Error: GCC_ANALYZER_WARNING (CWE-457): [#def1] xdg-desktop-portal-1.20.3/document-portal/document-portal-fuse.c:201:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘by_app_domain’ xdg-desktop-portal-1.20.3/document-portal/document-portal-fuse.c:3582:1: enter_function: entry to ‘xdp_fuse_init’ xdg-desktop-portal-1.20.3/document-portal/document-portal-fuse.c:3597:3: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/document-portal/document-portal-fuse.c:3599:17: branch_true: ...to here xdg-desktop-portal-1.20.3/document-portal/document-portal-fuse.c:3600:16: call_function: calling ‘xdp_inode_new’ from ‘xdp_fuse_init’ xdg-desktop-portal-1.20.3/document-portal/document-portal-fuse.c:3600:16: return_function: returning to ‘xdp_fuse_init’ from ‘xdp_inode_new’ xdg-desktop-portal-1.20.3/document-portal/document-portal-fuse.c:3602:18: call_function: calling ‘xdp_inode_new’ from ‘xdp_fuse_init’ xdg-desktop-portal-1.20.3/document-portal/document-portal-fuse.c:3602:18: return_function: returning to ‘xdp_fuse_init’ from ‘xdp_inode_new’ xdg-desktop-portal-1.20.3/document-portal/document-portal-fuse.c:3585:24: call_function: inlined call to ‘glib_autoptr_cleanup_XdpDomain’ from ‘xdp_fuse_init’ xdg-desktop-portal-1.20.3/document-portal/document-portal-fuse.c:3584:24: call_function: inlined call to ‘glib_autoptr_cleanup_XdpDomain’ from ‘xdp_fuse_init’ # 199| # 200| static void xdp_domain_unref (XdpDomain *domain); # 201|-> G_DEFINE_AUTOPTR_CLEANUP_FUNC (XdpDomain, xdp_domain_unref) # 202| # 203| G_LOCK_DEFINE (domain_inodes); Error: GCC_ANALYZER_WARNING (CWE-457): [#def2] xdg-desktop-portal-1.20.3/document-portal/document-portal-fuse.c:201:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘domain’ xdg-desktop-portal-1.20.3/document-portal/document-portal-fuse.c:3778:1: enter_function: entry to ‘xdp_fuse_lookup_id_for_inode’ xdg-desktop-portal-1.20.3/document-portal/document-portal-fuse.c:3793:8: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/document-portal/document-portal-fuse.c:3796:18: branch_true: ...to here xdg-desktop-portal-1.20.3/document-portal/document-portal-fuse.c:3797:12: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/document-portal/document-portal-fuse.c:3798:22: call_function: inlined call to ‘xdp_physical_inode_ref’ from ‘xdp_fuse_lookup_id_for_inode’ xdg-desktop-portal-1.20.3/document-portal/document-portal-fuse.c:3801:3: throw: if ‘g_mutex_unlock’ throws an exception... xdg-desktop-portal-1.20.3/document-portal/document-portal-fuse.c:3783:31: call_function: inlined call to ‘glib_autoptr_cleanup_XdpPhysicalInode’ from ‘xdp_fuse_lookup_id_for_inode’ xdg-desktop-portal-1.20.3/document-portal/document-portal-fuse.c:3782:24: call_function: inlined call to ‘glib_autoptr_cleanup_XdpDomain’ from ‘xdp_fuse_lookup_id_for_inode’ # 199| # 200| static void xdp_domain_unref (XdpDomain *domain); # 201|-> G_DEFINE_AUTOPTR_CLEANUP_FUNC (XdpDomain, xdp_domain_unref) # 202| # 203| G_LOCK_DEFINE (domain_inodes); Error: GCC_ANALYZER_WARNING (CWE-476): [#def3] xdg-desktop-portal-1.20.3/document-portal/document-portal.c:1484:11: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘error’ xdg-desktop-portal-1.20.3/document-portal/document-portal.c:1464:1: enter_function: entry to ‘portal_get_host_paths’ xdg-desktop-portal-1.20.3/document-portal/document-portal.c:1476:22: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/document-portal/document-portal.c:1478:25: branch_true: ...to here xdg-desktop-portal-1.20.3/document-portal/document-portal.c:1478:25: release_memory: ‘error’ is NULL xdg-desktop-portal-1.20.3/document-portal/document-portal.c:1481:14: call_function: calling ‘get_host_path_internal’ from ‘portal_get_host_paths’ xdg-desktop-portal-1.20.3/document-portal/document-portal.c:1481:14: return_function: returning to ‘portal_get_host_paths’ from ‘get_host_path_internal’ xdg-desktop-portal-1.20.3/document-portal/document-portal.c:1482:10: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/document-portal/document-portal.c:1484:11: branch_true: ...to here xdg-desktop-portal-1.20.3/document-portal/document-portal.c:1484:11: release_memory: ‘error’ is NULL xdg-desktop-portal-1.20.3/document-portal/document-portal.c:1484:11: danger: dereference of NULL ‘error’ # 1482| if (path == NULL) # 1483| { # 1484|-> g_warning ("Failed to get host path for %s: %s", id_list[i], error->message); # 1485| continue; # 1486| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def4] xdg-desktop-portal-1.20.3/document-portal/gvdb/gvdb-builder.c:332:3: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ xdg-desktop-portal-1.20.3/document-portal/gvdb/gvdb-builder.c:504:1: enter_function: entry to ‘gvdb_table_get_content’ xdg-desktop-portal-1.20.3/document-portal/gvdb/gvdb-builder.c:514:3: call_function: calling ‘file_builder_add_hash’ from ‘gvdb_table_get_content’ # 330| # 331| #define chunk(s) (size -= (s), data += (s), data - (s)) # 332|-> memcpy (chunk (sizeof bloom_hdr), &bloom_hdr, sizeof bloom_hdr); # 333| memcpy (chunk (sizeof table_hdr), &table_hdr, sizeof table_hdr); # 334| *bloom_filter = (guint32_le *) chunk (n_bloom_words * sizeof (guint32_le)); Error: GCC_ANALYZER_WARNING (CWE-457): [#def5] xdg-desktop-portal-1.20.3/document-portal/permission-db.h:101:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘db2’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:178:1: enter_function: entry to ‘test_serialize’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:189:8: call_function: calling ‘create_test_db’ from ‘test_serialize’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:189:8: return_function: returning to ‘test_serialize’ from ‘create_test_db’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:191:3: call_function: calling ‘verify_test_db’ from ‘test_serialize’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:191:3: return_function: returning to ‘test_serialize’ from ‘verify_test_db’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:195:3: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/tests/test-permission-db.c:197:3: branch_true: ...to here xdg-desktop-portal-1.20.3/tests/test-permission-db.c:199:3: call_function: calling ‘verify_test_db’ from ‘test_serialize’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:199:3: return_function: returning to ‘test_serialize’ from ‘verify_test_db’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:201:3: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/tests/test-permission-db.c:203:11: branch_true: ...to here xdg-desktop-portal-1.20.3/tests/test-permission-db.c:217:3: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/tests/test-permission-db.c:219:11: branch_true: ...to here xdg-desktop-portal-1.20.3/tests/test-permission-db.c:184:20: call_function: calling ‘g_autoptr_cleanup_generic_gfree’ from ‘test_serialize’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:183:20: call_function: calling ‘g_autoptr_cleanup_generic_gfree’ from ‘test_serialize’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:182:20: call_function: calling ‘g_autoptr_cleanup_generic_gfree’ from ‘test_serialize’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:181:27: call_function: inlined call to ‘glib_autoptr_cleanup_PermissionDb’ from ‘test_serialize’ # 99| const char *app); # 100| # 101|-> G_DEFINE_AUTOPTR_CLEANUP_FUNC (PermissionDb, g_object_unref) # 102| G_DEFINE_AUTOPTR_CLEANUP_FUNC (PermissionDbEntry, permission_db_entry_unref) # 103| Error: GCC_ANALYZER_WARNING (CWE-457): [#def6] xdg-desktop-portal-1.20.3/document-portal/permission-db.h:101:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘db’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:178:1: enter_function: entry to ‘test_serialize’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:189:8: call_function: calling ‘create_test_db’ from ‘test_serialize’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:189:8: return_function: returning to ‘test_serialize’ from ‘create_test_db’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:191:3: call_function: calling ‘verify_test_db’ from ‘test_serialize’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:191:3: return_function: returning to ‘test_serialize’ from ‘verify_test_db’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:195:3: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/tests/test-permission-db.c:197:3: branch_true: ...to here xdg-desktop-portal-1.20.3/tests/test-permission-db.c:199:3: call_function: calling ‘verify_test_db’ from ‘test_serialize’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:199:3: return_function: returning to ‘test_serialize’ from ‘verify_test_db’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:201:3: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/tests/test-permission-db.c:203:11: branch_true: ...to here xdg-desktop-portal-1.20.3/tests/test-permission-db.c:217:3: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/tests/test-permission-db.c:219:11: branch_true: ...to here xdg-desktop-portal-1.20.3/tests/test-permission-db.c:181:27: call_function: inlined call to ‘glib_autoptr_cleanup_PermissionDb’ from ‘test_serialize’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:180:27: call_function: inlined call to ‘glib_autoptr_cleanup_PermissionDb’ from ‘test_serialize’ # 99| const char *app); # 100| # 101|-> G_DEFINE_AUTOPTR_CLEANUP_FUNC (PermissionDb, g_object_unref) # 102| G_DEFINE_AUTOPTR_CLEANUP_FUNC (PermissionDbEntry, permission_db_entry_unref) # 103| Error: GCC_ANALYZER_WARNING (CWE-457): [#def7] xdg-desktop-portal-1.20.3/document-portal/permission-db.h:102:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘entry1’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:227:1: enter_function: entry to ‘test_modify’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:233:8: call_function: calling ‘create_test_db’ from ‘test_modify’ # 100| # 101| G_DEFINE_AUTOPTR_CLEANUP_FUNC (PermissionDb, g_object_unref) # 102|-> G_DEFINE_AUTOPTR_CLEANUP_FUNC (PermissionDbEntry, permission_db_entry_unref) # 103| # 104| G_END_DECLS Error: GCC_ANALYZER_WARNING (CWE-457): [#def8] xdg-desktop-portal-1.20.3/document-portal/permission-db.h:102:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘entry2’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:227:1: enter_function: entry to ‘test_modify’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:233:8: call_function: calling ‘create_test_db’ from ‘test_modify’ # 100| # 101| G_DEFINE_AUTOPTR_CLEANUP_FUNC (PermissionDb, g_object_unref) # 102|-> G_DEFINE_AUTOPTR_CLEANUP_FUNC (PermissionDbEntry, permission_db_entry_unref) # 103| # 104| G_END_DECLS Error: GCC_ANALYZER_WARNING (CWE-457): [#def9] xdg-desktop-portal-1.20.3/document-portal/permission-db.h:102:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘entry3’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:227:1: enter_function: entry to ‘test_modify’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:233:8: call_function: calling ‘create_test_db’ from ‘test_modify’ # 100| # 101| G_DEFINE_AUTOPTR_CLEANUP_FUNC (PermissionDb, g_object_unref) # 102|-> G_DEFINE_AUTOPTR_CLEANUP_FUNC (PermissionDbEntry, permission_db_entry_unref) # 103| # 104| G_END_DECLS Error: GCC_ANALYZER_WARNING (CWE-457): [#def10] xdg-desktop-portal-1.20.3/document-portal/permission-db.h:102:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘entry4’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:227:1: enter_function: entry to ‘test_modify’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:233:8: call_function: calling ‘create_test_db’ from ‘test_modify’ # 100| # 101| G_DEFINE_AUTOPTR_CLEANUP_FUNC (PermissionDb, g_object_unref) # 102|-> G_DEFINE_AUTOPTR_CLEANUP_FUNC (PermissionDbEntry, permission_db_entry_unref) # 103| # 104| G_END_DECLS Error: GCC_ANALYZER_WARNING (CWE-457): [#def11] xdg-desktop-portal-1.20.3/document-portal/permission-db.h:102:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘entry5’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:227:1: enter_function: entry to ‘test_modify’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:233:8: call_function: calling ‘create_test_db’ from ‘test_modify’ # 100| # 101| G_DEFINE_AUTOPTR_CLEANUP_FUNC (PermissionDb, g_object_unref) # 102|-> G_DEFINE_AUTOPTR_CLEANUP_FUNC (PermissionDbEntry, permission_db_entry_unref) # 103| # 104| G_END_DECLS Error: GCC_ANALYZER_WARNING (CWE-457): [#def12] xdg-desktop-portal-1.20.3/document-portal/permission-db.h:102:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘entry6’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:227:1: enter_function: entry to ‘test_modify’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:233:8: call_function: calling ‘create_test_db’ from ‘test_modify’ # 100| # 101| G_DEFINE_AUTOPTR_CLEANUP_FUNC (PermissionDb, g_object_unref) # 102|-> G_DEFINE_AUTOPTR_CLEANUP_FUNC (PermissionDbEntry, permission_db_entry_unref) # 103| # 104| G_END_DECLS Error: GCC_ANALYZER_WARNING (CWE-457): [#def13] xdg-desktop-portal-1.20.3/document-portal/permission-db.h:102:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘entry7’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:227:1: enter_function: entry to ‘test_modify’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:233:8: call_function: calling ‘create_test_db’ from ‘test_modify’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:233:8: return_function: returning to ‘test_modify’ from ‘create_test_db’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:278:5: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/tests/test-permission-db.c:279:5: branch_true: ...to here xdg-desktop-portal-1.20.3/tests/test-permission-db.c:279:5: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/tests/test-permission-db.c:280:5: branch_true: ...to here xdg-desktop-portal-1.20.3/tests/test-permission-db.c:280:5: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/tests/test-permission-db.c:281:5: branch_true: ...to here xdg-desktop-portal-1.20.3/tests/test-permission-db.c:281:5: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/tests/test-permission-db.c:283:14: branch_true: ...to here xdg-desktop-portal-1.20.3/tests/test-permission-db.c:285:5: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/tests/test-permission-db.c:287:14: branch_true: ...to here xdg-desktop-portal-1.20.3/tests/test-permission-db.c:289:5: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/tests/test-permission-db.c:290:5: branch_true: ...to here xdg-desktop-portal-1.20.3/tests/test-permission-db.c:290:5: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/tests/test-permission-db.c:291:5: branch_true: ...to here xdg-desktop-portal-1.20.3/tests/test-permission-db.c:291:5: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/tests/test-permission-db.c:292:5: branch_true: ...to here xdg-desktop-portal-1.20.3/tests/test-permission-db.c:292:5: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/tests/test-permission-db.c:294:13: branch_true: ...to here xdg-desktop-portal-1.20.3/tests/test-permission-db.c:296:5: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/tests/test-permission-db.c:298:13: branch_true: ...to here xdg-desktop-portal-1.20.3/tests/test-permission-db.c:300:5: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/tests/test-permission-db.c:301:5: branch_true: ...to here xdg-desktop-portal-1.20.3/tests/test-permission-db.c:301:5: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/tests/test-permission-db.c:302:5: branch_true: ...to here xdg-desktop-portal-1.20.3/tests/test-permission-db.c:302:5: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/tests/test-permission-db.c:303:5: branch_true: ...to here xdg-desktop-portal-1.20.3/tests/test-permission-db.c:303:5: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/tests/test-permission-db.c:274:29: branch_true: ...to here xdg-desktop-portal-1.20.3/tests/test-permission-db.c:270:29: call_function: calling ‘g_autoptr_cleanup_generic_gfree’ from ‘test_modify’ xdg-desktop-portal-1.20.3/tests/test-permission-db.c:269:34: call_function: inlined call to ‘glib_autoptr_cleanup_PermissionDbEntry’ from ‘test_modify’ # 100| # 101| G_DEFINE_AUTOPTR_CLEANUP_FUNC (PermissionDb, g_object_unref) # 102|-> G_DEFINE_AUTOPTR_CLEANUP_FUNC (PermissionDbEntry, permission_db_entry_unref) # 103| # 104| G_END_DECLS Error: GCC_ANALYZER_WARNING (CWE-457): [#def14] xdg-desktop-portal-1.20.3/document-portal/permission-db.h:102:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘entry’ xdg-desktop-portal-1.20.3/document-portal/xdg-permission-store.c:329:1: enter_function: entry to ‘handle_get_permission’ xdg-desktop-portal-1.20.3/document-portal/xdg-permission-store.c:340:11: call_function: calling ‘lookup_table’ from ‘handle_get_permission’ xdg-desktop-portal-1.20.3/document-portal/xdg-permission-store.c:338:27: call_function: calling ‘g_autoptr_cleanup_generic_gfree’ from ‘handle_get_permission’ xdg-desktop-portal-1.20.3/document-portal/xdg-permission-store.c:337:32: call_function: inlined call to ‘glib_autoptr_cleanup_PermissionDbEntry’ from ‘handle_get_permission’ # 100| # 101| G_DEFINE_AUTOPTR_CLEANUP_FUNC (PermissionDb, g_object_unref) # 102|-> G_DEFINE_AUTOPTR_CLEANUP_FUNC (PermissionDbEntry, permission_db_entry_unref) # 103| # 104| G_END_DECLS Error: GCC_ANALYZER_WARNING (CWE-457): [#def15] xdg-desktop-portal-1.20.3/document-portal/permission-db.h:102:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘new_entry’ xdg-desktop-portal-1.20.3/document-portal/xdg-permission-store.c:361:1: enter_function: entry to ‘handle_set’ xdg-desktop-portal-1.20.3/document-portal/xdg-permission-store.c:377:11: call_function: calling ‘lookup_table’ from ‘handle_set’ xdg-desktop-portal-1.20.3/document-portal/xdg-permission-store.c:377:11: return_function: returning to ‘handle_set’ from ‘lookup_table’ xdg-desktop-portal-1.20.3/document-portal/xdg-permission-store.c:378:6: branch_false: following ‘false’ branch... xdg-desktop-portal-1.20.3/document-portal/xdg-permission-store.c:381:15: branch_false: ...to here xdg-desktop-portal-1.20.3/document-portal/xdg-permission-store.c:395:3: throw: if ‘g_variant_iter_init’ throws an exception... xdg-desktop-portal-1.20.3/document-portal/xdg-permission-store.c:375:32: call_function: inlined call to ‘glib_autoptr_cleanup_PermissionDbEntry’ from ‘handle_set’ # 100| # 101| G_DEFINE_AUTOPTR_CLEANUP_FUNC (PermissionDb, g_object_unref) # 102|-> G_DEFINE_AUTOPTR_CLEANUP_FUNC (PermissionDbEntry, permission_db_entry_unref) # 103| # 104| G_END_DECLS Error: GCC_ANALYZER_WARNING (CWE-457): [#def16] xdg-desktop-portal-1.20.3/document-portal/permission-db.h:102:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘old_entry’ xdg-desktop-portal-1.20.3/document-portal/xdg-permission-store.c:361:1: enter_function: entry to ‘handle_set’ xdg-desktop-portal-1.20.3/document-portal/xdg-permission-store.c:377:11: call_function: calling ‘lookup_table’ from ‘handle_set’ xdg-desktop-portal-1.20.3/document-portal/xdg-permission-store.c:377:11: return_function: returning to ‘handle_set’ from ‘lookup_table’ xdg-desktop-portal-1.20.3/document-portal/xdg-permission-store.c:378:6: branch_false: following ‘false’ branch... xdg-desktop-portal-1.20.3/document-portal/xdg-permission-store.c:381:15: branch_false: ...to here xdg-desktop-portal-1.20.3/document-portal/xdg-permission-store.c:396:10: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/document-portal/xdg-permission-store.c:402:7: branch_true: ...to here xdg-desktop-portal-1.20.3/document-portal/xdg-permission-store.c:402:7: throw: if ‘g_variant_get’ throws an exception... xdg-desktop-portal-1.20.3/document-portal/xdg-permission-store.c:400:31: call_function: calling ‘g_autoptr_cleanup_generic_gfree’ from ‘handle_set’ xdg-desktop-portal-1.20.3/document-portal/xdg-permission-store.c:398:36: call_function: inlined call to ‘glib_autoptr_cleanup_PermissionDbEntry’ from ‘handle_set’ # 100| # 101| G_DEFINE_AUTOPTR_CLEANUP_FUNC (PermissionDb, g_object_unref) # 102|-> G_DEFINE_AUTOPTR_CLEANUP_FUNC (PermissionDbEntry, permission_db_entry_unref) # 103| # 104| G_END_DECLS Error: GCC_ANALYZER_WARNING (CWE-457): [#def17] xdg-desktop-portal-1.20.3/redhat-linux-build/src/xdp-impl-dbus.h:4750:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘impl_request’ xdg-desktop-portal-1.20.3/src/print.c:257:1: enter_function: entry to ‘handle_prepare_print’ xdg-desktop-portal-1.20.3/src/print.c:272:7: throw: if ‘xdp_dbus_impl_lockdown_get_disable_printing’ throws an exception... xdg-desktop-portal-1.20.3/src/print.c:269:27: call_function: inlined call to ‘glib_auto_cleanup_GVariantBuilder’ from ‘handle_prepare_print’ xdg-desktop-portal-1.20.3/src/print.c:268:33: call_function: inlined call to ‘glib_autoptr_cleanup_XdpDbusImplRequest’ from ‘handle_prepare_print’ # 4748| # 4749| #if GLIB_CHECK_VERSION(2, 44, 0) # 4750|-> G_DEFINE_AUTOPTR_CLEANUP_FUNC (XdpDbusImplRequest, g_object_unref) # 4751| #endif # 4752| Error: GCC_ANALYZER_WARNING (CWE-476): [#def18] xdg-desktop-portal-1.20.3/src/account.c:106:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘error’ xdg-desktop-portal-1.20.3/src/account.c:67:1: enter_function: entry to ‘send_response_in_thread_func’ xdg-desktop-portal-1.20.3/src/account.c:81:3: call_function: inlined call to ‘auto_lock_helper’ from ‘send_response_in_thread_func’ xdg-desktop-portal-1.20.3/src/account.c:86:6: branch_false: following ‘false’ branch (when ‘response == 0’)... xdg-desktop-portal-1.20.3/src/account.c:89:9: branch_false: ...to here xdg-desktop-portal-1.20.3/src/account.c:95:6: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/src/account.c:97:24: branch_true: ...to here xdg-desktop-portal-1.20.3/src/account.c:98:25: release_memory: ‘error’ is NULL xdg-desktop-portal-1.20.3/src/account.c:100:10: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/src/account.c:101:16: branch_true: ...to here xdg-desktop-portal-1.20.3/src/account.c:105:10: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/src/account.c:106:9: branch_true: ...to here xdg-desktop-portal-1.20.3/src/account.c:106:9: release_memory: ‘error’ is NULL xdg-desktop-portal-1.20.3/src/account.c:106:9: danger: dereference of NULL ‘error’ # 104| # 105| if (ruri == NULL) # 106|-> g_warning ("Failed to register %s: %s", image, error->message); # 107| else # 108| { Error: GCC_ANALYZER_WARNING (CWE-476): [#def19] xdg-desktop-portal-1.20.3/src/file-chooser.c:136:15: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘error’ xdg-desktop-portal-1.20.3/src/file-chooser.c:70:1: enter_function: entry to ‘send_response_in_thread_func’ xdg-desktop-portal-1.20.3/src/file-chooser.c:88:3: call_function: inlined call to ‘auto_lock_helper’ from ‘send_response_in_thread_func’ xdg-desktop-portal-1.20.3/src/file-chooser.c:97:6: branch_false: following ‘false’ branch (when ‘response == 0’)... xdg-desktop-portal-1.20.3/src/file-chooser.c:100:14: branch_false: ...to here xdg-desktop-portal-1.20.3/src/file-chooser.c:112:6: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/src/file-chooser.c:112:6: branch_true: ...to here xdg-desktop-portal-1.20.3/src/file-chooser.c:116:19: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/src/file-chooser.c:119:29: release_memory: ‘error’ is NULL xdg-desktop-portal-1.20.3/src/file-chooser.c:121:11: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/src/file-chooser.c:123:16: branch_true: ...to here xdg-desktop-portal-1.20.3/src/file-chooser.c:123:16: branch_true: following ‘true’ branch (when ‘__str_len > 6’)... xdg-desktop-portal-1.20.3/src/file-chooser.c:123:16: branch_true: ...to here xdg-desktop-portal-1.20.3/src/file-chooser.c:123:14: branch_false: following ‘false’ branch... xdg-desktop-portal-1.20.3/src/file-chooser.c:129:15: branch_false: ...to here xdg-desktop-portal-1.20.3/src/file-chooser.c:129:14: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/src/file-chooser.c:130:20: branch_true: ...to here xdg-desktop-portal-1.20.3/src/file-chooser.c:134:14: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/src/file-chooser.c:136:15: branch_true: ...to here xdg-desktop-portal-1.20.3/src/file-chooser.c:136:15: release_memory: ‘error’ is NULL xdg-desktop-portal-1.20.3/src/file-chooser.c:136:15: danger: dereference of NULL ‘error’ # 134| if (ruri == NULL) # 135| { # 136|-> g_warning ("Failed to register %s: %s", uris[i], error->message); # 137| continue; # 138| } Error: COMPILER_WARNING (CWE-704): [#def20] xdg-desktop-portal-1.20.3/src/file-chooser.c: scope_hint: In function ‘looks_like_document_portal_path’ xdg-desktop-portal-1.20.3/src/file-chooser.c:172:5: warning[-Wdiscarded-qualifiers]: assignment discards ‘const’ qualifier from pointer target type # 172 | p = strstr (path, "/doc/"); # | ^ # 170| return FALSE; # 171| # 172|-> p = strstr (path, "/doc/"); # 173| if (!p) # 174| return FALSE; Error: COMPILER_WARNING (CWE-704): [#def21] xdg-desktop-portal-1.20.3/src/file-chooser.c:172:5: warning[-Wdiscarded-qualifiers]: assignment discards ‘const’ qualifier from pointer target type # 170| return FALSE; # 171| # 172|-> p = strstr (path, "/doc/"); # 173| if (!p) # 174| return FALSE; Error: GCC_ANALYZER_WARNING (CWE-476): [#def22] xdg-desktop-portal-1.20.3/src/screenshot.c:131:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘error’ xdg-desktop-portal-1.20.3/src/screenshot.c:92:1: enter_function: entry to ‘send_response_in_thread_func’ xdg-desktop-portal-1.20.3/src/screenshot.c:102:21: release_memory: ‘error’ is NULL xdg-desktop-portal-1.20.3/src/screenshot.c:105:3: call_function: inlined call to ‘auto_lock_helper’ from ‘send_response_in_thread_func’ xdg-desktop-portal-1.20.3/src/screenshot.c:110:6: branch_false: following ‘false’ branch (when ‘response == 0’)... xdg-desktop-portal-1.20.3/src/screenshot.c:113:12: branch_false: ...to here xdg-desktop-portal-1.20.3/src/screenshot.c:114:6: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/src/screenshot.c:117:24: branch_true: ...to here xdg-desktop-portal-1.20.3/src/screenshot.c:119:10: branch_false: following ‘false’ branch... xdg-desktop-portal-1.20.3/src/screenshot.c:125:11: branch_false: ...to here xdg-desktop-portal-1.20.3/src/screenshot.c:125:10: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/src/screenshot.c:126:16: branch_true: ...to here xdg-desktop-portal-1.20.3/src/screenshot.c:130:10: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/src/screenshot.c:131:9: branch_true: ...to here xdg-desktop-portal-1.20.3/src/screenshot.c:131:9: release_memory: ‘error’ is NULL xdg-desktop-portal-1.20.3/src/screenshot.c:131:9: danger: dereference of NULL ‘error’ # 129| # 130| if (ruri == NULL) # 131|-> g_warning ("Failed to register %s: %s", uri, error->message); # 132| else # 133| g_variant_builder_add (&results, "{&sv}", "uri", g_variant_new_string (ruri)); Error: GCC_ANALYZER_WARNING (CWE-457): [#def23] xdg-desktop-portal-1.20.3/src/settings.c:59:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘settings’ xdg-desktop-portal-1.20.3/src/settings.c:275:1: enter_function: entry to ‘settings_create’ xdg-desktop-portal-1.20.3/src/settings.c:284:11: throw: if ‘g_malloc_n’ throws an exception... xdg-desktop-portal-1.20.3/src/settings.c:279:21: call_function: inlined call to ‘glib_autoptr_cleanup_GError’ from ‘settings_create’ xdg-desktop-portal-1.20.3/src/settings.c:278:23: call_function: inlined call to ‘glib_autoptr_cleanup_Settings’ from ‘settings_create’ # 57| settings_iface_init)); # 58| # 59|-> G_DEFINE_AUTOPTR_CLEANUP_FUNC (Settings, g_object_unref) # 60| # 61| static void Error: GCC_ANALYZER_WARNING (CWE-457): [#def24] xdg-desktop-portal-1.20.3/src/usb.c:132:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘access_data’ xdg-desktop-portal-1.20.3/src/usb.c:945:1: enter_function: entry to ‘usb_acquire_devices_cb’ xdg-desktop-portal-1.20.3/src/usb.c:959:3: call_function: inlined call to ‘auto_lock_helper’ from ‘usb_acquire_devices_cb’ xdg-desktop-portal-1.20.3/src/usb.c:962:17: call_function: calling ‘usb_sender_info_from_request’ from ‘usb_acquire_devices_cb’ xdg-desktop-portal-1.20.3/src/usb.c:962:17: return_function: returning to ‘usb_acquire_devices_cb’ from ‘usb_sender_info_from_request’ xdg-desktop-portal-1.20.3/src/usb.c:964:3: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/src/usb.c:966:3: branch_true: ...to here xdg-desktop-portal-1.20.3/src/usb.c:968:6: branch_false: following ‘false’ branch... xdg-desktop-portal-1.20.3/src/usb.c:980:8: branch_false: ...to here xdg-desktop-portal-1.20.3/src/usb.c:980:6: branch_false: following ‘false’ branch... xdg-desktop-portal-1.20.3/src/usb.c:983:7: branch_false: ...to here xdg-desktop-portal-1.20.3/src/usb.c:983:6: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/src/usb.c:986:31: branch_true: ...to here xdg-desktop-portal-1.20.3/src/usb.c:988:14: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/src/usb.c:994:20: branch_true: ...to here xdg-desktop-portal-1.20.3/src/usb.c:994:20: throw: if ‘g_hash_table_lookup’ throws an exception... xdg-desktop-portal-1.20.3/src/usb.c:990:43: call_function: inlined call to ‘glib_autoptr_cleanup_UsbDeviceAcquireData’ from ‘usb_acquire_devices_cb’ # 130| # 131| static void usb_device_acquire_data_free (UsbDeviceAcquireData *acquire_data); # 132|-> G_DEFINE_AUTOPTR_CLEANUP_FUNC (UsbDeviceAcquireData, usb_device_acquire_data_free) # 133| # 134| static void usb_owned_device_unref (UsbOwnedDevice *owned_device); Error: GCC_ANALYZER_WARNING (CWE-457): [#def25] xdg-desktop-portal-1.20.3/src/usb.c:138:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘sender_info’ xdg-desktop-portal-1.20.3/src/usb.c:861:1: enter_function: entry to ‘list_permitted_devices’ xdg-desktop-portal-1.20.3/src/usb.c:870:17: call_function: calling ‘usb_sender_info_from_call’ from ‘list_permitted_devices’ # 136| # 137| static void usb_sender_info_unref (UsbSenderInfo *sender_info); # 138|-> G_DEFINE_AUTOPTR_CLEANUP_FUNC (UsbSenderInfo, usb_sender_info_unref) # 139| # 140| static gboolean Error: GCC_ANALYZER_WARNING (CWE-476): [#def26] xdg-desktop-portal-1.20.3/src/usb.c:1264:21: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ xdg-desktop-portal-1.20.3/src/usb.c:1242:1: enter_function: entry to ‘handle_finish_acquire_devices’ xdg-desktop-portal-1.20.3/src/usb.c:1262:17: call_function: calling ‘usb_sender_info_from_call’ from ‘handle_finish_acquire_devices’ xdg-desktop-portal-1.20.3/src/usb.c:1262:17: return_function: returning to ‘handle_finish_acquire_devices’ from ‘usb_sender_info_from_call’ xdg-desktop-portal-1.20.3/src/usb.c:1264:21: danger: dereference of NULL ‘usb_sender_info_from_call(object, xdp_call_from_invocation(invocation))’ # 1262| sender_info = usb_sender_info_from_call (self, call); # 1263| # 1264|-> pending_devices = g_hash_table_lookup (sender_info->pending_devices, object_path); # 1265| if (pending_devices == NULL) # 1266| { Error: GCC_ANALYZER_WARNING (CWE-404): [#def27] xdg-desktop-portal-1.20.3/src/validate-icon.c:220:5: warning[-Wanalyzer-va-list-leak]: missing call to ‘va_end’ xdg-desktop-portal-1.20.3/src/validate-icon.c:213:1: enter_function: entry to ‘add_args’ xdg-desktop-portal-1.20.3/src/validate-icon.c:218:3: acquire_resource: ‘va_start’ called here xdg-desktop-portal-1.20.3/src/validate-icon.c:219:10: branch_true: following ‘true’ branch (when ‘arg’ is non-NULL)... xdg-desktop-portal-1.20.3/src/validate-icon.c:220:34: call_function: inlined call to ‘g_strdup_inline’ from ‘add_args’ xdg-desktop-portal-1.20.3/src/validate-icon.c:220:5: throw: if ‘g_ptr_array_add’ throws an exception... xdg-desktop-portal-1.20.3/src/validate-icon.c:220:5: danger: missing call to ‘va_end’ to match ‘va_start’ at [(2)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/1) # 218| va_start (args, argv_array); # 219| while ((arg = va_arg (args, const gchar *))) # 220|-> g_ptr_array_add (argv_array, g_strdup (arg)); # 221| va_end (args); # 222| } Error: GCC_ANALYZER_WARNING (CWE-404): [#def28] xdg-desktop-portal-1.20.3/src/validate-sound.c:200:5: warning[-Wanalyzer-va-list-leak]: missing call to ‘va_end’ xdg-desktop-portal-1.20.3/src/validate-sound.c:193:1: enter_function: entry to ‘add_args’ xdg-desktop-portal-1.20.3/src/validate-sound.c:198:3: acquire_resource: ‘va_start’ called here xdg-desktop-portal-1.20.3/src/validate-sound.c:199:10: branch_true: following ‘true’ branch (when ‘arg’ is non-NULL)... xdg-desktop-portal-1.20.3/src/validate-sound.c:200:34: call_function: inlined call to ‘g_strdup_inline’ from ‘add_args’ xdg-desktop-portal-1.20.3/src/validate-sound.c:200:5: throw: if ‘g_ptr_array_add’ throws an exception... xdg-desktop-portal-1.20.3/src/validate-sound.c:200:5: danger: missing call to ‘va_end’ to match ‘va_start’ at [(2)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/1) # 198| va_start (args, argv_array); # 199| while ((arg = va_arg (args, const gchar *))) # 200|-> g_ptr_array_add (argv_array, g_strdup (arg)); # 201| va_end (args); # 202| } Error: COMPILER_WARNING (CWE-126): [#def29] xdg-desktop-portal-1.20.3/src/xdp-app-info-flatpak.c: scope_hint: In function ‘xdp_app_info_flatpak_remap_path’ xdg-desktop-portal-1.20.3/src/xdp-app-info-flatpak.c:224:12: warning[-Wstringop-overread]: ‘strlen’ reading 1 or more bytes from a region of size 0 # 224 | else if (g_str_has_prefix (path, "/run/host/usr/")) # | ^ lto1: note: source object is likely at address zero # 222| else if (runtime_path != NULL && g_str_has_prefix (path, "/usr/")) # 223| return g_build_filename (runtime_path, path + strlen ("/usr/"), NULL); # 224|-> else if (g_str_has_prefix (path, "/run/host/usr/")) # 225| return g_build_filename ("/usr", path + strlen ("/run/host/usr/"), NULL); # 226| else if (g_str_has_prefix (path, "/run/host/etc/")) Error: COMPILER_WARNING (CWE-126): [#def30] xdg-desktop-portal-1.20.3/src/xdp-app-info-flatpak.c:224:12: warning[-Wstringop-overread]: ‘strlen’ reading 1 or more bytes from a region of size 0 #source object is likely at address zero # 222| else if (runtime_path != NULL && g_str_has_prefix (path, "/usr/")) # 223| return g_build_filename (runtime_path, path + strlen ("/usr/"), NULL); # 224|-> else if (g_str_has_prefix (path, "/run/host/usr/")) # 225| return g_build_filename ("/usr", path + strlen ("/run/host/usr/"), NULL); # 226| else if (g_str_has_prefix (path, "/run/host/etc/")) Error: GCC_ANALYZER_WARNING (CWE-457): [#def31] xdg-desktop-portal-1.20.3/src/xdp-app-info.h:43:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘app_info’ xdg-desktop-portal-1.20.3/src/registry.c:58:1: enter_function: entry to ‘handle_register’ xdg-desktop-portal-1.20.3/src/registry.c:66:14: throw: if ‘xdp_invocation_register_host_app_info_sync’ throws an exception... xdg-desktop-portal-1.20.3/src/registry.c:64:21: call_function: inlined call to ‘glib_autoptr_cleanup_GError’ from ‘handle_register’ xdg-desktop-portal-1.20.3/src/registry.c:63:25: call_function: inlined call to ‘glib_autoptr_cleanup_XdpAppInfo’ from ‘handle_register’ # 41| # 42| #define XDP_TYPE_APP_INFO (xdp_app_info_get_type()) # 43|-> G_DECLARE_DERIVABLE_TYPE (XdpAppInfo, # 44| xdp_app_info, # 45| XDP, APP_INFO, Error: GCC_ANALYZER_WARNING (CWE-457): [#def32] xdg-desktop-portal-1.20.3/src/xdp-app-launch-context.h:29:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘xdp_launch_context’ xdg-desktop-portal-1.20.3/src/dynamic-launcher.c:958:1: enter_function: entry to ‘handle_launch’ xdg-desktop-portal-1.20.3/src/dynamic-launcher.c:972:8: call_function: calling ‘validate_desktop_file_id’ from ‘handle_launch’ xdg-desktop-portal-1.20.3/src/dynamic-launcher.c:968:34: call_function: inlined call to ‘glib_autoptr_cleanup_XdpAppLaunchContext’ from ‘handle_launch’ # 27| # 28| #define XDP_TYPE_APP_LAUNCH_CONTEXT (xdp_app_launch_context_get_type()) # 29|-> G_DECLARE_FINAL_TYPE (XdpAppLaunchContext, # 30| xdp_app_launch_context, # 31| XDP, APP_LAUNCH_CONTEXT, Error: GCC_ANALYZER_WARNING (CWE-457): [#def33] xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:83:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘default_portal’ xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:412:1: enter_function: entry to ‘load_portal_configuration_for_dir’ xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:424:6: branch_false: following ‘false’ branch... xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:427:12: branch_false: ...to here xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:429:6: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:435:23: branch_true: ...to here xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:438:26: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:440:50: branch_true: ...to here xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:444:14: branch_false: following ‘false’ branch... xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:450:14: branch_false: ...to here xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:450:14: branch_true: following ‘true’ branch (when ‘opt_verbose != 0’)... xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:452:44: branch_true: ...to here xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:456:14: branch_true: following ‘true’ branch (when the strings are equal)... xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:458:18: branch_true: ...to here xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:458:18: branch_true: following ‘true’ branch (when ‘default_portal’ is NULL)... xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:438:45: branch_true: ...to here xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:438:26: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:440:50: branch_true: ...to here xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:432:31: call_function: inlined call to ‘glib_autoptr_cleanup_PortalConfig’ from ‘load_portal_configuration_for_dir’ xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:431:34: call_function: inlined call to ‘glib_autoptr_cleanup_PortalInterface’ from ‘load_portal_configuration_for_dir’ # 81| # 82| G_DEFINE_AUTOPTR_CLEANUP_FUNC(XdpPortalImplementation, portal_implementation_free) # 83|-> G_DEFINE_AUTOPTR_CLEANUP_FUNC(PortalInterface, portal_interface_free) # 84| G_DEFINE_AUTOPTR_CLEANUP_FUNC(PortalConfig, portal_config_free) # 85| Error: GCC_ANALYZER_WARNING (CWE-457): [#def34] xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:83:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘interface’ xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:412:1: enter_function: entry to ‘load_portal_configuration_for_dir’ xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:424:6: branch_false: following ‘false’ branch... xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:427:12: branch_false: ...to here xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:429:6: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:435:23: branch_true: ...to here xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:438:26: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:440:50: branch_true: ...to here xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:442:34: call_function: inlined call to ‘g_strdup_inline’ from ‘load_portal_configuration_for_dir’ xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:440:38: call_function: inlined call to ‘glib_autoptr_cleanup_PortalInterface’ from ‘load_portal_configuration_for_dir’ # 81| # 82| G_DEFINE_AUTOPTR_CLEANUP_FUNC(XdpPortalImplementation, portal_implementation_free) # 83|-> G_DEFINE_AUTOPTR_CLEANUP_FUNC(PortalInterface, portal_interface_free) # 84| G_DEFINE_AUTOPTR_CLEANUP_FUNC(PortalConfig, portal_config_free) # 85| Error: GCC_ANALYZER_WARNING (CWE-457): [#def35] xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:84:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘conf’ xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:489:22: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:491:39: branch_true: ...to here xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:491:39: throw: if ‘g_strdup_printf’ throws an exception... xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:487:27: call_function: inlined call to ‘glib_autoptr_cleanup_PortalConfig’ from ‘load_config_directory’ # 82| G_DEFINE_AUTOPTR_CLEANUP_FUNC(XdpPortalImplementation, portal_implementation_free) # 83| G_DEFINE_AUTOPTR_CLEANUP_FUNC(PortalInterface, portal_interface_free) # 84|-> G_DEFINE_AUTOPTR_CLEANUP_FUNC(PortalConfig, portal_config_free) # 85| # 86| /* Validation code taken from gdesktopappinfo.c {{{ */ Error: GCC_ANALYZER_WARNING (CWE-457): [#def36] xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:84:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘portal_config’ xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:424:6: branch_false: following ‘false’ branch... xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:427:12: branch_false: ...to here xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:429:6: branch_true: following ‘true’ branch... xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:435:23: branch_true: ...to here xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:435:23: throw: if ‘g_malloc0’ throws an exception... xdg-desktop-portal-1.20.3/src/xdp-portal-impl.c:432:31: call_function: inlined call to ‘glib_autoptr_cleanup_PortalConfig’ from ‘load_portal_configuration_for_dir’ # 82| G_DEFINE_AUTOPTR_CLEANUP_FUNC(XdpPortalImplementation, portal_implementation_free) # 83| G_DEFINE_AUTOPTR_CLEANUP_FUNC(PortalInterface, portal_interface_free) # 84|-> G_DEFINE_AUTOPTR_CLEANUP_FUNC(PortalConfig, portal_config_free) # 85| # 86| /* Validation code taken from gdesktopappinfo.c {{{ */ Error: GCC_ANALYZER_WARNING (CWE-476): [#def37] xdg-desktop-portal-1.20.3/src/xdp-request.c:222:15: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘sender’ xdg-desktop-portal-1.20.3/src/xdp-request.c:204:1: enter_function: entry to ‘xdp_request_init_invocation’ xdg-desktop-portal-1.20.3/src/xdp-request.c:211:20: release_memory: ‘sender’ is NULL xdg-desktop-portal-1.20.3/src/xdp-request.c:220:11: call_function: calling ‘get_token’ from ‘xdp_request_init_invocation’ xdg-desktop-portal-1.20.3/src/xdp-request.c:220:11: return_function: returning to ‘xdp_request_init_invocation’ from ‘get_token’ xdg-desktop-portal-1.20.3/src/xdp-request.c:221:3: release_memory: ‘sender’ is NULL xdg-desktop-portal-1.20.3/src/xdp-request.c:222:15: danger: dereference of NULL ‘<unknown> + (sizetype)i’ # 220| token = get_token (invocation); # 221| sender = g_strdup (request->sender + 1); # 222|-> for (i = 0; sender[i]; i++) # 223| if (sender[i] == '.') # 224| sender[i] = '_'; Error: GCC_ANALYZER_WARNING (CWE-457): [#def38] xdg-desktop-portal-1.20.3/src/xdp-sealed-fd.h:25:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘sealed_sound’ xdg-desktop-portal-1.20.3/src/notification.c:745:1: enter_function: entry to ‘parse_serialized_sound’ xdg-desktop-portal-1.20.3/src/notification.c:754:6: branch_false: following ‘false’ branch... xdg-desktop-portal-1.20.3/src/notification.c:773:8: branch_false: ...to here xdg-desktop-portal-1.20.3/src/notification.c:773:6: branch_false: following ‘false’ branch... xdg-desktop-portal-1.20.3/src/notification.c:776:3: branch_false: ...to here xdg-desktop-portal-1.20.3/src/notification.c:778:6: branch_true: following ‘true’ branch (when the strings are equal)... xdg-desktop-portal-1.20.3/src/notification.c:780:25: branch_true: ...to here xdg-desktop-portal-1.20.3/src/notification.c:784:12: call_function: calling ‘check_value_type’ from ‘parse_serialized_sound’ xdg-desktop-portal-1.20.3/src/notification.c:781:30: call_function: inlined call to ‘glib_autoptr_cleanup_XdpSealedFd’ from ‘parse_serialized_sound’ # 23| # 24| #define XDP_TYPE_SEALED_FD (xdp_sealed_fd_get_type()) # 25|-> G_DECLARE_FINAL_TYPE (XdpSealedFd, # 26| xdp_sealed_fd, # 27| XDP, SEALED_FD, Error: GCC_ANALYZER_WARNING (CWE-476): [#def39] xdg-desktop-portal-1.20.3/src/xdp-session.c:343:15: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘sender_escaped’ xdg-desktop-portal-1.20.3/src/xdp-session.c:332:1: enter_function: entry to ‘xdp_session_initable_init’ xdg-desktop-portal-1.20.3/src/xdp-session.c:337:20: release_memory: ‘sender_escaped’ is NULL xdg-desktop-portal-1.20.3/src/xdp-session.c:338:20: release_memory: ‘sender_escaped’ is NULL xdg-desktop-portal-1.20.3/src/xdp-session.c:343:15: danger: dereference of NULL ‘<unknown> + (sizetype)i’ # 341| # 342| sender_escaped = g_strdup (session->sender + 1); # 343|-> for (i = 0; sender_escaped[i]; i++) # 344| { # 345| if (sender_escaped[i] == '.') Error: GCC_ANALYZER_WARNING (CWE-457): [#def40] xdg-desktop-portal-1.20.3/src/xdp-usb-query.c:33:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘usb_rule’ xdg-desktop-portal-1.20.3/src/xdp-usb-query.c:149:11: throw: if ‘g_strsplit’ throws an exception... xdg-desktop-portal-1.20.3/src/xdp-usb-query.c:145:25: call_function: inlined call to ‘glib_autoptr_cleanup_XdpUsbRule’ from ‘xdp_usb_rule_from_string’ # 31| } # 32| # 33|-> G_DEFINE_AUTOPTR_CLEANUP_FUNC (XdpUsbRule, xdp_usb_rule_free); # 34| # 35| gboolean Error: GCC_ANALYZER_WARNING (CWE-457): [#def41] xdg-desktop-portal-1.20.3/src/xdp-usb-query.h:84:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘usb_query’ xdg-desktop-portal-1.20.3/src/xdp-usb-query.c:190:11: throw: if ‘g_strsplit’ throws an exception... xdg-desktop-portal-1.20.3/src/xdp-usb-query.c:187:26: call_function: inlined call to ‘glib_autoptr_cleanup_XdpUsbQuery’ from ‘xdp_usb_query_from_string’ # 82| const char *string); # 83| # 84|-> G_DEFINE_AUTOPTR_CLEANUP_FUNC (XdpUsbQuery, xdp_usb_query_free); # 85| # 86| gboolean Error: GCC_ANALYZER_WARNING (CWE-401): [#def42] xdg-desktop-portal-1.20.3/src/xdp-utils.c:1072:9: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(proc_dir)’ xdg-desktop-portal-1.20.3/src/xdp-utils.c:1151:1: enter_function: entry to ‘map_pids_proc’ xdg-desktop-portal-1.20.3/src/xdp-utils.c:1164:10: acquire_memory: allocated here xdg-desktop-portal-1.20.3/src/xdp-utils.c:1165:6: branch_false: following ‘false’ branch... xdg-desktop-portal-1.20.3/src/xdp-utils.c:1172:9: branch_false: ...to here xdg-desktop-portal-1.20.3/src/xdp-utils.c:1174:8: call_function: calling ‘xdp_map_pids_full’ from ‘map_pids_proc’ # 1070| guint count = 0; # 1071| # 1072|-> res = g_alloca (sizeof (pid_t) * n_pids); # 1073| memset (res, 0, sizeof (pid_t) * n_pids); # 1074| Error: GCC_ANALYZER_WARNING (CWE-401): [#def43] xdg-desktop-portal-1.20.3/tests/test-xdp-utils.c:23:9: warning[-Wanalyzer-malloc-leak]: leak of ‘f’ xdg-desktop-portal-1.20.3/tests/test-xdp-utils.c:21:7: acquire_memory: allocated here xdg-desktop-portal-1.20.3/tests/test-xdp-utils.c:23:9: throw: if ‘_xdp_app_info_snap_parse_cgroup_file’ throws an exception... xdg-desktop-portal-1.20.3/tests/test-xdp-utils.c:23:9: danger: ‘f’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0) # 21| f = fmemopen(data, sizeof(data), "r"); # 22| # 23|-> res = snap_parse_cgroup (f, &is_snap); # 24| g_assert_cmpint (res, ==, 0); # 25| g_assert_true (is_snap); Error: GCC_ANALYZER_WARNING (CWE-401): [#def44] xdg-desktop-portal-1.20.3/tests/test-xdp-utils.c:52:9: warning[-Wanalyzer-malloc-leak]: leak of ‘f’ xdg-desktop-portal-1.20.3/tests/test-xdp-utils.c:50:7: acquire_memory: allocated here xdg-desktop-portal-1.20.3/tests/test-xdp-utils.c:52:9: throw: if ‘_xdp_app_info_snap_parse_cgroup_file’ throws an exception... xdg-desktop-portal-1.20.3/tests/test-xdp-utils.c:52:9: danger: ‘f’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0) # 50| f = fmemopen(data, sizeof(data), "r"); # 51| # 52|-> res = snap_parse_cgroup (f, &is_snap); # 53| g_assert_cmpint (res, ==, 0); # 54| g_assert_true (is_snap); Error: GCC_ANALYZER_WARNING (CWE-401): [#def45] xdg-desktop-portal-1.20.3/tests/test-xdp-utils.c:68:9: warning[-Wanalyzer-malloc-leak]: leak of ‘f’ xdg-desktop-portal-1.20.3/tests/test-xdp-utils.c:66:7: acquire_memory: allocated here xdg-desktop-portal-1.20.3/tests/test-xdp-utils.c:68:9: throw: if ‘_xdp_app_info_snap_parse_cgroup_file’ throws an exception... xdg-desktop-portal-1.20.3/tests/test-xdp-utils.c:68:9: danger: ‘f’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0) # 66| f = fmemopen(data, sizeof(data), "r"); # 67| # 68|-> res = snap_parse_cgroup (f, &is_snap); # 69| g_assert_cmpint (res, ==, 0); # 70| g_assert_true (is_snap); Error: GCC_ANALYZER_WARNING (CWE-401): [#def46] xdg-desktop-portal-1.20.3/tests/test-xdp-utils.c:98:9: warning[-Wanalyzer-malloc-leak]: leak of ‘f’ xdg-desktop-portal-1.20.3/tests/test-xdp-utils.c:96:7: acquire_memory: allocated here xdg-desktop-portal-1.20.3/tests/test-xdp-utils.c:98:9: throw: if ‘_xdp_app_info_snap_parse_cgroup_file’ throws an exception... xdg-desktop-portal-1.20.3/tests/test-xdp-utils.c:98:9: danger: ‘f’ leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0) # 96| f = fmemopen(data, sizeof(data), "r"); # 97| # 98|-> res = snap_parse_cgroup (f, &is_snap); # 99| g_assert_cmpint (res, ==, 0); # 100| g_assert_false (is_snap);
| analyzer-version-clippy | 1.92.0 |
| analyzer-version-cppcheck | 2.19.1 |
| analyzer-version-gcc | 16.0.0 |
| analyzer-version-gcc-analyzer | 16.0.0 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-190.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | xdg-desktop-portal-1.20.3-4.fc44 |
| store-results-to | /tmp/tmpu1l7dvy2/xdg-desktop-portal-1.20.3-4.fc44.tar.xz |
| time-created | 2026-01-08 22:07:24 |
| time-finished | 2026-01-08 22:10:12 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmpu1l7dvy2/xdg-desktop-portal-1.20.3-4.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpu1l7dvy2/xdg-desktop-portal-1.20.3-4.fc44.src.rpm' |
| tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |