedit’ from ‘main’
#  119|   
#  120|   	c = 0;
#  121|-> 	if (fseeko (fp, 0, SEEK_SET) == 0)
#  122|   		while ((c = getc (fp)) != EOF) {
#  123|   			if (putc (c, bkfp) == EOF) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def545]
shadow-4.18.0/src/vipw.c:121:13: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(file, "r")’
shadow-4.18.0/src/vipw.c:478:5: enter_function: entry to ‘main’
shadow-4.18.0/src/vipw.c:549:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/vipw.c:554:12: branch_false: ...to here
shadow-4.18.0/src/vipw.c:554:12: branch_true: following ‘true’ branch (when ‘do_vigr != 0’)...
shadow-4.18.0/src/vipw.c:556:20: branch_true: ...to here
shadow-4.18.0/src/vipw.c:556:20: branch_false: following ‘false’ branch (when ‘editshadow == 0’)...
shadow-4.18.0/src/vipw.c:564:25: branch_false: ...to here
shadow-4.18.0/src/vipw.c:564:25: call_function: calling ‘vipwedit’ from ‘main’
#  119|   
#  120|   	c = 0;
#  121|-> 	if (fseeko (fp, 0, SEEK_SET) == 0)
#  122|   		while ((c = getc (fp)) != EOF) {
#  123|   			if (putc (c, bkfp) == EOF) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def546]
shadow-4.18.0/src/vipw.c:121:13: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(backup, "w")’
shadow-4.18.0/src/vipw.c:478:5: enter_function: entry to ‘main’
shadow-4.18.0/src/vipw.c:549:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/vipw.c:554:12: branch_false: ...to here
shadow-4.18.0/src/vipw.c:554:12: branch_true: following ‘true’ branch (when ‘do_vigr != 0’)...
shadow-4.18.0/src/vipw.c:556:20: branch_true: ...to here
shadow-4.18.0/src/vipw.c:556:20: branch_false: following ‘false’ branch (when ‘editshadow == 0’)...
shadow-4.18.0/src/vipw.c:564:25: branch_false: ...to here
shadow-4.18.0/src/vipw.c:564:25: call_function: calling ‘vipwedit’ from ‘main’
#  119|   
#  120|   	c = 0;
#  121|-> 	if (fseeko (fp, 0, SEEK_SET) == 0)
#  122|   		while ((c = getc (fp)) != EOF) {
#  123|   			if (putc (c, bkfp) == EOF) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def547]
shadow-4.18.0/src/vipw.c:121:13: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(file, "r")’
shadow-4.18.0/src/vipw.c:478:5: enter_function: entry to ‘main’
shadow-4.18.0/src/vipw.c:549:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/vipw.c:554:12: branch_false: ...to here
shadow-4.18.0/src/vipw.c:554:12: branch_true: following ‘true’ branch (when ‘do_vigr != 0’)...
shadow-4.18.0/src/vipw.c:556:20: branch_true: ...to here
shadow-4.18.0/src/vipw.c:556:20: branch_false: following ‘false’ branch (when ‘editshadow == 0’)...
shadow-4.18.0/src/vipw.c:564:25: branch_false: ...to here
shadow-4.18.0/src/vipw.c:564:25: call_function: calling ‘vipwedit’ from ‘main’
#  119|   
#  120|   	c = 0;
#  121|-> 	if (fseeko (fp, 0, SEEK_SET) == 0)
#  122|   		while ((c = getc (fp)) != EOF) {
#  123|   			if (putc (c, bkfp) == EOF) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def548]
shadow-4.18.0/src/vipw.c:127:50: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(backup, "w")’
shadow-4.18.0/src/vipw.c:478:5: enter_function: entry to ‘main’
shadow-4.18.0/src/vipw.c:549:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/vipw.c:554:12: branch_false: ...to here
shadow-4.18.0/src/vipw.c:554:12: branch_true: following ‘true’ branch (when ‘do_vigr != 0’)...
shadow-4.18.0/src/vipw.c:556:20: branch_true: ...to here
shadow-4.18.0/src/vipw.c:556:20: branch_false: following ‘false’ branch (when ‘editshadow == 0’)...
shadow-4.18.0/src/vipw.c:564:25: branch_false: ...to here
shadow-4.18.0/src/vipw.c:564:25: call_function: calling ‘vipwedit’ from ‘main’
#  125|   			}
#  126|   		}
#  127|-> 	if ((EOF != c) || (ferror (fp) != 0) || (fflush (bkfp) != 0)) {
#  128|   		fclose (bkfp);
#  129|   		unlink (backup);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def549]
shadow-4.18.0/src/vipw.c:127:50: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(backup, "w")’
shadow-4.18.0/src/vipw.c:478:5: enter_function: entry to ‘main’
shadow-4.18.0/src/vipw.c:549:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/vipw.c:554:12: branch_false: ...to here
shadow-4.18.0/src/vipw.c:554:12: branch_true: following ‘true’ branch (when ‘do_vigr != 0’)...
shadow-4.18.0/src/vipw.c:556:20: branch_true: ...to here
shadow-4.18.0/src/vipw.c:556:20: branch_false: following ‘false’ branch (when ‘editshadow == 0’)...
shadow-4.18.0/src/vipw.c:564:25: branch_false: ...to here
shadow-4.18.0/src/vipw.c:564:25: call_function: calling ‘vipwedit’ from ‘main’
#  125|   			}
#  126|   		}
#  127|-> 	if ((EOF != c) || (ferror (fp) != 0) || (fflush (bkfp) != 0)) {
#  128|   		fclose (bkfp);
#  129|   		unlink (backup);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def550]
shadow-4.18.0/src/vipw.c:132:13: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(backup, "w")’
shadow-4.18.0/src/vipw.c:478:5: enter_function: entry to ‘main’
shadow-4.18.0/src/vipw.c:549:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/vipw.c:554:12: branch_false: ...to here
shadow-4.18.0/src/vipw.c:554:12: branch_true: following ‘true’ branch (when ‘do_vigr != 0’)...
shadow-4.18.0/src/vipw.c:556:20: branch_true: ...to here
shadow-4.18.0/src/vipw.c:556:20: branch_false: following ‘false’ branch (when ‘editshadow == 0’)...
shadow-4.18.0/src/vipw.c:564:25: branch_false: ...to here
shadow-4.18.0/src/vipw.c:564:25: call_function: calling ‘vipwedit’ from ‘main’
#  130|   		return -1;
#  131|   	}
#  132|-> 	if (fsync (fileno (bkfp)) != 0) {
#  133|   		(void) fclose (bkfp);
#  134|   		unlink (backup);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def551]
shadow-4.18.0/src/vipw.c:132:13: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(backup, "w")’
shadow-4.18.0/src/vipw.c:478:5: enter_function: entry to ‘main’
shadow-4.18.0/src/vipw.c:549:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/vipw.c:554:12: branch_false: ...to here
shadow-4.18.0/src/vipw.c:554:12: branch_true: following ‘true’ branch (when ‘do_vigr != 0’)...
shadow-4.18.0/src/vipw.c:556:20: branch_true: ...to here
shadow-4.18.0/src/vipw.c:556:20: branch_false: following ‘false’ branch (when ‘editshadow == 0’)...
shadow-4.18.0/src/vipw.c:564:25: branch_false: ...to here
shadow-4.18.0/src/vipw.c:564:25: call_function: calling ‘vipwedit’ from ‘main’
#  130|   		return -1;
#  131|   	}
#  132|-> 	if (fsync (fileno (bkfp)) != 0) {
#  133|   		(void) fclose (bkfp);
#  134|   		unlink (backup);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def552]
shadow-4.18.0/src/vipw.c:169:25: warning[-Wanalyzer-malloc-leak]: leak of ‘saved_locale’
shadow-4.18.0/src/vipw.c:478:5: enter_function: entry to ‘main’
shadow-4.18.0/src/vipw.c:549:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/vipw.c:554:12: branch_false: ...to here
shadow-4.18.0/src/vipw.c:554:12: branch_true: following ‘true’ branch (when ‘do_vigr != 0’)...
shadow-4.18.0/src/vipw.c:556:20: branch_true: ...to here
shadow-4.18.0/src/vipw.c:556:20: branch_false: following ‘false’ branch (when ‘editshadow == 0’)...
shadow-4.18.0/src/vipw.c:564:25: branch_false: ...to here
shadow-4.18.0/src/vipw.c:564:25: call_function: calling ‘vipwedit’ from ‘main’
#  167|   		if ((*unlock) () == 0) {
#  168|   			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, fileeditname);
#  169|-> 			SYSLOG ((LOG_ERR, "failed to unlock %s", fileeditname));
#  170|   			/* continue */
#  171|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def553]
shadow-4.18.0/src/vipw.c:279:12: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(file, "r")’
shadow-4.18.0/src/vipw.c:478:5: enter_function: entry to ‘main’
shadow-4.18.0/src/vipw.c:549:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/vipw.c:554:12: branch_false: ...to here
shadow-4.18.0/src/vipw.c:554:12: branch_true: following ‘true’ branch (when ‘do_vigr != 0’)...
shadow-4.18.0/src/vipw.c:556:20: branch_true: ...to here
shadow-4.18.0/src/vipw.c:556:20: branch_false: following ‘false’ branch (when ‘editshadow == 0’)...
shadow-4.18.0/src/vipw.c:564:25: branch_false: ...to here
shadow-4.18.0/src/vipw.c:564:25: call_function: calling ‘vipwedit’ from ‘main’
#  277|   		vipwexit (_("failed to gain privileges"), errno, 1);
#  278|   #endif				/* WITH_TCB */
#  279|-> 	if (create_backup_file (f, fileedit, &st1) != 0) {
#  280|   		vipwexit (_("Couldn't make backup"), errno, 1);
#  281|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def554]
shadow-4.18.0/src/vipw.c:279:12: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(file, "r")’
shadow-4.18.0/src/vipw.c:478:5: enter_function: entry to ‘main’
shadow-4.18.0/src/vipw.c:549:20: branch_false: following ‘false’ branch...
shadow-4.18.0/src/vipw.c:554:12: branch_false: ...to here
shadow-4.18.0/src/vipw.c:554:12: branch_true: following ‘true’ branch (when ‘do_vigr != 0’)...
shadow-4.18.0/src/vipw.c:556:20: branch_true: ...to here
shadow-4.18.0/src/vipw.c:556:20: branch_false: following ‘false’ branch (when ‘editshadow == 0’)...
shadow-4.18.0/src/vipw.c:564:25: branch_false: ...to here
shadow-4.18.0/src/vipw.c:564:25: call_function: calling ‘vipwedit’ from ‘main’
#  277|   		vipwexit (_("failed to gain privileges"), errno, 1);
#  278|   #endif				/* WITH_TCB */
#  279|-> 	if (create_backup_file (f, fileedit, &st1) != 0) {
#  280|   		vipwexit (_("Couldn't make backup"), errno, 1);
#  281|   	}

Error: COMPILER_WARNING (CWE-252): [#def555]
shadow-4.18.0/src/vipw.c: scope_hint: In function ‘vipwedit’
shadow-4.18.0/src/vipw.c:448:9: warning[-Wunused-result]: ignoring return value of ‘link’ declared with attribute ‘warn_unused_result’
#  448 |         link (file, filebackup);
#      |         ^~~~~~~~~~~~~~~~~~~~~~~
#  446|   #endif				/* WITH_TCB */
#  447|   	unlink (filebackup);
#  448|-> 	link (file, filebackup);
#  449|   	if (rename (to_rename, file) == -1) {
#  450|   		fprintf (stderr,